Avoiding Spyware and Virus Infected Files via P2P

Dennis Faas's picture

Infopackets Reader Rosalind H. writes:

" Dear Infopackets Team,

My teenager recently downloaded Limewire onto our computer. As I am very wary of shareware programs, I would like to know whatever you can tell me about this and similar popular programs. Is it safe? Thanks for your response. "

Doug's Response:

Limewire is a peer-to-peer ("P2P") application that permits the user to download files from a server community. The general usage is to download music files to be played on iPods (or other MPEG3 players) or computer systems. If misused by copying/downloading copyrighted material, it can cause a lot of expensive legal problems. On the other hand, there are quite a few bands that produce material specifically for free and legal downloading, so there is also plenty of music available.

Dennis's Response:

RE: Is P2P safe [for the health of my computer]?

Yes and no. It mostly depends on the knowledge of the person using the service and if they're savvy to the "tricks" of Spyware and viruses that *plague* P2P networks. If you're not, steer clear ;-)

How Spyware and Viruses can Infect You via P2P

It is very easy these days to infect your computer with a virus or Spyware by inadvertently downloading the wrong file. I say "inadvertently" because many of the filenames on P2P networks are crafted in such a way to encourage users to download and execute the files so that they can deliver their payload without the user ever being aware.

For example: a seemingly harmless MP3 music file may be named as ("new_music.mp3.exe"); however, if you take special note of the filename, it's actually an executable file (because it ends in .EXE) -- but not everyone will see that.

Since the file is executable, it can cause serious damage to your computer because Spyware and viruses can hide inside the file (which is why it's referred to as a "Trojan Horse"). I should also mention that not all .EXE files are dangerous; having said that: not all antivirus or antispyware programs will be able to determine if the file is infected. So, consider it a "crap shoot" with highly unfavorable odds when dealing with downloaded .EXE files via P2P ;-)

Tell-tale Signs of Infected Files on P2P Networks

Tell-tale signs of whether a file is legitimate or not is its file size, and it's file name (especially if it ends in .EXE).

Many of the virus/Spyware-infected files on P2P networks are between 50k and 500k in size size (too small for the average MP3 file). If you do a search for the current Top 10 songs on the radio (for lack of better example), you'll undoubtedly come across a few of these aforementioned files -- all having different file names, but the same file size. The same "rule" can apply to any file type: movie files, music files, application files, etc.

Once again: when you see something like that, steer clear of the file ;-)

For more information, refer to this previous Gazette article:

The Dangers of File Sharing Software

Rate this article: 
No votes yet