Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    Music is made to affect people’s lives, not their computers.

    A malware that infects multimedia files, modifying them to require the download of a fake codec when played had recently been discovered.

    It infects widely used multimedia file formats such as MP3, WMA and WMV video files by injecting a malicious code. The said malware is also capable of converting files such as MP2 and MP3 into Windows Media Audio (WMA) format. When a user tries to play an infected file, a popup message is displayed, asking the user to download a certain codec in order to play the file. The downloaded codec is of course, nothing else but a malware.

    Should the user choose to play the same file again after the “codec” had been installed, the popup will not appear anymore, which may drive the user into thinking that a codec was really installed on the system. But this is just the beginning, if the multimedia files are shared through a peer-to-peer network, anyone who downloads music or video file from an affected system will be at risk of getting infected as well.

    Malware has posed as multimedia files and codecs to entice users into downloading malicious files. Here are reports on some of such instances in the past:

    But this malware takes it to a new, and more dangerous level; it manipulates a person’s multimedia files and uses it against them. People normally keep thousands of multimedia files on their systems, especially MP3s. If each file is infected by the malware then shared through a P2P network, then the user unknowingly turns into a malware host.

    Trend Micro threat engineers detect this malware as TROJ_MEDPINCH.A, and the embedded/encrypted executable file in it as TSPY_LDPINCH.ASG. The Trend Micro Smart Protection Network assesses the reputation of downloaded files, preventing users from ever having to deal with the hassles of restoring their MP3 collections back to their clean states.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice