This hoax surfaced towards the end of October 1998 and seems to have become quite widespread.
Below is a copy of the hoax message. Note that the organization credited with discovering the virus does not exist.
Virus Update: IWA Discovers Mpeg Audio Virus SANTA CLARA, Calif.,
Virus security researchers at Internet Western Associates (Nasdaq: IWAS -
news) today announced the discovery of the first successful multi-application
media-file virus capable of infecting most media player software. Affected
are Layer 3 audio compatible players, commonly called Mp3 players. The
virus, called Bloat, has been discovered to imbed itself into the executable
portion of every player in every condition tested so far, including Winamp,
NAD, Jet Audio, and Unreal Player Max; running under Windows 3.x, 9x,
and NT operating systems. Macintosh and Unix systems do not appear to be
affected.
'Bloat' spreads in a manner similar to the recent Word-Macro virus family.
Virus code is conveyed and spread within *.mp3 audio files upon being
opened by player software. The program inserts a single string of virus code
immediately following the title/artist tag of an Mp3 file. Bloat only targets
files having an MP3 or EXE extension. Similar audio formats such as VQF
(Twin-VQ), WAV, Mp4 (under development), RA (Real Audio), and AAC
(Advanced Audio Coding) cannot carry the virus.
The new Layer-3 'Bloat' virus is the first working virus of its type found in
the wild. Bloat does not cause data loss. As the name sugguests, its effect is
the opposite; the virus causes extra nonsense data to be written to the hard
disk during most writes. Files written to the hard disk will occupy as much as
five times the amount of space they appear to be using, and should be using.
As a result, free hard disk space grows smaller and smaller. Once the virus
has spread to other programs in the system, affected users will experience
difficulty opening, reading or modifying documents in most of their
applications, as well as an increased overall sluggishness in system
performance. Considerable storage space is also lost.
Bloat uses the Mp3 audio files as carriers between players. Once the virus is
read by a player, it is loaded into system memory, where it spreads back
down into system applications. This successful travelling method was first
documented by researchers at the Internet Western Associates AVERT
(Anti-Virus Emergency Response Team) center in Braintree, MA.
Detailed information on Bloat Layer 3 and detection/cleanup software will be
available shortly. With headquarters in Tacoma, Washington., Internet
Western Associates, Inc. is dedicated to providing leading enterprise
network security and management solutions. McAfee Labs, the anti-virus
research affiliate of IWA, currently employs more than 85 virus researchers
and maintains labs on five continents worldwide. In addition to studying new
and existing security threats, McAfee Labs serves as a global resource for
virus information and provides rapid, follow-the-sun support for virus
emergencies worldwide.
SOURCE: Internet Western Associates, Inc.
There is no such virus and of course this is a hoax.
Please ignore any messages regarding this supposed "virus" and do not pass on any messages regarding it. Passing on messages about this hoax serves only to further propagate it. |