1. /
  2. Security Response/
  3. W32.SillyP2P

W32.SillyP2P

Risk Level 1: Very Low

Discovered:
December 8, 2003
Updated:
April 30, 2010 5:19:41 PM
Type:
Worm
Infection Length:
Varies
Systems Affected:
Windows 2000, Windows 7, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP
W32.SillyP2P is a detection name used by Symantec that detects variants of the W32.Silly family of worms that spread through peer-to-peer (P2P) file-sharing networks.

Peer-to-peer (P2P) applications and their user base began to grow rapidly amongst the Internet community in late 1990's as file-sharing became hugely popular. Downloading shared files was not only fast, it was free and files are freely shared amongst the network users. Several well-known P2P networks that are used to actively share files included the following:
  • BearShare
  • eDonkey2000
  • EMule
  • Gnutella
  • Kazaa
  • LimeWire

The scale of peer-to-peer network usage and copyright infringement diminished somewhat with the onset of several legal battles in the United States. Copyright infringement decisions soon influenced the way many users acquired music, videos and games files online. While file sharing in itself is not illegal, sharing specific types of files may be considered illegal depending on the current laws and the jurisdiction in which the user resides.

File-sharing was and still is definitely a "buyer" beware proposition given the legal implications of downloading potentially copyright materials. Aside from the legal issues, malware is often masqueraded as sought after files available for download within such networks adding another level of risk to the seemingly harmless act of file sharing.

These worms primarily use the P2P networks to spread. They do this by copying themselves into the shared folders of well known P2P applications. There they wait until a remote user requests a given file and then the worm file is offered for download.

Antivirus Protection Dates

  • Initial Rapid Release version December 8, 2003
  • Latest Rapid Release version June 24, 2014 revision 006
  • Initial Daily Certified version December 8, 2003
  • Latest Daily Certified version July 28, 2013 revision 020
  • Initial Weekly Certified release date December 10, 2003
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy

Damage

  • Damage Level: Low
  • Releases Confidential Info: May steal confidential information from the compromised computer.
  • Degrades Performance: Network traffic may degrade performance.

Distribution

  • Distribution Level: Low
  • Target of Infection: P2P networks.
Writeup By: Angela Thigpen

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report, Volume 17
Symantec DeepSight Screensaver