Consumers are being warned that they may get an ad instead of a music or video file on several file-sharing sites in what security firm McAfee says is the most significant malware outbreak in three years.
McAfee Avert Labs reported on Tuesday that more than 500,000 detections of a Trojan horse masquerading as a media file have been found on computers since Friday on services like Limewire and eDonkey.
Instead of playing an adult video, the Lion King in Portuguese, or the Girls Aloud theme from the St Trinnians soundtrack, for example, hundreds of rigged MP3 and MPEG files on the services trigger the download of an executable that serves ad to the infected computer.
Craig Schmugar, threat researcher at McAfee Avert Labs, explains in a blog entry that if people agree to download and run the executable they are asked to agree to a phony end user license agreement and some other useless software.
"In the end you're left with a fake MP3 file taking up space, a worthless MP3 player, adware that claims not only to not display popups, but also to block them, and more adware that successfully displays popup and popunder ads," Schmugar writes.
McAfee rates the threat "medium" risk, the highest rating given to any malware since 2005.