CNET también está disponible en español.

Ir a español

Don't show this again


Harry Potter and the worm of doom

References to the bespectacled wizard, who takes over movie theaters this week, help the Netsky virus stage a comeback, particularly among younger, less security-wise Potter fans.

A leading antivirus company warned Thursday that the Netsky worm was making a comeback on the coattails of fictional wizard Harry Potter.

British software and services company Sophos reported that infections by the three-month-old "P" variant of Netsky have risen dramatically over the past week, thanks to the worm's ability to disguise itself as a Harry Potter game or book. The heavily promoted movie "Harry Potter and the Prisoner of Azkaban" opened earlier this week in Britain and premiers Friday in North America.

"Netsky-P targets young computer users by sometimes posing as content connected with the Harry Potter books and movie franchise," Graham Cluley, senior technology consultant at Sophos, said in a statement. "Parents need to educate their children against the threats of viruses, to ensure the popularity of Potter doesn't cast a nasty spell on their computer systems."

The original Netsky worm started spreading in February and quickly spawned more flavors than a Bertie Bott's Every Flavor Beans package.

The P variant has been particularly successful, though, thanks to engineering that disguises the worm's payload as one of dozens of potentially tempting files, from Harry Potter content to X-rated photos of Britney Spears.

Such spoofing is a popular "social engineering" technique to get recipients to open malicious files. Previous pests have disguised themselves as naked photos of actress Jennifer Lopez, match-making software and a memo from the recipient's IT administrator.

Like most Netsky versions, the P variant , making it a potential threat to services such as Kazaa.

The Harry Potter connection helped Netsky-P, which emerged in March, stage a comeback tour this week. Antivirus firm Trend Micro listed it as the most common piece of malware--malicious software--over the past seven days, with more than 45,000 infections detected by the company.