All the latest UK technology news, reviews and analysis
|
|
|
11 Jan 2005
Security experts have intercepted two malicious Trojans hidden in video files that download and install spyware, diallers and computer viruses when played in Microsoft Windows Media player.
PandaLabs warned that Trj/WmvDownloader.A and Trj/WmvDownloader.B, are spreading through P2P networks hidden in video files. These Trojans take advantage of technology incorporated in Microsoft Windows Media player called Windows Media Digital Rights Management (DRM), designed to protect the intellectual property rights of multimedia content.
When a user tries to play a protected Windows media file, this technology demands a valid licence. If the license is not stored on the computer, the application will look for it on the internet, so that the user can acquire it directly or buy it. This technology is incorporated through the Windows XP Service Pack 2 + Windows Media Player 10 update.
The video files infected by these Trojans have a .wmv extension and are protected by licences, supposedly issued by the companies overpeer (for Trj/WmvDownloader.A), or protectedmedia (for Trj/WmvDownloader.B).
If the user runs a video file that is infected by one of these Trojans, the files pretend to download the corresponding licence. However, what they actually do is redirect the user to other internet addresses from which they download adware, spyware, diallers (applications that dial-up high rate toll numbers) and viruses, security experts at PandaLabs said.
Below are some examples of the malicious programs and viruses these Trojans download:
Adware/Funweb
Adware/MydailyHoroscope
Adware/MyWay
Adware/MyWebSearch
Adware/Nsupdate
Adware/PowerScan
Adware/Twain-Tech
Dialler Generic
Dialer.NO
Spyware.AdClicker
Spyware/BetterInet
Spyware/ISTbar
Trj/Downloader.GK
"Even though these Trojans have been detected in video files with extremely variable names which can be downloaded through P2P networks like KaZaA or eMule, bear in mind that they can also be distributed through other means, such as files attached to email messages, FTP or Internet downloads, floppy disks, CD-ROM, etc," PandaLabs warned.
For further information about Trj/WmvDownloader.A, Trj/WmvDownloader.B or the malicious programs and viruses these Trojans try to download, click here
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Assistant Director - Infrastructure - London - required...
A well established homeware brand is looking for an experienced...
Join a team that is revolutionising the way media is...
Linux Server Support Analyst - Bristol/Bath £20,000 plus...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?