Polip Worm Creeps Through P2P Networks

By | May 5, 2006

Experts at MicroWorld Technologies inform that ‘Win32.Polip.A’ is a polymorphic P2P Worm that infects Portable Executable(PE) files like ‘.scr’ and ‘.exe’, while spreading via P2P networks and File Sharing applications. Inside the infected PC, Polip.A hides its presence by cleverly inserting itself into running processes which makes it hard to detect and remove, for many AntiVirus solutions. Its encryption and stealth features make matters worse.

“We are trying to ascertain the destruction caused by this Worm. From what we see so far, Polip deletes .avi, .dat, .ms and .vps files from the directory it resides in. It also attempts to connect to the ‘Gnutella network’ even if the Gnutella software is not installed in the computer,” says Sulabh Mahant, Security Analyst, MicroWorld Technologies.

Significant infections of this worm are only found in Europe so far, but the universal nature of file sharing networks may cause wider proliferation of Polip. Besides, many users who are infected may remain unaware of this worm due its hiding capabilities.

P2P worms can be extremely dangerous for Data Security and Information Integrity. The most notorious of this breed in the recent past was the Antinny worm, which created data havoc in Japan by infecting the popular Japanese P2P application ‘Winny’. Many top-secret military information, business documents of hundreds of corporate firms, personal and confidential data related to thousands of patients and classified information of Yahoo shopping mall were all floating on the Internet, thanks to Antinny!

“P2P applications are wonderful resources of information at your fingertips,” says Govind Rammurthy, CEO, MicroWorld Technologies. “However, what you may not know is, while searching in this resource you are accessing someone else’s computer. And in return, anyone -good, bad and ugly- will be entering your computer too!”

P2P worms can be effectively prevented by monitoring every file movement in and out of your computer. MicroWorld solutions eScan and MailScan are the world’s best AntiVirus and Content Security solutions that perform Real-Time threat scanning at the Socket Layer of connectivity, with the help of patent pending MWL technology. Leveraging the fastest detection rate and intelligent Behavioral Analysis, MicroWorld solutions provide comprehensive security for Personal Computers and office Workstations.

Leave a Reply