Codec: Not just Coder and Decoder
Thursday July 5, 2007 at 9:55 am CST
Posted by Bhaskar Krishna
Downloading movies is a common desire for internet users, especially for home users. During the process, innocent users might end up with message (C00D1057: A portion of the file cannot be played may require a codec). Subsequently, users often turn to search engines for help, but may end up installing malware or fake codecs on their system instead.
Here malware author’s target the user’s desire for instant gratification; to watch the just-downloaded movie. These websites swindle users by using keywords like “Codec”, where terminology stands to translate signals from analog to digital and vice versa, whose common usage is converted to videoconferencing.
By appearance, these socialized codec websites look professional, but there is not much difference between them as shown below, including the description of webpage (except the codec name and icon as shown).
During installation an End User License Agreement (EULA) may be displayed to deceive users.
A better way of dealing with missing codecs is to use well known players which support most movie files.
McAfee continues to be on the lookout for new versions of such threats.
July 6th, 2007 at 10:32 am
If “McAfee continues to be on the lookout for new versions of such threats” then you can start looking here:
http://user.siteadvisor.com/forums/member.php?u=43144
Click “find all posts by mechBgon” and get started. There are source references for each in-the-wild site, so you can get the latest version of the malware for analysis.
mechBgon
Microsoft MVP, Windows Shell/User