:: Deepquest ::

The growing popularity of online video has caught the attention of malicious hackers and hi-tech criminals. Security firms are reporting more and more instances of booby-trapped Windows codecs – file compressors – required to play some video formats. Some of the codecs let users play types of net-based video, but also have spyware and adware wrapped inside.

Others, say experts, are outright fakes that just want to infect victims with data-stealing programs.
“Everyone is watching movies on their PC,” said David Robinson, UK head of security firm Norman Sandbox, “they are downloading the latest, greatest clips.”

While sites such as YouTube and Revver try to make it easy to watch video online, many of the downloadable clips posted on the web require extra software, called a codec, to play them.

Mr Robinson said many security firms were now logging instances in which spyware and adware firms are turning out software bundles that claim to roll together many popular codecs or just have the one needed to play a particular clip.

Some of the codecs do help to play clips, but others are disguised as a variety of nuisance or malicious programs.

Some rogue codecs plague users with pop-up adverts, while others invisibly install keyloggers that try to grab confidential data.

Anti-spyware firm Sunbelt Software discovered one codec that became a program that found fictitious security problems on a PC and demanded payment to repair them.

Many downloads look benign when scanned with an anti-virus program, but, once installed, download updates from other websites that contain the malicious payload.

more from [url=http://news.bbc.co.uk/2/hi/technology/6100016.stm]BBC[/url]