Harry Potter Worm Invades Computers

tags: Harry Potter, computers

Those of you who love Harry Potter might be deceived into downloading a worm onto your computer via infected USB memory drives. If users plug these drives into their Windows PCs, they are liable to infect their machines with the appropriately named Hairy-A worm.

Infected USB drives contain a file named HarryPotter-TheDeathlyHallows.doc, a word document that displays the phrase "Harry Potter is dead", instead of the much-desired manuscript. While the unfortunate computer user is worriedly contemplating that disturbing message, the worm begins casting its evil spell over the computer behind the scenes. The worm quickly infects all removable drives associated with the computer and then creates new users that are familiar names to fans of the JK Rowling books: Harry Potter, Hermione Granger, and Ron Weasley.

After logging in, users of infected computers will be confronted with the following humorless message, which was no doubt written by a religious wingnut posing as a hacker. The message appears as a batch file:

read and repent
the end is near repent from your evil ways O Ye folks lest you burn in hell...JK Rowling especially

The worm also is thoughtful enough as to change the Internet Exploder home page of compromised computers to an Amazon.com web page that sells a parody of the teenage wizard series entitled Harry Putter and the Chamber of Cheesecakes.

The anti-virus firm, Sophos, noted that the malware was an "old school" virus that was intended to cause mischief and anxiety among Harry Potter fans, and to show off, rather than to earn illicit funds. Security experts advise users to disable the auto-run facility of Windows so removable devices such as USB keys and CD ROMs do not automatically launch when they are attached to a PC. Of course, removal media should be checked for more malware before use to prevent the increased use of USB devices and the like as a vector for malware distribution.

Cited story.