Video Codecs – Gateways to Malware Infection

image If you are attempting to view a site’s video content, and you get a popup advising you that you need to download a new codec to enable viewing – DON’T.

A favorite method used by cyber-criminals to drop malware on unsuspecting users’ computers, is the requirement that you must first download a “missing” codec, to enable viewing.

If you’re curious, or you’re not convinced that this is a potentially dangerous scenario – go ahead and click. But, before you do, make sure you have:

A current backup CD/DVD, or other media, containing your irreplaceable files – your probably going to need it.

Your original operating system install disk – you’ll need this too.

Your system and peripherals driver disks. Without these you’re going to spend hours on the Internet locating (if your lucky), drivers that were written specifically for your peripherals.

You can save yourself all this trouble, and heartache, just by one simple action, or more properly; by a single inaction. Don’t click!

It’s possible of course, that you may be lucky, and you may be able to recover control of your computer if your anti-malware applications are up to date, and the malware signature database recognizes the intruder as malware.

But I wouldn’t count on it. Often, anti-malware programs that rely on a definition database can be behind the curve in recognizing the newest threats.

Consider this: Currently there is an epidemic of so called “rogue software”, on the Internet, with much of it being delivered by the constantly evolving Zlob.Trojan, or the  Zlob.Video Access Trojan, which are often hidden in fake, and malicious, codec downloads.

As the following screen captures illustrate, there is a wide variance in these invitations to install a missing, or “required” codec.

image

image

image

image

Common sense should tell you, if a website does not recognize a standard codec, there is something wrong. Ask yourself this question; how long would a website stay in business if a visitor is required to download a specific codec to view content? The answer is clearly – not very long.

Don’t be the type of person who clicks indiscriminately at every opportunity to do so. If you do, I guarantee you – your computer will be infected within minutes.

To ensure that you have a full set of codecs on your computer, consider downloading one of the following free codec packs. With a full set of codes installed on your computer, any request to download a site specific codec, should be viewed with suspicion.

Windows Essentials Codec Pack – Windows Essentials Media Codec Pack provides a set of software codecs for viewing and listening to many forms of media in Windows Media Player. While this program merely enhances a media player, it does a fine job of accommodating many different and unusual types of videos and music.

Download at: Download.com

The K-Lite Codec Pack – There are several different variants of the K-Lite Codec Pack. Ranging from a very small bundle that contains only the most essential decoders, to a larger and more comprehensive bundle.

Download at: Codec Guide.com

Media Player Codec Pack – The Media Player Codec Pack is a simple to install package of codecs/filters/splitters used for playing back music and movie files. After installation, you will be able to play 99.9% of files through your media player, along with XCD’s, VCD’s, SVCD’s and DVD’s.

Download at: Download.com

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

18 Comments

Filed under cybercrime, Digital Media, Don't Get Scammed, Don't Get Hacked, downloads, Freeware, Malware Advisories, Media Players, Online Safety, Rogue Software, Software, Video, Viruses, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP, worms

18 responses to “Video Codecs – Gateways to Malware Infection

  1. Liam O' Moulain

    Bill,

    Another very valuable lesson. Thank you.

    Liam

  2. Murphy

    Hi,
    Thanks for this article .
    Many people would not have problems if they know these things .
    Best regards !

    • Bill Mullins

      You’re welcome Murphy.

      You’re right – the more educated the user, the less successful cybercriminals are likely to be.

      Best,

      Bill

  3. greg

    Thanks for posting this Bill,I sometime click a little too freely. Its always good to read your blog because it makes me think

    • Bill Mullins

      Hi Greg,

      I fully understand where you’re coming from. It’s so easy to “just click”, and we’re all subject to it. I’ve certainly been known to have clicked at the wrong time, and in the wrong place – much to my regret.

      Thank you for visiting.

      Bill

  4. g

    A good lesson Bill!

    On another lesson regarding codec’s , I would like to warn the readers to be careful installing codec’s in lieu of installing programs that have them built in. I have had several instances of codec conflict which rendered a audio or video program useless.

    I had problems with Klite and uninstalled it.
    Programs that work well without installing additional codec’s – Gom for video, foobar and mediamonkey for audio. If i remember right, I think Winamp also has it’s own built in codec’s.

    • Bill Mullins

      Hey G,

      That’s very interesting.

      I haven’t had a need to add codecs for years, but I use GOM and Winamp. So you’re on the money with that advice. Much appreciated.

      I trust all is well in the Great Northwest.

      Best,

      Bill

  5. pramod

    nice talk. keep up this good work

  6. Mal

    Hey Bill,

    Just this week I have had several invitations from somebody on Facebook to view a video link. But he says he never sent them. Of course, I didn’t click the links but I suspect if I did, I would of got one of those invitations above. I don’t even know why I bother with Facebook, I find it boring and there is always somebody getting hacked or malware on there.

    Even if I do decide to look at a video on whatever site I visit and it has to be one I trust, I’m using Firefox with Noscript plus I make sure the browser is running in a sandboxed environment.

    Cheers

  7. Ashwin

    Nice article Bill,

    This is one reason i use No-script on Flock, blocks videos,ads, etc.

    Personally i use the KM PLayer to watch videos. It is the best. It has some internal codec/filters.

    Also have Gom player, and K-Lite Mega Codec Pack installed

    • Bill Mullins

      Hey Ashwin,

      I agree – always a good idea to run with No-script. I use GOM and K-Lite Mega Codec Pack, as you do – great products.

      Bill

  8. Pingback: » Video Codecs – Gateways to Malware Infection « Bill Mullins … RWPS

  9. Hi Bill,
    My general rule of thumb for video is: If VLC won’t play it don’t bother. I like GOM as well and trade off occasionally, I don’t like Quicktime as its been a pretty serious vector itself. Even on a Mac its VLC for me.
    Mark

  10. Valerie

    Windows Essentials Codec Pack is being commented on at download.com as being a virus and Trojan dumper.

    • Bill Mullins

      Hi Valerie,

      Thank you – I was aware of these comments. Just a few things.

      While comments/forums are a good thing, unfortunately, equal weight is often given to both amateur and expert users alike.

      It is not at all unusual for this specific type of software to be flagged by AV software, because of the contents of the installer package. Competent technologists are more than aware of this condition.

      CNET prides itself on offering “clean” downloads, and in 20+ years of using their services, I have never encountered an infected file. Nor, have I ever met anyone who has.

      Bill

  11. Thanks for sharing this wonderful information. I am completely agreeing with you. Because when we are online some websites says you need to download the codecs to see the video and this gives a doorway to the threats.