A security hole has been discovered in one of the world's most popular file-swapping programs which allows anyone to gain private information about its millions of users.
Security experts have found a way to gain access to the computer hard drives of users of Morpheus, which has taken over from Napster as the leading internet song-swapping service.
It means that the personal details, such as bank account numbers and internet cookies, of up to two million people are exposed to prying eyes.
Using the Morpheus file-sharing program, people can swap music, videos or movies with other users of the software.
Users 'vulnerable'
Security experts have been investigating this problem since coming across it on Friday.
Using the Morpheus program, they found a way of getting a random list of people using the service.
They could then obtain details of the content of a user's hard drive and make copies of any file.
"We're not sure what it is that makes some Morpheus members vulnerable to this," said one, who asked to remain anonymous.
"Potentially this could make every user's computer available to anyone who wants to have a look at it.
"All we know is that there's a major gap that's allowing certain users to become vulnerable."
The group contacted BBC News Online out of concern about the privacy implications of the security hole.
"It's definitely an accident from Morpheus' side, probably a worm. This is very dangerous."
Napster was shut down by an American court last July for breaching music copyright.
Morpheus is at present legal because there is no server storing the digital files.
Music fans swapping MP3 files are put in direct contact with each other.
The Recording Industry Association of America, which spearheaded the fight against Napster, is reportedly looking at ways it can tackle these new methods of file-sharing.
A security hole has been discovered in one of the world's most popular file-swapping programs which allows anyone to gain private information about its millions of users.
Security experts have found a way to gain access to the computer hard drives of users of Morpheus, which has taken over from Napster as the leading internet song-swapping service.
It means that the personal details, such as bank account numbers and internet cookies, of up to two million people are exposed to prying eyes.
Using the Morpheus file-sharing program, people can swap music, videos or movies with other users of the software.
Users 'vulnerable'
Security experts have been investigating this problem since coming across it on Friday.
Using the Morpheus program, they found a way of getting a random list of people using the service.
They could then obtain details of the content of a user's hard drive and make copies of any file.
"We're not sure what it is that makes some Morpheus members vulnerable to this," said one, who asked to remain anonymous.
"Potentially this could make every user's computer available to anyone who wants to have a look at it.
"All we know is that there's a major gap that's allowing certain users to become vulnerable."
The group contacted BBC News Online out of concern about the privacy implications of the security hole.
"It's definitely an accident from Morpheus' side, probably a worm. This is very dangerous."
Napster was shut down by an American court last July for breaching music copyright.
Morpheus is at present legal because there is no server storing the digital files.
Music fans swapping MP3 files are put in direct contact with each other.
The Recording Industry Association of America, which spearheaded the fight against Napster, is reportedly looking at ways it can tackle these new methods of file-sharing.