With so much of the malware we see being variants, I was interested in the a new ‘A’ variant published today. W32/Pahatia-A it turned out that it was using the same type of techniques as I blogged yesterday, but I was interested in some of the names used for the infected executables, “Dibalas Dengan Dusta”, “Kau Pikir Kaulah Segalanya” and others, it turns out that these are titles of Indonesian pop songs. “Kau Pikir Kaulah Segalanya” translates literally into “You Think you All Of Them”, “Dibalas Dengan Dusta” translates to “Repaid with the Lie” sung by “Audy”. A female artiste, who appears to be currently signed to Sony.
The author of the malware is obviously a music critic, but the question remains, are they are a fan or not?