Subscribe
This is an disguised application under a common media file extension meant to trick the user to download and execute a malware. Usually it states the false incapacity of your software configuration to view this kind of media. Due to the common misconception that malware or viruses are only in executables, the user could be lead to trust this strategy and install without his knowledge the downloaded threat.
Basically the user runs the file in Windows Media Player and gets a browser window that prompts him to download a file named "Codec.exe" .
This is actually an exploit of the media files because its an available feature in stead of an attack to the format.
Because it doesn
Please let BitDefender disinfect your files.
While accessing the ".wma" which is a media file extension the following behavior is noticed :
- A browser page opens to a certain webpage ( ie missing-codecs.com or fastmp3player.com )
- It tries to download and execute (when the user hits run on IE ) a malware from the mentioned site.
- The prompted file to download is named "Codec.exe" which has the Windows Media Player icon (the name could vary ("PLAY_MP3.exe" or another).
Take notice that the file could have any other extension that Windows Media Player can handle such as ".asf", ".wmw" , ".aiff", ".midi" or others.
Here is how the malware looks like in action.
Hot Articles