Slashdot Mirror

← Back to Stories (view on slashdot.org)

Worm Transcodes MP3s To Infect PCs

Posted by kdawson on from the just-don't-click dept.

snydeq writes "Kaspersky Labs has discovered malware that inserts links to malicious Web pages within ASF media files, posing a danger to Windows users who download music files from P2P networks. Infected files launch IE and load a page that asks the user to download a codec. The download, a Trojan horse, installs a proxy program to route other traffic through the PC. The malware also has worm-like qualities, according to Secure Computing. It searches for MP3s, transcodes them to WMA format, wraps them in an ASF container, and adds links to further copies of the malware, all without modifying the .MP3 extension."

8 of 385 comments (clear)

  1. Nice by Anonymous Coward · · Score: 5, Insightful

    Way to go Microsoft!

    Is there anything these morons can't fuck up?

  2. Re:wow, that's evil by Z00L00K · · Score: 4, Insightful

    Maybe it's the RIAA that wants us to get rid of all our MP3:s downloaded from various sources?

    --
    If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
  3. Data vs Program by mlwmohawk · · Score: 5, Insightful

    Microsoft has a SERIOUS design pathology. They too often confused "data" with "program." Every G.D. thing in Windows can, in some way, initiate an action. This is a problem.

    A "music" file should be data. E-mail should be DATA! This is absolutely crazy. Making everything capable of being interpreted as programmatic content is at best a security flaw.

  4. Re:Nothing New... by dreamchaser · · Score: 4, Insightful

    You should turn in your geek card for falling for that one! Any site you don't 100% trust that asks you to install a codec for a file format you can play already screams 'malware' in a loud shrill voice.

  5. von Neuman rolls in his grave by Gothmolly · · Score: 5, Insightful

    This is why you separate the executable code from the data.

    --
    I want to delete my account but Slashdot doesn't allow it.
  6. Re:Gentlemen, by thrillseeker · · Score: 4, Insightful

    Next up ... how DRM protects you from virus laden mp3s

  7. hidden extensions by Kenshin · · Score: 4, Insightful

    I hate how Windows has hidden file extensions in every version since XP. It's supposed to make the machine more Mac-like and friendlier, but it is a serious security concern.

    I try to turn it off on every machine that I'm asked to setup or fix, but occasionally I get someone who deletes the "unfamiliar" file extensions from their files and ends up not being able to open them.

    --

    Does it make you happy you're so strange?

  8. Re:Dont use untrusted codecs! by ConceptJunkie · · Score: 4, Insightful

    The irony is that in all these years, I don't think I've ever seen WMP successfully find and install a codec it was missing. I just end up with a message saying it couldn't find the codec that doesn't even tell me which codec it was looking for. Then it turns out this all just another malware attack vector.

    In 2000, this problem would have "more of the same" but the fact that this still exists in 2008 is insane. I mean Microsoft publicly admitted their security is awful in 2000, took four years to make a decent attempt to correct things, and yet here we are four years after that...

    Thanks, Microsoft. Thanks a lot. You give new meaning to word FAIL on a daily basis.

    --
    You are in a maze of twisty little passages, all alike.