Escalating Warfare

Risk Your PC’s Health for a Song? [via The Register]

PC World has learned that some Windows Media files on peer-to-peer networks such as Kazaa contain code that can spawn a string of pop-up ads and install adware. They look just like regular songs or short videos in Windows Media format, but launch ads instead of media clips.

When we ran the files, we noted over half a dozen pop-ups, some attempts to download adware onto our test PC, and an attempt to hijack our browser’s home page. […]

Using a packet analysis tool called Etherpeek, we determined that each media file loaded a page served by a company called Overpeer (owned by Loudeye). That page set off a chain of events that led to the creation of several Internet Explorer windows, each containing a different ad or adware.

Overpeer first made news in mid-2002 by offering its services to record companies looking to stop P-to-P pirates. It creates fake audio files that purport to be popular songs but play only a short loop of the track or an antipiracy message; the file then pops up a window offering the downloader a chance to buy the song. By flooding file-sharing services with spoofed files, Overpeer makes finding real music files more difficult.

Marc Morgenstern, Loudeye vice president and general manager of digital media asset protection, says the files we found come from a different division of the company–one that targets users with promotions or ads based on the keywords those users search for on P-to-P networks or in other venues.

Though the two businesses differ, the result is likely the same–a further reduction in the effectiveness of popular P-to-P networks.

Slashdot: RIAA/MPAA Contractor Deploys Malicious Adware Trojans; Ed Felten’s thoughts – Recording Industry Publishing Infected P2P Files?