Editor's Choice
Analytical Instrumentation & Environmental Monitoring
Data Acquisition & Telemetry
Electrical Power & Protection
Enclosures, Cabling & Connectors
Fieldbus & Industrial Networking
Flow Measurement & