Forgot your password?
typodupeerror

Viral Videos That Really Are Viral 157

Posted by Zonk
from the click-wisely dept.
davidwr writes to mention a BBC article looking at booby-trapped Windows codecs. While some codecs required for online videos actually let you watch your content, others are just excuses to infect your system with spyware or adware. As davidwr says: "Now virtual sex can make your computer sick." From the article: "Mr Robinson said many security firms were now logging instances in which spyware and adware firms are turning out software bundles that claim to roll together many popular codecs or just have the one needed to play a particular clip. Some of the codecs do help to play clips, but others are disguised as a variety of nuisance or malicious programs. Some rogue codecs plague users with pop-up adverts, while others invisibly install keyloggers that try to grab confidential data. "
This discussion has been archived. No new comments can be posted.

Viral Videos That Really Are Viral

Comments Filter:
  • by TheSHAD0W (258774) on Tuesday October 31, 2006 @12:48PM (#16659597) Homepage
    I'm going to personally recommend a codec pack called CCCP [softpedia.com], or the Combined Community Codec Pack. It's primarily meant for viewing anime, but I've never come across any video it couldn't play (aside from MOV [free-codecs.com] and RM [free-codecs.com]). It claims to be free of any sort of malware, and there are a lot of good people vouching for it.

    If anyone has any information about malware being present in this codec pack, please respond to this post; since I have this installed on my system I'd be very interested in hearing it. :-)
  • VODEI (Score:0, Informative)

    by LCookie (685814) on Tuesday October 31, 2006 @12:50PM (#16659649)
    Can anybody say Vodei??
    This is not even a Codec, it's a wrapper. Vodei infected AVI files require you to download
    their "codec" from http://www.vodei.com/ [vodei.com]. Funny thing is Vodei infected AVI's
    actually become BIGGER and it's a real pain in the ass to convert them back to regular AVI.

    Actually it's a good plot since the same guy who owns Vodei also owns moviesempire.com.

    1) Illegaly distribute crippled pr0n movies.
    2) Make ppl download the spyware/malware ridden "codec"
    3) Profit!

  • by thelost (808451) on Tuesday October 31, 2006 @01:14PM (#16660093) Journal
    I will second that recommendation and state that in my personal experience there has never been any spyware or viri in CCCP.

    The obvious alternative is of course VLC - however a lot of people will be turned off by VLCs apparent lack of spit and polish compared to other video players for windows, mainly because it is not always simple to use & it's seek bar sucks ass; devs flatly refuse to do anything about that (although it's my understanding that the way it's currently written it is actually impossible to fix the seekbar).
  • by element-o.p. (939033) on Tuesday October 31, 2006 @01:36PM (#16660543) Homepage
    and there are no "automatic" tools to sweep it clean

    meh...not sure I entirely agree with you here, although I will concede that many Linux users don't know what tools are available and even less use those that are available on a regular basis.

    Tools that I use regularly to keep tabs on my boxen:
    1) http://www.chkrootkit.org/ [chkrootkit.org]chkrootkit: can be run from cron to look for suspicious files and rootkit signatures;
    2) netstat -ep: to show what processes are using network connections;
    3) lsof: to show what files on your system are open, who opened them and with what process they were opened;
    4) http://www.tripwire.com/ [tripwire.com]Tripwire or http://www.gecko-ak.org/Sentinel/ [gecko-ak.org]my own, open-source, much less functional, still really in development Tripwire-like file system auditor: to check for changes in binaries, config files or anything else on your file system that you would like to keep tabs on;
    5) http://www.insecure.org/ [insecure.org]nmap: to remotely scan computers on your network for open ports, and to audit the services using these open ports;
    6) http://www.nessus.org/ [nessus.org]nessus: like nmap, only different;
    7) tcpdump/ethereal/wireshark: to monitor packets in or out of your computer;
    8) http://www.snort.org/ [snort.org]snort: okay, I haven't (yet) used this one, but it's the open-source standard for IDS;
    9) http://www.bitdefender.com/ [bitdefender.com]bit defender: anti-virus for Linux--we had to use this once at work to remove a Windows virus that had infected our Samba shares (note: the Samba server wasn't infected, but the Windows machines that were mounting shares from the Samba server were--and they kept rewriting infected Windows executables to the server).

    So, no most of these aren't automatic, and most of these won't clean your Linux PC's, but there are a host of tools that you can use to detect problems on your Linux computers. And, if you're really paranoid, there are several vendors that provide anti-virus software, just like what you find on your Windows machines.

If this is timesharing, give me my share right now.

Working...