Worm Transcodes MP3s To Infect PCs

snydeq writes "Kaspersky Labs has discovered malware that inserts links to malicious Web pages within ASF media files, posing a danger to Windows users who download music files from P2P networks. Infected files launch IE and load a page that asks the user to download a codec. The download, a Trojan horse, installs a proxy program to route other traffic through the PC. The malware also has worm-like qualities, according to Secure Computing. It searches for MP3s, transcodes them to WMA format, wraps them in an ASF container, and adds links to further copies of the malware, all without modifying the .MP3 extension."

wow, that's evil

[brunascle]

It searches for MP3s, transcodes them to WMA format, wraps them in an ASF container

Wow, that's evil, even for malware authors.

Re:wow, that's evil

[morgan_greywolf]

Wow, that's evil, even for malware authors.

That's nothing. I heard the next version will automatically go out the Web, sign up for an e-Trade account, and then proceed to buy stocks like GOOG, AAPL, RHAT, etc., and automatically sell them short.

Re:wow, that's evil

[oahazmatt]

It searches for MP3s, transcodes them to WMA format, wraps them in an ASF container

Wow, that's evil, even for malware authors.

That's nothing. You should see the fix. Your anti-virus program will update its definitions, and if it identifies any of these files prior to download, it makes them appear in a Real Audio format so your never tempted to download them to begin with.

Re:wow, that's evil

[hyperz69]

No, Evil is if it transcodes them to Real Media. Though I don't even think Satan himself could do that to anyone!

Re:wow, that's evil

[flyneye]

I want the RIAA to be DEEPLY investigated,prosecuted with a fair trial and a decent hangin'.
          The music industry is terminal.It's lashing out in its dying breath.
          Just run your antivirus over your downloads before playing.
          Let's just go ahead and keep killing the industry so musicians can have a level playing field and we can do away with the corruption and misdirection to mediocre talent it provides.

Re:wow, that's evil

Just a thought.

Here's one just for you.

Re:wow, that's evil

[sempernoctis]

Worms I can deal with. Defiling my MP3 collection with WMA/ASF? That's harsh.

Re:wow, that's evil

but hey... who's going to try to change it?

I will, in 10 years after I become batman.

Re:wow, that's evil

[dna_(c)(tm)(r)]

Why would Microsoft transcode mp3's to Real Media?

Because "WOOSH" sounds better in that format?

Richard Stallman Says...

If you'd just used OGG, this never would have happened! ;-)

Gentlemen,

I must applaud the RIAA on this occasion. I may have mocked their efforts in the past, but this is truly an impressive piece of work, worthy to be called a hack.

hmm...

[Taibhsear]

Good thing I only download FLAC and transcode it myself to mp3... I mean, I buy cds straight from the RIAA for $50 a pop so I can bypass those greedy artists... yeah, that's the ticket...

Re:Data vs Program

You mean just have it read X bytes of data and stop!? But how would they have supercyberhyperwebbrowsing? I want gimmicks not reliability.

No the ultimate evil is if...

[Fallen+Andy]

it *downloads* real player

Re:No the ultimate evil is if...

[saboola]

No, the real evil is buffering.. buffering..

a) ASF is patented, b) by Microsoft.

[Joce640k]

So ... I think we can deduce which players are vulnerable to this.