Mandragore Starting Trouble on P2P Networks
A new worm has begun spreading across the Gnutella network over the last few days, according to the Kaspersky Lab report. This file represents a pretty big danger, as its ability to disguise itself could make detection fairly difficult. Once the worm has infected the user's computer, it has the ability to intercept all search requests and copy itself with the corresponding name and ".exe" on the end.
The file, 8192K in size, then hides itself in the Windows start-up folder under the name GSPOT.exe and utilizes the system and hidden file attributes to remain undetected. While no serious payload is carried by the worm, it could still breed a new variety of virii to be spread in the same manner.
As for protection and detection, under no circumstances should you open .exe files 8192K in size. You can download protection from Kaspersky Labs if you are interested.
