Now, they’re using files that look like regular songs or short videos in the Windows Media format to launch pop-up ads and install adware, says PC World.
That’s because a Windows Media DRM “loophole” allows companies to create ersatz media files and link them to adware.
The ads could also be used by hackers and thieves, PC World points out, continuing, “Security experts fear that, for example, criminals could load their own modified media files with keystroke loggers or other software for taking over your PC, and thus steal your passwords or other sensitive information.”
And David Caulton, group product manager for Microsoft Windows digital media division, is quoted as saying, “It’s possible that someone could modify [an existing audio] file after it’s created to point back to their http server.”
PC World says a reader alerted it to an ad-laden Windows Media Audio file, titled ‘Alicia Keys Fallin’ Songs In A Minor 4.wma.
“We then found two other WMA files and two Windows Media Video files that had been similarly modified,” it says, going on that it figured out that each media file loaded a page served by Overpeer and that each of those pages led to the creation of several Internet Explorer windows, “each containing a different ad or adware”.
Owned by Loudeye, it’s one of the entertainment industry’s favourite, and most obnoxious, anti-p2p contractors. And it’s currently earning mega bucks loading thousands of fake files onto p2p networks in the hope of stopping file sharing.
Marc Morgenstern, Loudeye vp and general manager of digital media asset protection, characterized Overpeer’s actions as, “just deserts for people who illegally trade copyrighted works for free,” says PC World.
We wonder how the companies who pay for the ‘sales aids’ feel about the fact Morgenstern apparently considers the ads to be so unpleasant that they make good weapons.
PC World says it contacted Microsoft and the seven ad-serving companies whose ads popped up and, “We’re looking into exactly what’s going on with this file and checking to see if this particular model is in keeping with the licensing terms for Windows Media [Digital Rights Management],” Caulton says in the story.
“We wouldn’t want to endorse anything that involved delivery of content that appears to be one thing, and then something else is delivered.”
Only one of the advertising firms, Kanoodle, responded to PC World inquiries, saying it stringently vets prospective partners. Its president, Lance Podell, emailed PC World, “As in this case, upon detecting or discovering any prohibited distribution activity, we eliminate it immediately.”