Heart Embraces File Sharing

Have record companies suddenly changed their minds about file sharing?

A press release from file sharing software company RazorPop and record label Sovereign Artists yesterday trumpeted the release of Heart’s New CD “Jupiter’s Darling” over the TrustyFiles P2P file sharing network as the “first time a major artist has ever released music from a CD to file sharers”.

The release quotes RazorPop CEO Marc Freedman as saying: “When a legendary band like Heart embraces file sharing, you know it’s become mainstream. Don’t be misled by the entertainment terror campaigns designed to instill fear and stunt innovation. The real focus should be on the artists and making music. A wide majority of musicians support P2P file sharing. There’s been an explosion in its use by independent artists.”

So does it mean that big artists and major labels are just going to throw their music out to the unpaying, unwashed masses? Er, no. The press release says the “files are in Windows Media Player format and can be played on most major media player software and portable music player devices.” So far, so good. But while the files look like they’re in the WM format, they are actually what are called Weed files, which as the press release explains, “provide 5 free Heart songs for new users”. So what does that mean, exactly?

A press release from WeedFiles last month explains what actually happens. While Weed files can be freely shared, each user is given three free plays, and then invited to buy the file. If they do, they can then freely share that file with others, each of whom are given three more plays. If they then buy the song, the original buyer will get a 20% commission.

Actually, this is a good idea and it deserves a try. Not least, the original artist makes 50% from the sale of each song, which is a significant step up for most artists. And it turns out that other networks are also releasing the Heart material at the same time, according to p2pnet. It’s just a shame that the original press release is misleading.

 

Phishing and Keylogging – The Missing Link?

Here’s evidence that ‘phishing’ – the art of conning users into handing over banking and other passwords by fake, but convincing-looking emails and website — may have branched out into viruses and worms.

Symantec, McAfee and Sophos have published details of a new virus/trojan called Stawin (also known, because the anti virus people don’t seem to be able to standardise these things, as Keylog-Stawin, Troj/Stawin-or Keylogger.Stawin) which appears to have originated in Russia, and which, once installed, will sniff for any banking transactions from about 30 banks or online payment systems in the U.S., Australia and Canada, and will capture passwords and whatnot which it will then email, from time to time, to the hacker.

It does this via an email attachment with, usually, the title ‘I still love you’ — something that’s always nice to hear. If the email attachment — message.zip — is opened a small piece of software called a keylogger will install itself and look for the user opening a window with text in its title that matches any of about 60 different words, ranging from Westpac to Hyperwallet. The keylogger will record anything the user types into that window, store it, and occasionally email it to someone — apparently in Russia, since the email address is govnodav2004@mail.ru. (You won’t see this happening because the email is not sent via an email program but an inbuilt SMTP engine.)

The bad news: You don’t actually need to get the email version of this to be infected. Variants of the trojan could be received just be viewing a certain webpage, on an instant messaging chat network, or on a file sharing network.

Now we already knew, thanks to the work of folk like Daniel McNamara of Code Fish, that some phishing scam emails appeared to be trying to load keylogger trojans. But this seems to be the first industrial-strength one that targets a wide range of banks and online institutions. Says Daniel, who pointed it out to me: “This is certainly the first key logger one I’ve seen go to such lengths, particulary since it targets a wide range of English-speaking banks/financial institutions.” Most previous keyloggers, he says, tend to focus on one or two banks, usually from Asia or South America.

So is this proof that Russians are behind the bigger phishing scams? Or is this all just a ruse? That email address appears to be Russian, and not just because of the server.  Nick FitzGerald of Computer Virus Consulting says in a posting at SecurityFocus that he is informed by a Russian colleague that the email address is “rather crude if transliterated back into Cyrillic”.