The "Video" Virus, What Is It?

The "Video" Virus, What Is It?

Mar 2, '11 10:38 PM by Jeff for everyone

As Multiply grows, attracting more members and more publicity, it becomes an increasingly likely target of unscrupulous individuals and organizations engaged in the distribution of malware. Here on Multiply this has occurred in the form of Personal Messages containing what appears to be a video, commonly referred to as the "Video Virus." There have been numerous misconceptions about these attempts to distribute malware, and a lot of misinformation has been spread throughout Multiply resulting in a lot of unnecessary fear and worry. I'll try to clarify what these attempts really are, and hopefully alleviate some of the unfounded fears voiced by many users who have received them.

This is how it starts

You receive notification in your Inbox that you have a Personal Message (PM), most likely from a user name you do not recognize. This should be your first indication that perhaps things aren't what they seem, why would a complete stranger send you a PM with a video in it? Curious, you click the notification to access the Message.

This is a sample message, the bait to the trap.

This is where you see the so-called video, waiting to be played. It's usually accompanied by some sort of message implying familiarity with you, an attempt to trick you into a false sense of security. If it works, you follow the instruction on the fake video and click it because you want to watch it. However, instead of starting the video your click immediately takes you away from Multiply and you end up on a completely different website. This should be a second and even bigger warning that something is wrong.

Why did this happen? It happened because the "video" is not really a video at all, it's a simple animated .gif image similar to glitter graphics and emoticons. This image is a link, just like user headshots are a link. It is usually hosted on other media storage sites, two examples found so far are at yfrog.com andimageshack.com. At this point you are still completely safe, no harm has come to your computer because all you've done is view an image.

You have now entered the trap, get out!

Now you're looking at something like the image above. Another video. Or is it? And the answer is..... *insert drum roll here*.... No, it's not. It's just another image which also happens to be a link. At this point you are still completely safe, nothing bad has happened to your computer. However, should you continue your quest to see this non-existent video that will no longer be the case.

Should you prove unable to resist your own curiosity and end up clicking this second "video" you'll get a little alert window telling you that you need to download a missing codec in order to view the video. Determined to see this elusive video, you start your journey down a very slippery slope by agreeing, and you download the codec. The bad news? It's not a codec, it's malware. Probably a trojan. The good news? You've only downloaded it, you have not installed it. At this point, although you have a dangerous executable file in your computer, you are still safe. You've not installed anything, it can do you no harm.

But you are determined to see this %^&$*& video, so you abandon all common sense and caution, clicking the file you just downloaded. Now you're screwed. You have just installed malware onto your computer. It may be a trojan, a key logger, scareware, or one of a host of other malicious items but whatever it is, it's got you.

So, to summarize, you have to complete the process to infect your computer. Viewing the PM with a "video" in it does nothing bad to your computer. Clicking the fake video and being taken to another site does nothing bad to your computer. Clicking that second fake video does nothing bad to your computer. Downloading the fake codec does nothing bad to your computer. As long as you do not click the fake codec you have downloaded, you are safe, just delete it before you accidentally click it. Should you happen to have been so blinded by curiosity that you simply had to carry out all the steps to see the video you may want to join the Computer Help Desk Group for advice on how to get rid of it.

Hopefully this clears up some of the misconceptions, misinformation and worry expressed during the repeat instances of these attempts to spread malware.

Tags: security