Home > Daily Thoughts, Emerging Threats > MPEG, MP3, AVI, Video/Audio Media Files

MPEG, MP3, AVI, Video/Audio Media Files

These are urls commonly found inside malicious/infected MPEGs, MP3s, AVI, WMA and .WMV files.

h t t p://coolpixhost.biz/rd/redir.php?kw=mp3 — > redirecting to minisites.mypengo.com
h t t p://playmoviesx.com/go/?a=vidwmv&t=search&cmp=wmv_audio
h t t p://isvbr.net?t=3
h t t p://www.fastmp3player.com/affiliates/772465/2/
h t t p://missing-codecs.net/inc/24002/media_codecs/

Upon opening it will connect to any of these URL and download malicious program such as Windows_Media_Player_Flash_Codec_Plugin.exe. 

Be careful and stay safe!

  1. wade
    November 3, 2008 at 3:11 pm

    I’ve got a problem with my Media Player and it opens the web-page http://www.play-error.com

    How can I solve this?

  2. Methusela Cebrian Ferrer
    November 4, 2008 at 3:17 am

    Hi wade,

    It seems your media files are already infected. There’s a trojan that infects MP3 and Windows media files, where it tries to modify by injecting script to automatically open users’ default browser and so to visit a malicious website.

    So, whenever you play these infected media files, it will keep opening that webpage. Although, these files by itself is not capable to infect your system or other media files, but unfortunately its unrecoverable.

    I advise you to immediately download an updated signature from your security scanner and scan your machine.

    If the infector is not residing in your machine, it’s possible that you’ve connected your portable media player to an infected one.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: