YoKenny Posted February 7, 2009 Share Posted February 7, 2009 Consider the Source, Not Just the File Type An uptick in malware that infects music files being traded on popular peer-to-peer (P2P) file-sharing networks should give Windows users pause about downloading songs from unknown sources. Symantec is reporting a spike in the number of audio files infected with what it calls Trojan.Brisv.A (detected as Worm.Win32.GetCodec.a by other antivirus vendors). The malicious software resides in otherwise innocuous-looking music Windows Media Audio (.wma) files that, when opened, changes all .mp3 and .mp3 files on a host system to Windows Media Audio (.wma) format. http://voices.washingtonpost.com/securityf...not_just_t.html "Education is what remains after one has forgotten everything he learned in school." - Albert Einstein IE7Pro user Link to comment Share on other sites More sharing options...
kmillerusaf Posted February 7, 2009 Share Posted February 7, 2009 Yeah it sucks that you can't trust p2p files as much as you could in the past but so many people download mp3s that they are prime targets for malware. Keith There's always an exception to the rule. I'm that exception. Desktop ----- AMD Athlon 3700+ (2.64Ghz), 2GB DDR 400, ASUS A8N-SLI Premium, 500GB HD, Windows XP Pro SP3, Avira Antivir Personal At work ----- Intel C2D T1700 (1.6Ghz), 2GB DDR2 667, Dell OUY141, 80GB HD, Windows XP Pro SP2, Symantec 10 Laptop ----- Intel C2D P8400 (2.4 Ghz), 4GB DDR3 1066, Mainboard, 160GB HD, Dualboot: Windows 7/openSUSE 11.1, Avira Antivir Personal Link to comment Share on other sites More sharing options...
Moderators Andavari Posted February 7, 2009 Moderators Share Posted February 7, 2009 Removing all the tags will get rid of many issues. Link to comment Share on other sites More sharing options...
kmillerusaf Posted February 17, 2009 Share Posted February 17, 2009 The tags that contain the song's information? Is that where they store the malicious code? There's always an exception to the rule. I'm that exception. Desktop ----- AMD Athlon 3700+ (2.64Ghz), 2GB DDR 400, ASUS A8N-SLI Premium, 500GB HD, Windows XP Pro SP3, Avira Antivir Personal At work ----- Intel C2D T1700 (1.6Ghz), 2GB DDR2 667, Dell OUY141, 80GB HD, Windows XP Pro SP2, Symantec 10 Laptop ----- Intel C2D P8400 (2.4 Ghz), 4GB DDR3 1066, Mainboard, 160GB HD, Dualboot: Windows 7/openSUSE 11.1, Avira Antivir Personal Link to comment Share on other sites More sharing options...
Corona Posted February 17, 2009 Share Posted February 17, 2009 Where are these tags? How would you access/delete them? Link to comment Share on other sites More sharing options...
Moderators Andavari Posted February 17, 2009 Moderators Share Posted February 17, 2009 Delete them with MP3tag, etc. Link to comment Share on other sites More sharing options...
kmillerusaf Posted February 17, 2009 Share Posted February 17, 2009 Where are these tags? How would you access/delete them? Winamp/Windows Media Player usually are able to access the mp3 tags... They contain info about the song that displays it to the player... Like song name, artist, album, genre, etc... Usually a right click and go to properties/info inside the program will allow you to view these tags. Delete them with MP3tag, etc. Thanks Andavari for the link... It was never confirmed though, is it here where malicious code is stored? There's always an exception to the rule. I'm that exception. Desktop ----- AMD Athlon 3700+ (2.64Ghz), 2GB DDR 400, ASUS A8N-SLI Premium, 500GB HD, Windows XP Pro SP3, Avira Antivir Personal At work ----- Intel C2D T1700 (1.6Ghz), 2GB DDR2 667, Dell OUY141, 80GB HD, Windows XP Pro SP2, Symantec 10 Laptop ----- Intel C2D P8400 (2.4 Ghz), 4GB DDR3 1066, Mainboard, 160GB HD, Dualboot: Windows 7/openSUSE 11.1, Avira Antivir Personal Link to comment Share on other sites More sharing options...
Moderators Andavari Posted February 18, 2009 Moderators Share Posted February 18, 2009 Thanks Andavari for the link... It was never confirmed though, is it here where malicious code is stored? In the past it was the ID3v2 tag where people would hide the nasties. Of course nowadays people also use other tags too like APEv2, and Lyrics3 (which MP3Tag can remove, don't know about WinAmp and WMP removing those and I'd think they can't out of the box) so who knows for sure but anything that can store non-music data inside of MPEG data I'd suspect could have something wrapped up inside of it. I've personally never come across any infected MP3s, etc., however I knew years before that it was possible. It's worth malware scanning everything that's downloaded that includes any music and videos too. Link to comment Share on other sites More sharing options...
kmillerusaf Posted February 18, 2009 Share Posted February 18, 2009 I've come across a few mp3s that were infected and felt so lucky that I scan everything before I open/play them. I am pretty sure out of the box, Winamp and WMP can edit the tags... There's always an exception to the rule. I'm that exception. Desktop ----- AMD Athlon 3700+ (2.64Ghz), 2GB DDR 400, ASUS A8N-SLI Premium, 500GB HD, Windows XP Pro SP3, Avira Antivir Personal At work ----- Intel C2D T1700 (1.6Ghz), 2GB DDR2 667, Dell OUY141, 80GB HD, Windows XP Pro SP2, Symantec 10 Laptop ----- Intel C2D P8400 (2.4 Ghz), 4GB DDR3 1066, Mainboard, 160GB HD, Dualboot: Windows 7/openSUSE 11.1, Avira Antivir Personal Link to comment Share on other sites More sharing options...
Corona Posted February 18, 2009 Share Posted February 18, 2009 Thanks Andavari! I downloaded MP3tag and am taking a look at it now. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now