We're getting a revisit from tactics of yesterday with a new trojan that is making its rounds. The W32.Deletemusic trojan (what a clever name, that) will search a PCs media, including local hard drives and removable media like flash drives or USB drives, and will trash any mp3s
it finds. It simultaneously infects the media it encounters, promoting further destruction by attempting to infect other PCs the media is plugged into.
It makes no distinction between DRM or non-DRM'ed mp3s nor music that might be pirated versus music that might be legit:
Of course, these worms don't take into account the fact that many MP3 files may not be pirated at all—they could be legitimate downloads, ripped from CDs, or even recorded by users themselves. And while losing an entire music collection that you've dedicated so much time into ripping, labeling, and organizing can be devastating, there is no real payload for the worm's efforts.
Due to the tactics it employs, a statement from Sophos leads credence that the trojan is not the work of more sophisticated crime rings, but rather the work of someone just seeking to create mischief.
Of course, there's bound to be rumors of the trojan being sponsored by the RIAA, what with it specifically targeting music. Every once in a while we see a worm like this that targets specifics types of files, though as time goes on more and more malicious software is written with a financial goal in mind.
As far as protecting yourself, the worm only affects Windows (including Vista), and disabling the autorun function will help prevent it from spreading should infected media be plugged into your machine.