X

The eagerly anticipated final Harry Potter novel seems to have hackers working overtime, with security software company Sophos warning of a new computer worm exploiting global Potter-mania and claiming Harry is dead.

According to Sophos, the W32/Hairy-A worm spreads by copying itself onto USB memory sticks, posing as a copy of the eagerly-anticipated novel “Harry Potter and the Deathly Hallows”.


Click to enlarge
Windows users who allow affected flash drives to ‘autorun’ are automatically infected by the worm when it is attached to their PC. A file called “HarryPotter-TheDeathlyHallows.doc” can be found in the root directory of infected USB drives. Inside the Word document file is the simple phrase “Harry Potter is dead.”

After infecting Windows computers, the worm creates a number of new users for the PC named after characters in the Potter series. After logging in, users are shown the following message via a batch file:
read and repent
the end is near
repent from your evil ways O Ye folks
lest you burn in hell…JK Rowling especially


Click to enlarge

In addition, infected users open Internet Explorer they will find their start page has been redirected to an Amazon.com web page selling a spoof book entitled “Harry Putter and the Chamber of Cheesecakes”.

“Much of the world is waiting with bated breath for the final Harry Potter novel, and the premiere of the new movie is looming too. There is a real danger that muggles will blindly allow their USB flash drives to auto-run and become infected by this worm. Using such social engineering at this time is a trick dastardly enough for Lord Voldemort himself,”said Sophos Senior Technology Consultant Graham Cluley.

“Seriously, the fact that this worm has been inspired by the tales of a fictional schoolboy wizard doesn’t make it a harmless prank. A worm like this which infects and tampers with users’ computers without their permission is committing a criminal act. Someone needs to get a little more sunshine in their diet and put their energies into a more positive pursuit than writing malicious code like this,” he added.

The warning follows another alleged hack reported earlier this week on www.insecure.org claiming to have penetrated Harry Potter’s publisher to retrieve a manuscript of the yet-to-be-released novel. Interestingly, this alleged hack had a religious theme too, with the hacker in question citing religious reasons for doing the hack.

See: www.sophos.com.au/security/blog/2007/06/297.html

Wave 728x90px Harry Potter Worm Claims Harry Is Dead
728x90 Harry Potter Worm Claims Harry Is Dead
%name Harry Potter Worm Claims Harry Is Dead
728x90 Harry Potter Worm Claims Harry Is Dead
728x90 1 Harry Potter Worm Claims Harry Is Dead
BW Trade In 728x90 1 Harry Potter Worm Claims Harry Is Dead
Incase LeaderBoard 728x90 Harry Potter Worm Claims Harry Is Dead
2231 NEXUS 4SQM Digital Banner Ads Leaderboard 728x90 Harry Potter Worm Claims Harry Is Dead
LB 728x90 Harry Potter Worm Claims Harry Is Dead
BEL2117 4Square AUF001 728x90 Harry Potter Worm Claims Harry Is Dead


YOU MAY ALSO LIKE