Slashdot Mirror


RIAA/MPAA Contractor Deploys Malicious Adware Trojans

RichardX writes "Overpeer, the organization responsible for seeding many peer to peer networks with damaged, corrupt and fake files has now found a way of hiding spyware and adware inside Windows Media files by using a DRM loophole and is using this technique to further pollute p2p networks." Several readers sent in a PCworld article on the same subject.

34 of 883 comments (clear)

  1. I Wonder... by jpatters · · Score: 5, Insightful

    Isn't that blatently illegal?

    --
    "Remember, there never were pineapple-almond cookies here."
    1. Re:I Wonder... by zakezuke · · Score: 5, Insightful

      Yes, it is. Except to file complaint you have to admit you were trying to download a "pirated audio file".

      Neither the RIAA nor MPAA would release any file unless they had permission to do so. It wouldn't be "copyright infringement" if they are granted the right to give you a copy.

      --
      There is no sanctuary. There is no sanctuary. SHUT UP! There is no shut up. There is no shut up.
    2. Re:I Wonder... by madmancarman · · Score: 3, Insightful
      Then try to press charges against your drug dealer.

      Except in this case, the drug dealer is actually being paid by a corporation to distribute a substance that is normally just illegal but is now knowingly harmful (outside of the drug's regular effects). Isn't the corporation, who is sponsoring this harmful activity, legally culpable?

      --
      First they ignore you, then they laugh at you, then they fight you, then you win. -- Gandhi
    3. Re:I Wonder... by Daniel+Dvorkin · · Score: 4, Insightful

      You know, I've often thought that since "corporations are people" seems to be an established principle (under US law) we should start applying the same punishments to corporations we do to people, and I'll bet we'd see a lot less corporate crime. If a corporation commits an act that would net an individual five years in prison, then that corporation has to shut down for five years.

      Obvious objections, with answers:

      1. "But that would be a death sentence for the company!" Yeah, and a prison sentence, of any length, is a death sentence for a lot of people -- getting stabbed in a fight, getting raped and infected with AIDS, etc. Doesn't stop us from sending people to prison, even those we know are likely to suffer such consequences.

      2. "But what about all the workers who depend on the company for their paychecks? We shouldn't make them suffer!" We send people to prison who are the sole source of support for their families, and those families often suffer terribly. "Corporate imprisonment" would be harsh, deliberately so, and in the long run, the improvements in corporate behavior it would force would benefit everyone -- including workers, whose employers would be more likely to behave ethically if there were real consequences for not doing so.

      --
      The correlation between ignorance of statistics and using "correlation is not causation" as an argument is close to 1.
    4. Re:I Wonder... by Breakfast+Pants · · Score: 4, Insightful

      This isn't entrapment or a sting. If a copyright holder or an agent acting on their behalf gets on to a peer to peer network and offers up copyrighted content and you download it, it's yours. Legally they can do nothing, they owned the rights to it and they offered it up and you took it. Thats why ALL the RIAA suits against traders were against uploaders. If you disable uploading you'll kill the networks (you won't kill emule/bittorrent but you won't get much benefit from them either) but you'll be protected from suits. IANAL.

      Anyway, I was saying, this isn't entrapment or a sting. What this is is a malicious attack on a user's machine. A rights holder is offering up a file that it owns the rights to and the user is taking them up on it; the fact that they don't know it's a rights holder is irrelevant. Then, included in this they are using exploits and loopholes to install unwanted software on a user's machine designed to hurt the user's experience with their computer. Spyware that doesn't tell the user it's being installed and give them a license agreement and the option to disagree and not install is illegal just like computer viruses are illegal, infact there is no differentiating factor between this and a virus.

      --

      --

      WHO ATE MY BREAKFAST PANTS?
    5. Re:I Wonder... by fontkick · · Score: 4, Insightful

      The problem with this is that evil companies or fly-by-night outfits are in a perpetual cycle of startup->profit->shutdown anyway. Forcing them to shut down means they just start another company somewhere else. Good companies like Toyota, for example, aren't going to do anything illegal anyway since they are too busy improving their products. So this simply forces good companies to spend that much more money on lawyers making sure they can't be found guilty of anything even remotely bad.

      Also consider that for every law written, someone figures out how to get around it. In this case, companies could simply set up chains of companies ready to fly as soon as the Feds force a shutdown. They could even structure it so that assets are held by a separate company that is not legally tied to the "Evil, L.L.C.". As soon as "Evil, LLC" is shut down, "Evil2, L.L.C." starts up and assets are in the possession of the 3rd company ("Untouchable, Inc.") the entire time.

  2. If they can do it... by hoggoth · · Score: 4, Insightful

    If they can do it, so can any hacker/cracker/virus writer. That's a good enough reason to never touch DRM inflicted Microsoft media files.

    --
    - For the complete works of Shakespeare: cat /dev/random (may take some time)
    1. Re:If they can do it... by aminorex · · Score: 4, Insightful

      Law of unintended consequences: .wma/.wmv are dead
      as a format. Windows Media Player? Stick a fork
      in it, it's done.

      --
      -I like my women like I like my tea: green-
    2. Re:If they can do it... by antiMStroll · · Score: 5, Insightful
      "I think it's ironic that MS originally put these capabilities in so the media companies ...

      Bing! You nailed it right there. Microsoft made an obvious policy decision long ago to shift developnment focus from end users to corporations, hence the ease with which 'bad' corporate users abuse the OS at the end user's expense.

  3. I wonder.. by slashkitty · · Score: 5, Insightful

    why people trust wmv files when this can happen. Combine it with some ie security holes and you got a real problem. It'd be pretty easy to create a p2p wmv worm that infects the entire network.. no?

    --
    -- these are only opinions and they might not be mine.
  4. wmf? Probably misguided on their part by 93,000 · · Score: 5, Insightful

    It seems anyone the least bit concerned about DRM/sharing/etc wouldn't be using windows media anyway.

  5. Too bad it won't work... by justkarl · · Score: 5, Insightful

    One more reason not to use Windows Media. How many do you need?

  6. Ah Microsoft by riceboy50 · · Score: 5, Insightful

    Now your DRM can be used a weapon against you, how do you feel about that?

    --
    ~ I am logged on, therefore I am.
  7. Re:So how.. by JPriest · · Score: 5, Insightful

    With tactics like this I hope they don't wonder why people don't feel sorry for them.

    --
    Saying Java is nice because it works on all OS's is like saying that anal sex is nice because it works on all genders.
  8. The problem by Dachannien · · Score: 4, Insightful

    The problem is that the only people with standing to make a legal complaint about this practice (i.e., sue them) are people who have downloaded the files and had damages caused to them from the spyware being installed.

    However, at the same time, said people are admitting in court that they downloaded (or attempted to download) media for which they didn't hold the copyright.

    One possible way around this is if someone already has purchased the CD/DVD and wanted to download a copy so they could archive the original (because they have CD/DVD hardware that couldn't rip the original to disk). Of course, this idea has not been tested in court, and would probably be a protracted and expensive battle to fight.

  9. Re:So how.. by Fallen_Knight · · Score: 5, Insightful

    The poeple who should be getting pissed about this is MS, i dont' think they will like it when WMA becomes like IE, known for giving you adware and viruses when used.

  10. Pirated? by Kickasso · · Score: 4, Insightful

    A copyright holder's agent (RIAA) offered it for download. Perfectly legit I would say.

  11. Re:Virus?? by eln · · Score: 5, Insightful

    A failed business model is one that fails to generate a profit. If no one paid for CDs at their current price, but everyone downloaded them, that would not mean people are "too cheap," it just means that the demand for CDs only exists at a lower price point than the supplier is trying to sell them at. If the prices are lowered, sales would increase.

    Of course, if there is an easy way to get a product free, people are unlikely to demand it at any price other than free, and so the business will fail unless it can either stop the free distribution of its products, or start selling products that are more difficult to distribute for free.

    Under these criteria, the model of selling content that is easily obtainable for free IS destined to fail, whether demand exists or not, since the demand exists at a price point (free) that is by definition unable to generate profits. This is why these organizations are so afraid of filesharing. They can't figure out a way to maintain their current business model, and they haven't figured out a viable alternative business model, in the presence of filesharing.

  12. So if a hacker sets a virus loose, it's bad... by Peterus7 · · Score: 4, Insightful
    But if the MPAA does, it's okay.

    However, they do have all right to do this in some respects. They are putting up crap on a P2P network, just like any other idiot. Still, what gets to me is the system in general. When a lone hacker writes a virus, he gets jail time. When a corporation writes a virus...

