Net scum are still finding ways to take down users with a decade-old Windows Media Player attack.
The vector is a reborn social engineering hatchet job not seen in years in which attackers convince users to run executable content through Windows Media Player’s Digital Rights Management (DRM) functionality.
Windows Media Player will throw a DRM warning whenever users do not have the rights to play content, opening a URL through which a licence can be acquired.
Now malware villains are packing popular movies with malicious links so that the DRM warning leads to sites where they’re fooled into downloading trojans masquerading as necessary video codecs.
- Ten-year-old Windows Media Player hack is the new black, again (go.theregister.com)
- Ten-Year-Old Windows Media Player Hack Is The New Black, Again (packetstormsecurity.com)
- 10 Year old design flaw in Windows Media Player still abused for malware distribution (myce.com)
- Ten Years Later, You Can Still Get Malware via the Windows Media Player DRM (news.softpedia.com)
- Links: Microsoft DRM, Brian Eno, Lou Reed and Revolver. (rocknerd.co.uk)