|
Next revision
|
Previous revision
|
en:racfor_wiki:malware_hidden_in_video_files [2021/01/11 13:33]
rbalufo created |
en:racfor_wiki:malware_hidden_in_video_files [2024/12/05 12:24] (current)
|
| |
| Microsoft Advanced System Format (ASF) allows for simple scripting to be executed. For example, we can execute “URLANDEXIT”, and put some URL with a malicious file and disguise it as a codec necessary to play the video. This way, the user will download the program and the system will be infected. | Microsoft Advanced System Format (ASF) allows for simple scripting to be executed. For example, we can execute “URLANDEXIT”, and put some URL with a malicious file and disguise it as a codec necessary to play the video. This way, the user will download the program and the system will be infected. |
| | |
| | {{ :en:racfor_wiki:a.jpg?600 |}} |
| | |
| We can also redirect the user to an infected URL, but that would be a bit more suspicious and wouldn’t get many users off guard. | We can also redirect the user to an infected URL, but that would be a bit more suspicious and wouldn’t get many users off guard. |
| ===== Examples of vulerabilities ===== | ===== Examples of vulerabilities ===== |
| |
| | {{:en:racfor_wiki:b.png?400|}} |
| |
| ===== Defense ===== | ===== Defense ===== |
| ===== Sources ===== | ===== Sources ===== |
| |
| [1] [[http://books.google.hr/books?id=mFJe8ZnAb3EC&printsec=frontcover#v=onepage&q&f=false|Plass, Jan L., Roxana Moreno, and Roland Brünken. Cognitive Load Theory. Cambridge University Press, 2010.]] | [1] [[https://nvd.nist.gov/|National Vulnerability Database.]] |
| | |
| | [2] [[https://securityintelligence.com/killer-music-hackers-exploit-media-player-vulnerabilities/|Dana Tamir, “Killer Music: Hackers Exploit Media Player Vulnerabilities”, Security Intelligence, 2014]] |
| | |
| | [3] [[https://www.opswat.com/blog/can-video-file-contain-virus#:~:text=Video%20files%20are%20not%20typically,threat%20vectors%20for%20malware%20writers.|Yiyi Miao, “Can a Video File Contain a Virus?”, OPSwat, 2014]] |
| | |
| | [4] [[https://www.blackhat.com/presentations/bh-europe-08/Thiel/Whitepaper/bh-eu-08-thiel-WP.pdf|David Thiel. "Exposing Vulnerabilities in Media Software", iSEC Partners, 2008]] |
| | |
| | [5] [[http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.165.7414|Colleen Lewis, Barret Rhoden, Cynthia Sturton, "Using Structured Random Data to Precisely Fuzz Media Players", Berkeley University, 2007]] |
| |
| [2] [[http://www.google.com/books?id=duWx8fxkkk0C&printsec=frontcover#v=onepage&q&f=false|Mayer, Richard E. The Cambridge handbook of multimedia learning. Cambridge University Press, 2005.]] | [6] [[https://securityintelligence.com/articles/how-video-became-a-dangerous-delivery-vehicle-for-malware-attacks/|Mike Elgan, “How Video Became a Dangerous Delivery Vehicle for Malware Attacks”, Security Intelligence, 2019]] |
| |
| [3] [[http://www.cogtech.usc.edu/publications/kirschner_Sweller_Clark.pdf|Kirschner, P. A, Sweller, J. and Clark, R. E. Why minimal guidance during instruction does not work: An analysis of the failure of constructivist, discovery, problem-based, experiential, and inquiry-based teaching. Educational psychologist 41, no. 2, pp 75-86, 2006]] | |
