Video virus, or I have not watched a movie

Foreword

It was an ordinary spring day — schoolchildren returning home were noisy in the courtyard, somewhere in the distance a speeding carrier drove along in the distance. After a hearty lunch, the body was in a state of semi-sleepers, and the end of the fresh “The Big Bang Theory” series pumping to the end promised a pleasant pastime. In a word, nothing disturbed the idyll, and the usual paranoia on the subject of security went into standby mode. And, as practice has shown, in vain ...

Kinah won't

At first glance, the video file looked perfectly normal: the size, name, and time of appearance were completely in line with reality. Is that the extension was wmv instead of the more familiar avi, but this did not seem to be a serious problem. The problems began when trying to open the file - Light Alloy immediately stated that it was unable to play the video, so it was decided to feed the Windows Media Player file. WMPlayer honorably coped with the task entrusted to it and immediately identified the problem - the need to verify the license; and immediately began to aggressively ask the network.

The desire to enjoy the most important of the arts already overcame everything else and the player was allowed to solve the problem. To solve it, WMP offered to download the license from the site with the quite harmonious name license.compress.to, although now the license was called an audio codec. And when the antivirus raised the alarm when downloading the “codec-license” all hopes melted away and it became finally clear that there would be no kin.

Infection mechanism

As you already understood, the video file is actually a dummy, intended only for infecting a computer with a rootkit, which is far from determined by all antivirus programs. Freshness of malicious code, coupled with an interesting and unusual way of infection gives a high probability of infection. By the way, on the same "site" there are several more modifications of the malicious code for various occasions - apparently, the author has really rich imagination.
')
So do not forget that even trustworthy programs can offer you to pick up a virus - be careful and do not forget to protect yourself.