MP3



This hoax surfaced towards the end of October 1998 and seems to have become quite widespread.

Below is a copy of the hoax message. Note that the organization credited with discovering the virus does not exist.
    Virus Update: IWA Discovers Mpeg Audio Virus SANTA CLARA, Calif.,

    Virus security researchers at Internet Western Associates (Nasdaq: IWAS -
    news) today announced the discovery of the first successful multi-application
    media-file virus capable of infecting most media player software. Affected
    are Layer 3 audio compatible players, commonly called Mp3 players. The
    virus, called Bloat, has been discovered to imbed itself into the executable
    portion of every player in every condition tested so far, including Winamp,
    NAD, Jet Audio, and Unreal Player Max; running under Windows 3.x, 9x,
    and NT operating systems. Macintosh and Unix systems do not appear to be
    affected.


    'Bloat' spreads in a manner similar to the recent Word-Macro virus family.
    Virus code is conveyed and spread within *.mp3 audio files upon being
    opened by player software. The program inserts a single string of virus code
    immediately following the title/artist tag of an Mp3 file. Bloat only targets
    files having an MP3 or EXE extension. Similar audio formats such as VQF
    (Twin-VQ), WAV, Mp4 (under development), RA (Real Audio), and AAC
    (Advanced Audio Coding) cannot carry the virus.


    The new Layer-3 'Bloat' virus is the first working virus of its type found in
    the wild. Bloat does not cause data loss. As the name sugguests, its effect is
    the opposite; the virus causes extra nonsense data to be written to the hard
    disk during most writes. Files written to the hard disk will occupy as much as
    five times the amount of space they appear to be using, and should be using.
    As a result, free hard disk space grows smaller and smaller. Once the virus
    has spread to other programs in the system, affected users will experience
    difficulty opening, reading or modifying documents in most of their
    applications, as well as an increased overall sluggishness in system
    performance. Considerable storage space is also lost.


    Bloat uses the Mp3 audio files as carriers between players. Once the virus is
    read by a player, it is loaded into system memory, where it spreads back
    down into system applications. This successful travelling method was first
    documented by researchers at the Internet Western Associates AVERT
    (Anti-Virus Emergency Response Team) center in Braintree, MA.


    Detailed information on Bloat Layer 3 and detection/cleanup software will be
    available shortly. With headquarters in Tacoma, Washington., Internet
    Western Associates, Inc. is dedicated to providing leading enterprise
    network security and management solutions. McAfee Labs, the anti-virus
    research affiliate of IWA, currently employs more than 85 virus researchers
    and maintains labs on five continents worldwide. In addition to studying new
    and existing security threats, McAfee Labs serves as a global resource for
    virus information and provides rapid, follow-the-sun support for virus
    emergencies worldwide.


    SOURCE: Internet Western Associates, Inc.  

There is no such virus and of course this is a hoax.

Please ignore any messages regarding this supposed "virus" and do not pass on any messages regarding it. Passing on messages about this hoax serves only to further propagate it.



The contents of all pages [and other material] on our site are copyright Martin Overton 1997-2007, or other stated author. All rights are reserved.
Reproduction, transfer, distribution or storage of part, or all of the contents in any form without the prior written permission of Martin Overton or the Copyright owner is prohibited.