McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
Create Account | Login  | What is TrustedSource?
 
Home  Threats and Trends  McAfee Research Blog
TrustedSource™ Query
Enter IP address, domain name or URL to check reputation/traffic patterns:
Search
 

McAfee Research Blog

Breaking the Codec…

March 23th, 2009

I ran across a new twist on the by-now well known FakeAlert series. Just in case you have been lucky enough not to have dealt with this malware, it goes roughly like this:

You get an email from what looks to be a legitimate source, or visit a legitimate looking website that is offering the latest must-have application or upgrade. “This thing looks cool”, you think as you happily ignore your IT security friend’s advice against following unsolicited or potentially unsafe links. “Someone must really like me to be sharing this with me”.

So you continue to download the ‘treasure’. Then when you try to install it, it pops up an error - something about being corrupt and the installation cannot proceed. Seconds later, you find that some ‘nice’ company has put an antivirus scanner on your computer and begins to scan it for you. You find out that you are loaded with all kinds of nasty stuff and because nothing in life is free, you have to pony up the money to have your computer cleaned.

Problem is, you may not have had these infections in real life. Except, of course, the one you downloaded and installed yourself. This is but one scenario of the fake antivirus scourge.

So the new twist is that your favorite audio or video application may now assist in this nefarious sale. When you install this application, you will actually see things ‘happening’. You won’t be happily working away listening to the latest pop sensation when this gets loaded. The malware will actually stop your multimedia application and drop your volume to zero. It will likewise prevent you from attempting to restart it. You will start to get more and more ominous warnings about your audio and video codecs being corrupted until your entire desktop background is replaced with a giant ‘Your system is melting down and the world is coming to an end - just click here and we will help you fix it’ message (author’s note: it’s not that dramatic, but you get the idea). Of course to ‘fix’ it, it will cost you.

That said, be careful of this scam. We all would like to whistle while we work, but this may have you singing a different tune (sorry, couldn’t resist the sappy line).

More technical information is available here:
FakeAlert-MCodec

Back to McAfee Research Blog overview

McAfee Homepage | Contact | Privacy Policy

Copyright © 2007-2009 McAfee, Inc. All Rights Reserved.

ANY INFORMATION PROVIDED BY MCAFEE ON THIS BLOG ARE OFFERED "AS IS" WITH NO EXPRESS OR IMPLIED WARRANTIES, CLAIMS, PROMISES OR GUARANTEES ABOUT THE ACCURACY, COMPLETENESS, OR ADEQUACY OF THE INFORMATION CONTAINED IN OR LINKED TO AND NO RIGHTS ARE CONFERRED. BY USING THIS BLOG, YOU ASSUME ALL RISK FOR YOUR USE. IN NO EVENT WILL MCAFEE BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL, EXEMPLARY, OR OTHER DAMAGES WHETHER OR NOT MCAFEE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE. MCAFEE HAS NO OBLIGATION TO POST BLOG SUBMISSIONS OR RESPONSES.