Security software supplier Panda Software has reported the appearance of two new Trojans which take advantage of the digital rights management protection offered by new versions of Microsoft’s Windows Media Player.
The Trj/WmvDownloader.A and Trj/WmvDownloader.B Trojans are spreading across P2P networks, such as Kazaa and eMule, in video files, causing users to inadvertently download adware, spyware and viruses.
Windows Media Digital Rights Management (DRM) is designed to protect the intellectual property rights of multimedia content. When a user tries to play a protected Windows media file, this technology demands a valid licence.
If the licence is not stored on the computer, the application will look for it on the internet, so that the user can acquire it directly or buy it.
This new technology is incorporated through Windows XP Service Pack 2 and a Windows Media Player 10 update.
The video files infected by these Trojans have a .wmv extension and are supposedly protected by licenses issued by the companies "overpeer" (for Trj/WmvDownloader.A), or "protectedmedia" (for Trj/WmvDownloader.B), said Panda. If the user runs a video file that is infected by one of these Trojans, they pretend to download the corresponding licence from certain web pages.
However, what they actually do is re-direct the user to other internet addresses from which they download large amounts of adware, spyware, dialers (applications that dial-up high rate phone numbers) and viruses.
The discovery of such Trojans will be a further incentive for companies to stamp out the use of P2P networks among users on corporate networks.