Hackers Use DRM To Plant Massive Amounts Of Spyware

Hackers are turning digital rights management features of Microsoft's Windows Media Player against users by fooling them into downloading massive amounts of spyware, adware, and viruses.

By TechWeb News
Jan. 11, 2005
URL: http://www.informationweek.com/story/showArticle.jhtml?articleID=57700514

Hackers are turning digital rights management features of Microsoft's Windows Media Player against users by fooling them into downloading massive amounts of spyware, adware, and viruses, security firms said Tuesday.

According to anti-virus vendor Panda Software, two new Trojan horses -- dubbed WmvDownloader.a and WmvDownloader.b -- have been planted in video files seeded to peer-to-peer file-sharing networks like eMule and KaZaA. The Trojans take advantage of the new anti-piracy features in Windows Media Player 10 and Windows XP SP2 to trick users, said Panda.

When a user tries to play a protected Windows media file, the anti-piracy technology demands a valid license; if that license is not stored locally, the player looks for it on the Internet so the user can download or purchase it.

However, these Trojans only "pretend to download the corresponding license from certain Web pages," said Panda in its online alert. "What they actually do is redirect the user to other Internet addresses from which they download a large number of adware, spyware, dialers, and other viruses."

Others, including Kaspersky Labs and Ben Edelman, a Harvard student and spyware researcher, have confirmed the effects of the two Trojans.

Edelman's test of one of the Trojans on a clean PC demonstrated its impact.

"I pressed 'Yes' once to allow the installation. My computer quickly became contaminated with the most spyware programs I have ever received in a single sitting...all told, the infection added 58 folders, 786 files, and an incredible 11,915 registry entries to my computer."

Copyright © 2004 CMP Media LLC

this proves that even 'smart' people can be had


11,915 registry entries..wow

....somewhere ...someone is laughing so hard ...they must be sh!tting in their pants

Well that sucks, but i dont download WMP files, whether its audio or a video, just dont trust it.

Just don't allow that WMV to download the license & remove that video from your hard drive!

Just don't allow that WMV to download the license & remove that video from your hard drive!


even better idea--don't download the wmv, don't install wmp 10, and get media player classic

anyone stupid enough to download a wma/wmv deserves whatever they get

(p.s. this exploit is going to be HUGE for porn sites)

Oh no! Not the porn sites!


I got fucked last week. Not really sure how but this may have been how it happened.


wmvs are off my list. Shitty shit

DRM = Dirty, Rotten Media/Malware

My only experience with DRM is when it just came out I was dl'ing stuff from consumptionjunction. Practically all the videos required 'licences' to play, so I dl'ed them onto my bro's machine. That said, I've never had anything with DRM from BT, only some password protected self-extracting RAR's which needed a password obtainable from a website/forum.

///

OLD NEWS

WMV files have been boobytrapped for years, gotta love how MS allows DATA files to trigger web access and EXECUTION of scripts.

even better idea--don't download the wmv, don't install wmp 10, and get media player classic

anyone stupid enough to download a wma/wmv deserves whatever they get

(p.s. this exploit is going to be HUGE for porn sites) Right on notbob hit the nail on the head couldnt agree with yah more.

But your still a dizzy idiot.

-infringer-

theres not a damn thing wrong with .wmv/wma files --- its all in where you get em

people could just as easyly do that with any other file

No, this could not happen with other video files, wmv files call home for a licence (DRM) but people are replacing that with trojans. Other video files like divx can not do this. But it is true that you have to be carefull where you get them


OLD NEWS

WMV files have been boobytrapped for years, gotta love how MS allows DATA files to trigger web access and EXECUTION of scr

I don't know if anyone remembers this or not but we had a knock down drag out fight over this subject a year or two ago with almost everyone here at ZP saying it was impossible to get a virus like that. Me and scorchie were about the only ones who said it could be done. I've been looking for that thread but can't find it. Any help?

No, this could not happen with other video files, wmv files call home for a licence (DRM) but people are replacing that with trojans. Other video files like divx can not do this. But it is true that you have to be carefull where you get them



I don't know if anyone remembers this or not but we had a knock down drag out fight over this subject a year or two ago with almost everyone here at ZP saying it was impossible to get a virus like that. Me and scorchie were about the only ones who said it could be done. I've been looking for that thread but can't find it. Any help?



well Divx can do that as far as I can guess----- I downloaded a movie in Divx about a retared guy that made it pretty far and had a freind named BABA --- when ever you start it ,it trys to take you to a web site , so yeah I belive Divx could do that if somone tryed enough to put that crap in there

:fire

I have never had a media file take me to a web page.

:hole

:fire

I have never had a media file take me to a web page.

:hole




well your lucky or smart : ) I got that file a long time ago like5 yeras ago

What you probably got, which I have seen, is a wmv file with the file extension changed. I very well could be wrong but Im fairly sure no divx files do this.

I have never had a media file take me to a web page.


You must have never downloaded any porn then.

Oh yeah DRM is gay!...

-infringer-