New Worm Transcodes MP3s to Try to Infect PCs

By Jeremy Kirk
Fri, July 18, 2008
. What's this?

IDG News Service —

A new kind of malicious software could pose a danger to Windows users who download music files on peer-to-peer networks.

The new malware inserts links to dangerous Web pages within ASF (Advanced Systems Format) media files.

"The possibility of this has been known for a little while but this is the first time we've seen it done," said David Emm, senior technology consultant for security vendor Kaspersky Lab.

Advanced Systems Format is a Microsoft-defined container format for audio and video streams that can also hold arbitrary content such as images or links to Web resources.

If a user plays an infected music file, it will launch Internet Explorer and load a malicious Web page which asks the user to download a codec, a well-known trick to get someone to download malware.

The actual download is not a codec but a Trojan horse, which installs a proxy program on the PC, Emm said. The proxy program allows hackers to route other traffic through the compromised PC, helping the hacker essentially cover their tracks for other malicious activity, Emm said.

The malware has worm-like qualities. Once on a PC, it looks for MP3 or MP2 audio files, transcodes them to Microsoft's Windows Media Audio format, wraps them in an ASF container and adds links to further copies of the malware, in the guise of a codec, according to another security analyst, Secure Computing.

The ".mp3" extension of the files is not modified, however, so victims may not immediately notice the change, according to Kaspersky Lab.

Most savvy PC users are aware of the codec ruse, but the style of attack is still effective since many media players do need to receive updated codecs occasionally in order to play files.

"Users downloading from P2P networks need to exercise caution anyway, but should also be sensitive to pop-ups appearing upon playing a downloaded video or audio stream," Secure Computing said.

Users on a digital audio enthusiast site differed over the danger level of the malware.

"I never allow programs to choose which codecs I use to play back media," wrote JXL on the Hydrogen Audio forum "I research it and get the codec bundles off of sites I know to be trustworthy and even then I still scan them and check to make sure they are what they are. I honestly don't feel that this malware has a very good chance of spreading fast."

But most users will probably think the prompt to download a codec is just routine business, wrote a user by the nickname of Citay on the same forum.

"I think that outside a minority of users who really know about all the dangers implied with Internet use, the vast majority of people have no idea that such a codec download could lead to a Trojan infection," Citay wrote.

Trend Micro calls the malware "Troj_Medpinch.a," Secure Computing named it " "Trojan.ASF.Hijacker.gen" and Kaspersky calls it "Worm.Win32.GetCodec.a."

What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
White Papers »
Finding the right cloud solutions for your organization
HP is driving the evolution of what we call the Instant-On Enterprise. It is an enterprise that embeds technology into everything it does to better serve citizens, partners, employees, and clients. We believe that today's Instant-On Enterprises need to think differently about how they source and deliver services that are enabled by technology. They need to take advantage of a hybrid delivery model-one that truly optimizes the mix between traditional IT, private cloud, and public cloud.

Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.
Converged Infrastructure for Dummies
As you know, everything is mobile, connected, interactive, and immediate. This is exactly why organizations need a highly agile IT infrastructure in order to keep pace with extreme fluctuations in business demand. This book will help you understand why infrastructure convergence has been widely accepted as the optimal approach for simplifying and accelerating your IT to deliver services at the speed of business while also shifting significantly more IT resources from operations to innovation.

Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.
Seven Priorities for Integrated Network Management - How HP Intelligent Management Center Delivers an Enterprise-class Solution
This white paper describes the major requirements for network management solutions to help the organizations become more profitable, efficient and reliable.

Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.
Measuring the Business Value of CI in the Data Center
One of the key strategies that IT teams are pursuing to reduce capital costs while boosting asset utilization and employee productivity is the transition to highly virtualized data centers. However, IDC finds that expectations for further boosts in IT asset use and operational efficiency often surpass the actual results for a variety of reasons. These problems can quickly overwhelm any hoped-for benefits as the scope of virtual server deployment expands.

Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.
Building Cloud-Optimized Data Center Networks white paper
Enterprises are turning to the Cloud to improve business agility, reduce expenses and accelerate business innovation. Cloud computing redefines the way IT assets are deployed and consumed and dramatically affects the way data center networks are architected and managed. Conventional hierarchical data center networks built to support traditional IT architectures can't meet the security, agility and price/performance requirements of virtualized cloud computing environments. This white paper reviews the impact of cloud computing on data center networks and describes HP's approach to building simpler, more secure and automated networks that fully meet the stringent performance, security, reliability and agility demands of the new data center in the Cloud.

Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.
The Forrester Wave: Activities Streams, Q2 2012
The enterprise social software market is exploding thanks to converging trends of consumerization, cloud, and mobile. In this must-read report, "The Forrester Wave: Activities Streams, Q2 2012", Forrester Research Inc. evaluated five social software vendors with core strengths in the stream based on the overall strength of vendors' current offerings, a clear product strategy, and vendor market presence. In a detailed look at the space, Forrester named Yammer as a leader.
Webcasts »
Virtualization Success is a Team Effort
As greater numbers of datacenter servers transition from the physical to the virtual world, the components of virtualization success come to the fore. What scores of organizations have discovered is that success is derived from an optimal pairing of the right software platform with the right hardware platform.
Oracle Database Appliance Best Practices
Business users increasingly demand 24x7 availability of their data while IT departments face the challenge of ensuring maximum availability while operating with limited budgets.
Unlock the Value of Cloud Computing with Workload Automation
Learn how to get the most from your cloud investment in our on-demand webinar from BMC and InformationWeek. You'll hear how integrating the cloud into your production workload brings critical business benefits.
Best Practices to Optimize Your Data Center at Every Layer of the Stack
Date: May 31, 2012
Time: 1 PM EST

Organizations are reaping the benefits of simplifying IT, lowering costs and dramatically improving transactional throughput by deploying optimized application-to-disk solutions. These pre-tuned, tested solutions encompass a wide variety of applications and use cases. Hear from industry experts, and IT executives, how these full-stack solutions can achieve three times faster deployment times and up to 75% reductions in acquisition and operational costs.
Workload Automation Trends and Best Practices in 2012
Find out when you join EMA Senior Analyst, Torsten Volk, for a discussion on the 2012 trends in workload automation and how these trends contribute to better connecting workload automation to business processes. These trends are derived from EMA's empirical research work conducted for the 2012 Workload Automation Radar Report.
Analytics at the Speed of Thought
What if you could run financial and operational planning cycles 10 times faster? Or monitor and adjust marketing campaigns in real time? What if you could instantly visualize how a price change would impact the profitability of thousands of products?
Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  11. View all Newsletters | Privacy Policy
White Papers » All White Papers

Finding the right cloud solutions for your organization

Converged Infrastructure for Dummies

Seven Priorities for Integrated Network Management - How HP Intelligent Management Center Delivers an Enterprise-class Solution

Measuring the Business Value of CI in the Data Center

Building Cloud-Optimized Data Center Networks white paper

The Forrester Wave: Activities Streams, Q2 2012

SMBs Get Virtualization, Plus the Benefits of High Core Count Processors

Virtualized for Agility

The Accelerated SMB: Moving at the Speed of Virtualization

Make Virtual Desktops a Valuable Reality with AMD

Has Your Server Infrastructure Kept Pace with End User Demands?

Real Fabrics for a Virtual World

Enabling Remote Employees with High Quality Video

From Systems to Service Management: Running Your IT Department Like a Business

Generation Gmail: How are you dealing with "work-around email" workers?

5 steps from Scheduler to Enterprise Workload Automation

Optimizing Business Processes in Today's Enterprises

Analyst WP: ESG-Proven value with the Oracle Database Appliance

Effective Data Leak Prevention Programs: Start by Protecting Data at the Source - Your Databases

Forrester: Formulate A Database Security Strategy to Ensure Investments Will Actually Prevent Data Breaches and Satisfy Regulatory Requirements
Sponsored Links

Master the cloud with the power of convergence from HP

Connect with IT leaders redefining mobility at the Enterprise Mobile Hub

Choose New and manage one device instead of 170

Choose New for 8x the firewall and NAT performance

Check out a smart way of mobilizing your business with enterprise-ready Samsung Mobile.

Redefine your data center with HP servers.

Enhance your business with Windstream IT Solutions. Speak to someone local.

BlackBerry® Mobile Fusion. Different mobile devices. One platform.

Click to see how Accenture has delivered high performance to clients

CYBERMARYLAND | Learn Why Maryland is the Epicenter for Cybersecurity

Get Ethernet speeds from 1 Mbps to 10 Gbps - Comcast Business Class

Cognizant. Leading in Business, Application & Technology Services

Collaboration: driving better business outcomes

Gain cutting-edge insights at MIT in 2-5 day executive programs.

Complimentary Gartner Report on BYOD: Media Tablets & Beyond. View Now

Elevate storage agility and efficiency with HP 3PAR storage.

Choose New and slash the number of devices you manage

Customized information views & Twitter events at New Fulcrum Point

Splunk translates machine data into "aha" moments for IT and the business.

ManageEngine Desktop Central - Automate and Audit Your Desktop Management! Learn More...

Cloud Readiness Starts with Intel® Technology

High performance. Delivered. Click to see Accenture's client successes

Visit the Virtually There Learning Page to learn how to use virtualization to your competitive advantage.

Free: Hunter Muller's "The Transformational CIO."

Join us for an upcoming Microsoft 365 live online demo event.

Discover your easiest path to unified communications

Virtualizing Your Infrastructure Just Got Easier

Connect with global CIOs now at Enterprise CIO Forum

Resource Center
buy a link »
Ads by TechWords