Hackers hijack Microsoft DRM

Summary: Microsoft's Windows Media Player is leaving users vulnerable to Trojan horses that take advantage of its digital rights management feature, experts warn

By Dan Ilett | January 12, 2005 -- 16:10 GMT (08:10 PST)

Hackers are using the digital rights management feature in Microsoft's Windows Player to fool people into downloading spyware and viruses, a security company claimed on Wednesday.

According to a warning posted on security company Panda Software's Web site, virus writers have released licence-protected multimedia files containing Trojan horses that overcome the anti-piracy features in version 10 of the Media Player and Windows XP SP2.

Normally, when a user tries to play a licence-protected file but doesn't own the necessary licence, Media Player goes onto the Internet to find a site where they can buy one.

This Trojan, dubbed WmvDown.A, subverts this process by sending the player to a malicious Web site (serve.alcena.com) from which it downloads malware.

According to Panda Software, the Trojan is easy to spot once it has run. After connecting to the Internet, it displays the message: "Thanks for downloading this file. Click Play to listen."

A Microsoft spokesperson was not immediately able to comment on Panda's claims.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments

Log in or register to join the discussion

Too much convenience goes a wrong way.

anonymous

12 January, 2005 19:53

Reply Vote

usually when WMP asks you to download some DRM to listen to the file, you press no and can listen to it anyway. So this form of spyware is not going to affect me.

anonymous

12 January, 2005 22:07

Reply Vote