Trojanized .MOV Files

[CloneRanger]

Cute

Quote:

Last week, we reported a new kind of attack that uses specially crafted .MOV files and a certain feature in QuickTime to trick users into downloading malware. The said attack raised some questions on how it was done and whether or not an exploit was used. To clear things up, here are the answers to some questions you may have in mind:

Where was this type of threat initially found?

Trend Micro encountered the QuickTime .MOV files from peer-to-peer (P2P) networks such as LimeWire and torrent portals.

What happens when the user opens the .MOV files using QuickTime? How about when using other media players?

*

This threat is similar to the ones that used the PDF /launch feature, as it also used a valid feature for malicious purposes. As in the /launch incidents, the fact that this used a valid feature makes it a more relevant threat. Creating .MOV files that connect to URLs does not require any special technical knowledge and can easily be done. Cybercriminals can thus very easily create a construction kit for this from which malicious QuickTime movies can be easily generated in batches.

http://blog.trendmicro.com/trojanized-mov-files-faq

[funkydude]

I haven't been installing anything made by apple for several years now, not because it was unsecure, but most of it was bloatware. This kind of story just makes me glad I did. Next to it on the "don't install" list is java, adobe reader, and flash is counting it's final days.

OffTopic: MKV all the way!