Malicious videos open dangerous attack vector

Malicious videos open dangerous attack vector

Summary: Administrators should consider restricting access to sites such as YouTube and MySpace because they have the potential to deliver malware that has been embedded inside video files.Over the past year, a number of serious vulnerabilities have been discovered in the most popular video players.

SHARE:

Administrators should consider restricting access to sites such as YouTube and MySpace because they have the potential to deliver malware that has been embedded inside video files.

Over the past year, a number of serious vulnerabilities have been discovered in the most popular video players. This has coincided with sites such as YouTube, which was recently acquired by Google for US$1.65 billion, becoming increasingly popular. This is a lethal combination, according to security companies.

Both YouTube and MySpace allow their members to upload video files onto a personal homepage, which can then be shared with the general Internet population.

Patrick Peterson, vice president of technology at security firm IronPort Systems, said that unlike more traditional attacks -- where malicious files are attached, or linked to, from spam e-mail messages -- potentially dangerous media files are being passed around by friends and colleagues.

Because the files are from a trusted source, users are more likely to view them.

"[The bad guys] can rely on people going to YouTube and rely on people telling their friends to go to MySpace to get that infection.

"Thing that makes it so dangerous is that your browser is designed to do all sorts of things with active content -- your e-mail program doesn't open up an executable and run it but Internet Explorer will," Peterson told ZDNet Australia.

Last week, antivirus firm McAfee predicted that the increasing popularity of video on the Web will make it a future target for hackers. As people become more reluctant to open e-mail attachments from anonymous sources, hackers will target users who open media files instead, the company said.

The functionality of online video, which includes pop-up ads and URL redirects, will become "ideal tools of destruction for malware writers," claimed McAfee in a statement. "As video-sharing networks on the Web proliferate, the potential capture of a large audience will incite malware writers to exploit these channels for monetary gain."

"In combination, these issues make malicious coders likely to achieve a high degree of effectiveness with media malware," the statement said.

McAfee security analyst Greg Day anticipates that businesses will prefer users not to download video onto work PCs.

"A lot of companies currently have verbal policies [prohibiting video downloads] ... we expect more formal enforcement to come into place," said Day.

Tom Espiner of ZDNet UK contributed to this report.

Topics: Malware, Security, Social Enterprise

Munir Kotadia

About Munir Kotadia

Munir first became involved with online publishing in 1998 when he joined ZDNet UK and later moved into print publishing as Chief Reporter for IT Week, part of ZDNet UK, a weekly trade newspaper targeted at Enterprise IT managers. He later moved back into online publishing as Senior News Reporter for ZDNet UK.

Munir was recognised as Australia's Best Technology Columnist at the 5th Annual Sun Microsystems IT Journalism Awards 2007. In the previous year he was named Best News Journalist at the Consensus IT Writers Awards.

He no longer uses his Commodore 64.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

3 comments
Log in or register to join the discussion
  • Video playback is primarily done in Flash

    I don't think this is an issue for YouTube and MySpace as all videos are played back using the Flash Player. Whether they convert the video on upload or playback, the end result does no suffer these vulabilities.
    anonymous
  • YouTube isn't dangerous (yet?)

    The problems mentioned in the article have nothing to do with flash based video players. Flash players do not contain all of the same issues as the embedded Windows or Quick Time players.

    MySpace my not be safe, but so far, YouTube and Google Video and any other site that uses flash to cover their player should be safe.
    anonymous
  • SecuTech Launched Video Protection Solution-UniKey Video Protector

    SecuTech Launched Video Protection Solution-UniKey Video Protector

    SecuTech Solution Inc, a leader in driverless software protection dongle business, has launched video protection solution-UniKey Video Protector, a comprehensive applications that provides video software vendors a straightforward way to safeguard their video content from piracy and illegal distribution.

    Online video is being increase dramatically, which has led up to the increasing risk of piracy,therefore there are huge requirements to ensure the video content is used by legal users

    UniKey Video Protector intends to protect video/audio files like MPEG, AVI, WAV, RM and RMVB. It is an easy-to-use solution for software vendors who want to sell video data to customers while scared of illegal usage and distribution.

    Just a click, video vendors can easily encrypt video files and send to the end users. In order to play the encrypted file, the end users must insert the correct UniKey dongle to play encrypted files.

    Industries like online education, AV production can fully take advantages of UniKey Video Protector

    SecuTech Solution Inc.

    SecuTech Solutions Inc. is a company specializing in software license management business systems focusing on the international market with their class leading UniKey product range. Having an extensive and in-depth range of experience within the Software Management Licensing market, SecuTech has drawn upon this experience to utilize today's cutting-edge technologies to introduce a COMPLETE and affordable solution for today's software vendor markets worldwide

    SecuTech Solution Inc.
    Sales@eSecuTech.com
    www.eSecuTech.com
    anonymous