    But then, what should P2P users do? If they're so serious about P2P, they'll either take the risk or find a new way of sharing files that finds the trojans and whatnot.

    Although really, I'm suprised the government isn't stepping in right abou... Wait, nevermind.

  13. This is great! by AtariDatacenter · · Score: 5, Insightful

    No, really. It's like peeing in your own pool. You need DRM in order to sell music to people and to "control the rights". But at the same time, they're using DRM to attack people who are outside the system. So it kind of makes you feel unsafe about using DRM in the first place. Life is better outside of the DRM system.

    BTW, I remembered the option for something like "automatically download rights management software" when installating Windows Media Player, what, 10 is it now? I hesitantly clicked yes. Now that I've done so, I can't find an option inside of the program to say no. Odd.

  14. So Scary! by jonathonjones · · Score: 4, Insightful

    What many of you seem to fail to realize is that the purpose of this has nothing to do with actually damaging computers. Rather, what the recording industry is trying to do is stop people from using P2P. And they do this through fear. That's why they do the suing (your chances of getting sued are minimal, but plenty of people get scared and stop downloading). Now, plenty of morons (for who else would this tactic work on?) will hear that downloading music can give you viruses and adware - rumors will fly wildly.

    At least, that's their hope. We'll see whether it works.

  15. Mod parent up by TheSpoom · · Score: 3, Insightful

    That's correct, isn't it? The RIAA is *publishing* their works on a P2P service. I bet a valid argument could be made in court there.

    --
    It's better to vote for what you want and not get it than to vote for what you don't want and get it.
    - E. Debs
  16. Re:So how.. by Kierthos · · Score: 5, Insightful

    No kidding. I mean, for one thing, by the time the movie is in the theater, the painters and the stuntmen had best already have been paid. For another thing, with all the piracy that's been going on, if it was hurting the business so much that they couldn't pay the painters and the stuntmen, then there wouldn't be movies opening every week.

    And yet, checking the local theater listings....

    Yeah, piracy is bad. Not BAD, in all caps. Not Bad, with a capital B. But bad. But what the RIAA and MPAA are doing here is worse. It's sleazy, underhanded crap, and if a private citizen did shit like this, the hammer of the judicial system would get dropped on them in a heartbeat.

    Kierthos

    --
    Mr. Hu is not a ninja.
  17. Terrorism by mikiN · · Score: 5, Insightful

    n.

    The unlawful use or threatened use of force or violence by a person or an organized group against people or property with the intention of intimidating or coercing societies or governments, often for ideological or political reasons.

    How is what the **AA are doing (hacking into music downloaders' computers and installing malware to further their cause against piracy) any different?
    If this is the way they think they must do business, lets give 'em h*ll!

    --
    The Hacker's Guide To The Kernel: Don't panic()!
    1. Re:Terrorism by Unordained · · Score: 3, Insightful

      Reminder: at the time this definition came out (wasn't it part of the PATRIOT act?), it was much discussed for its failure to adequately describe terrorism. The definition above also describes rebellion, civil war, wars of independence, etc. By the definition above, the US was created through a reprehensible act of terrorism. (Wars aren't intended to kill everyone -- they're intended to make the other side back down/roll over; it's intimidation.) It's a choice you have to make, but I think we should work on our definition of terrorism.

      The primary purpose of this move is not to hurt downloaders, as others have suggested. The intent is to further pollute the p2p networks and scare users away; if you might get something nasty installed on your computer by downloading music (most people wouldn't understand what could and could not infect their computer) then you might decide not to risk it at all, and just give up and become a good citizen. Yes, it's a fear tactic. In fact, they might be willing to be sued by the few people who actually get infected and complain, if it means they can scare away an order of magnitude more people from downloading anything. Most people won't get infected, and won't complain, and might also stop downloading. It's a calculated risk.

  18. Re:Virus?? by madmancarman · · Score: 4, Insightful
    The "average user," and especially the media, is already convinced that p2p is synonymous with illegal activity, so this is unlikely to raise much of an uproar outside of the geek and college student communities.

    The media may be convinced that p2p is synonmous with illegal activity, but they love scaring viewers by "exposing" crimes that may be happening in your neighborhood! Right next door!

    However, the "average user" is much more concerned with their pocketbook than with nebulous notions such as "intellectual property" and "digital rights management". When I bring up the subject to family members, friends and students, their eyes just sort of glaze over. I honestly don't think the average person gives a shit about copyright. The only people who care are those who make money by creating copyrighted works, and those who market/produce/protect those works.

    At the high school where I teach and do tech support, the first RIAA lawsuits a few years ago sent a number of students and teachers scurrying to me to see if they might be in trouble for downloading music. My two favorites were the stoner kid who didn't realize he was sharing 4000+ songs on Kazaa, and the evangelical principal who subscribed to Roadrunner for the sole purpose of downloading Christian music (illegally).

    The RIAA/MPAA fight is not one that they can ultimately win, because the rules have changed with the ease of copying. They should really look to the model that Scott Kurtz of PVP and Epitonic - give the content away as a means of promotion, then make your money selling related items such as t-shirts, books, concerts, etc. Sure, books and videos can also be pirated, but until they're as easily accessible as music is via an iPod or something similar, there's still money to be made. Hell, most bands make their money on tour from t-shirt sales.

    Anyway, don't think for a second that the "average user" thinks p2p is "wrong" - most users I've encountered are just annoyed that it isn't easier to find things.

    --
    First they ignore you, then they laugh at you, then they fight you, then you win. -- Gandhi
  19. Re:Illegal? When large unsuable corps are involved by ivan256 · · Score: 4, Insightful

    The problem is that the difference between a trojan and legit adware is that legit adware is backed by a company that can sue an anti-virus company. The two can be identical in every other way.

  20. Er, anyone have proof/confirmation? by moyix · · Score: 4, Insightful

    The one thing that I find strange about this story is that try as I may, I can't seem to find any information from the "usual" security sources about exactly how this works--as far as I can recall, bugtraq and full-disclosure haven't touched these. Moreover, the only articles about this are the p2pnet one and the PC World one--and the former appears to be derived from the latter.

    Both articles are also oddly vague--"security experts" are mentioned, but no specific names dropped, and there are no technical details given at all.

    Can anyone provide independent confirmation of this? In particular, if you have details of how one can embed executable code in a wma or provide a sample of such code, please send them my way via brendandg [at] colby.tjs.org

  21. Porch stereo by Anonymous Coward · · Score: 5, Insightful

    Actually i think it's a great idea. We've had problems with break-ins in our neighborhood. Been hit twice the past two years, and nearly every neighbor has been hit too. Police dept says they can't do much about it.

    So how about we set a stereo system out on the front porch and shoot the thief when he sets foot on our property? Like hell they're gonna steal my music!

    When recording industries become vigilantes and the justice dept looks the other way, it certainly makes it acceptable for the rest of us. Road rage justice (I just DARE you to cut me off), merchants hanging shoplifters, etc. all is acceptable now. Even more interesting is that the punished party may not necessarily be the owner of the affected PC. Imagine Best Buy rent-a-cops torching your apartment building because they're getting even with you for shoplifting some CDs. So what if the building is owned by someone else? If the RIAA can torch anyone's PC if it has an infected file, it legitimizes any business coming after any property associated with any crime.

    Quite a monster you've created, Justice.

  22. Re:So how.. by Detritus · · Score: 5, Insightful

    An ad paid for by the same movie companies that put the painter and stuntman out of work by producing as many movies as possible outside the United States. They don't shoot movies in Toronto because of its wonderful year-round climate.

    --
    Mea navis aericumbens anguillis abundat
  23. Dear MPAA: by kiddailey · · Score: 5, Insightful

    <sarcasm mode>
    Dear MPAA:

    Please let me take a moment and thank you for the immensely enjoyable evening my girlfriend and I had last night while going to see "Lemony Snicket's A Series of Unfortunate Events." Amusingly enough, our night out was far from unfortunate! In fact, it was so wonderful that I thought I'd write to you about our experience.

    The theater parking lot was packed full and we drove around for a good 5 minutes looking for a spot so we had time to enjoy playing a game of "find license plates from every state in the U.S."

    I had brought $30, but the movie tickets were only $18.00 for the two of us, and only $8.00 for the slightly stale, oversized small popcorn and bottled water for us to share. I saved a whole $4.00, which was more than enough to pay the expressway tolls on the way home!

