Beware Of Bogus Audio And Video Files

When it comes to downloading music and video files what you see is not always what you get. It’s emerged that organisations associated with the RIAA have been polluting p2p file sharing services with bogus Windows Media files (WMA) containing ads and adware.

PCworld.com has published news of contentious Windows Media files found on file sharing networks like Kazaa following an alert from a PC World reader. The files look like authentic music and video downloads but contain code that can spawn a string of pop-up ads and install adware using Internet Explorer.

According to PC World, “Using a packet analysis tool called Etherpeek, we determined that each media file loaded a page served by a company called Overpeer (owned by Loudeye). That page set off a chain of events that led to the creation of several Internet Explorer windows, each containing a different ad or adware.” Unfortunately this exploit may still affect you even if Internet Explorer is not your default browser.

Overpeer has worked with record companies since 2002 providing services that flood p2p networks with fake audio files that purport to be popular songs in an effort to deter p2p pirates. This division of the operation exploits a DRM loophole via security holes in Microsoft’s Internet Explorer. I wonder how Microsoft and other vendors will react to users avoiding WMA files in the light of malicious hackers exploiting their vulnerabilities?

Learn more about it and how to protect yourself below:

 
Update:
 
Microsoft: No flaw in Media Player  CNET reports on a new twist in the spyware scams; "Panda and Harvard researcher Edelman each have identified a small company called Protected Media and file-swap fighter Overpeer as responsible for the Trojan-like Windows Media Player files."
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s