back to article Poisoned Angelina flick hits torrents

Cybercrooks have begun using booby-trapped QuickTime files to infect internet pirates' computers. Malicious files posing as the recent Angelina Jolie film Salt are now available on file sharing networks. When users attempt to view these poisoned downloads a prompt is generated offering to download "update codecs" - actually …

COMMENTS

This topic is closed for new posts.
  1. Rob.T
    Thumb Down

    Been done before

    This is nothing new, dodgey QT files have been used for years on file sharing networks. I remeber seeing them back when LOTR 2 towers came out

    1. Dave Bell

      Maybe less common for Apple?

      A few years ago, this was a well-known attack vector on Windows machines. There are a lot of different video players, and the codec situation was more fluid, so a new codec was a plausible requirement.

    2. Anonymous Coward
      Anonymous Coward

      WMP too

      I've experienced this with Windows Media Player and AVI files quite a lot of years ago (7 or 8 if memory serves). It's not all that new an approach.

  2. Anonymous Coward
    Anonymous Coward

    Who the hell...

    ...downloads movies in QuickTime format?

    1. Anonymous Coward
      Pint

      Simples

      The average Joe Public BT user doesn't care about the format, he simply wants the movie. He will attempt to sort out the problems playing it, later on.

      If I saw any video file on BT in anything other than DivX or MKV, I'd be suspicious that it held what it says it does!

    2. Sooty

      Mac users... Maybe?

      But as this only affects quicktime for windows, it will probably only hit the one or two really odd windows users, who actually use quicktime.

      Unfortunately, the insistence on requiring iTunes and quicktime for an ipod/iphone, means that a much larger number of people will be vulnerable to it than would ever install it if they had a choice.

    3. Anonymous Coward
      Anonymous Coward

      They can be sent

      They can be sent, by bands (and alternatively fake bands as per the exploit) who want them broadcast, aired. Quicktime Data disks are a perfect format for replacing miniDV (both are usually mailed for example), meanwhile, it keeps your camera heads cleaner. etc. It also avoids strong magnetic fields which tend to glitch up audio and video. Also if there's no way to mail it, it can be downloaded in an emergency. ;o)

  3. Miek

    I agree with AC

    Who uses Quicktime ?

    1. Anonymous Coward
      Thumb Up

      See above for a simple answer.

      I posted a simple answer, check it out.

      By the way I voted everyone UP not down... ;o)

    2. Anonymous Coward
      Stop

      RE: I agree with AC

      "Who uses Quicktime ?"

      My guess is this:

      1, Apple users

      2, People with an iPod/iPhone

      3, People who have realised that Windows Media Centre is shit and have looked for an alternative...

      (yes there are probably better alternatives)

      btw. Quicktime movies were playable on my AMIGA - at least 13 years ago...

  4. Anonymous Coward
    Jobs Horns

    Apple?

    Who in the hell believes anything Apple has to say?

    Oh yeah, stupid Fanbois! (Not that a non-stupid Fanbois exists, anyhoo.)

    1. Anonymous Coward
      FAIL

      RE: Apple?

      Since the article clearly says "The flaw poses a crucial code injection attack threat for users of QuickTime version 7.6.6 for Windows, security notification firm Secunia warns."

      Then it's WINDOWS fanbois...

    2. Barry Lane 1

      @The REAL AC

      So how are you enjoying the school holidays?

  5. Paul Shirley
    Grenade

    codec packs

    This is why using the more trustworthy codec packs (K-Lite for instance) is a good idea, nothing should need to download a codec and any its pretty obvious there's a scam if it does happen.

    It's a pity so many self appointed 'experts' like to tell everyone that all codec packs are evil.

    1. heyrick Silver badge

      @ Paul Shirley

      Who needs a codec pack? If it isn't an .avi or .mp4 (DivX or H.264), it isn't worth the time getting it...

      1. Anonymous Coward
        Anonymous Coward

        I'm fairly certain

        this one isn't worth the time getting it even in .avi or .mp4.

        As for who still uses quicktime... that's the only way to find pr0n videos that belong in /b/....

      2. Anonymous Coward
        Anonymous Coward

        You raise a pretty good argument.

        can you imagine being on dialup? You would NEVER SEE SALT

        if your lucky you'll wank at the first static frame--hope it isn't blank! ;o)

  6. Dick Emery
    Headmaster

    Guess what?

    You can rename a Quicktime file to .mkv and it will still play usually since most players read the header information.

  7. Mark Eccleston
    Joke

    Apple denies the flaw

    The users are just playing it wrong.

    And if it was a flaw it exists in many other players.

    Press conference to follow.

  8. Anonymous Coward
    Grenade

    Salt's crap anyway

    Saw it at the cinema with the gf... it's not even that good. Wouldn't waste my time downloading it. "Predictable" doesn't even begin to cover it. Not even AJ being the star makes it worthwhile.

    Grenade, for the scene on the barge when she kills everyone with 3 grenades and doesn't get a scratch on her.

  9. Anonymous Coward
    Anonymous Coward

    The target of this

    If you remove the "piracy" stigma, and think, how much longer until free specially crafted .mov are out there.

    The only people this is going to screw up is people who produce video, especially if they work with .mov files, especially if they work in Sony Vegas or Avid with .mov files. Since Sony Vegas users can not update quicktime without breaking .mov support on the timeline. Avid ditto.

    The good news is that if your smart enough to even be working with quicktime and vegas, any nonsense about updating codecs is already going to be a non-starter. How much damage the scripts telling you to update do.... now there's the unanswered question.

    Actually the unanswered question is what did apple do which breaks vegas?

    Apple needs to get their heads out of their asses. They used to kick ass, so who keeps making these crappy decisions for them now? If they keep on this path I give em 10 years to drain the company.

    1. Anonymous Coward
      Stop

      RE: The target of this

      "Apple needs to get their heads out of their asses."

      If you'd read the article, you'd know that it's social engineering trickery... affecting WINDOWS users... They could have claimed the file was an AVI, WMV or anthing they liked.

  10. Anonymous Coward
    Joke

    Oh, Sorry...

    I thought you meant a video of Angelina herself being poisoned. I'd have watched that.

This topic is closed for new posts.

Other stories you might like