    We got to the theater early enough to enjoy 10 minutes of pre-show slides that told us all about our local businesses and special offers they were having just for us. And after that, we got to see another 10 minutes of commercials that we had never seen before. Imagine our surprise when our luck hadn't ran out and we got to see 10 more minutes of new movies that we'll get to see in the coming months!

    The excitement and anticipation for the movie to start was almost unbearable when it finally did! The movie was definitely had some unique aspects and we really loved the credits at the end of the film -- which was very fortunate indeed as it gave us a moment to stretch our backs which were a little sore.

    Oh, I almost forgot to mention that people were much better behaved than usual too. There were only a few people that constantly coughed during the movie and only a few more that talked on their cellphones or just talked about the movie to their neighbors almost quietly enough so as not to hear. One individual was actually entertaining during the pre-show as he walked down the isle staring back at people and sternly yelling "What?!" to everyone that made eye contact.

    Thank you again for providing such quality entertainment that rounded out a wonderful evening.

    Sincerely,
    A happy movie-goer
    </sarcasm mode>

    As sad as it is, all that really happened...

    You don't have to be even mildly coherent to understand why people are downloading/trading movies.
  24. Re:So how.. by AnalogDiehard · · Score: 4, Insightful

    Especially since M$ has been wooing Hollywood into their DRM WMA/V format for years now. Hollywood was reluctant about M$ owning the gateway to entertainment, and now they just pissed off the supplier. That's a bad business move, both parties lose. Now that M$ has "tighyly intergrated" WMP into the OS, they suddenly have a file format that is vulnerable to malware. WMA/V may join the corporate banned attachment list whose extensions end with exe, bat, pif, and so on.

    --
    Eternity: will that be smoking, or non-smoking? I Corinthians 6:9-10
  25. Re:So how.. by penix1 · · Score: 3, Insightful

    "Production companies are ultimately ventures to make money for their investors. If making movies becomes unprofitable or significantly less profitable (due to actual or percieved theft) fewer movies will be produced."

    This is flawed logic. The MPAA has never been able to point to a script and say, "This movie wasn't made because we were afraid it would be pirated." This is all a smokescreen generated to push the idea that the studios live hand-to-mount and that pirating really hurts them.

    "The wealthly investors that are putting their money up will find some other less risky or higher ROI avenue to use their money and the stuntmen and painters will indeed be SOL."

    You will always have some risk takers. The ROI is high even with pirating given that the movies that are pirated are usually high dollar hits. Again, this is a smokescreen and pure BS. When the MPAA can point to even one script and say, "we won't be making that movie because we are afraid it will be pirated" then I might give some credence to their spew...

    B.

    --
    This is a sig. This is only a sig. Had this been an actual sig you would have been informed where to tune for more sigs.
  26. Re:So how.. by Maestro4k · · Score: 4, Insightful
    Better yet, not only tell them how you feel, report their actions to your state attorney's general office, and tell them you're doing so. Feel free to copy and paste from the letter I sent them below:

    I recently came across this (http://www.pcworld.com/news/article/0,aid,119016, 00.asp) PC World Article about your company's actions in creating trojaned windows media files to "seed" onto P2P networks. You should be aware that in several states, your actions will likely qualify as willfull computer hacking, being in the same category of offenses as computer virus, trojan and worm creation & release.

    While your actions have not directly affected me (I have no use for P2P software), I am sure they have caused damage to other citizens in my state (Your stste here). I felt you should be aware that I am sending along the information in the PC World article to my state attorney's general office with a request that they look into the legality of your actions under XX state law.

    Copyright infringment on P2P networks is both illegal and immoral, but that does not allow those fighting it to break laws as well. I am not sure if your actions are illegal under XX state law or not, but I am sure our attorney general will be able to make that determination.

    I urge you to think through the potential ramifications of your actions, and to rethink your current course of action.

    Sincerely,

    Joe Cool (Or your name here :)

    I must admit I was tempted to install Kazaa and search for and download the file mentioned in PC World's article, just so I could tell my state attorney general they tried to hack my computer. I finally decided it wasn't worth the hassle and potential media attention though. :)

    I should note that given their current actions I don't trust them so I used a disposable address from Spam Gourmet to send from and only signed my first name. Maybe I'm paranoid, but I figure any company who thinks it's OK to basically attack other people's computers in the name of stopping P2P just can't be trusted to know both my full name and state.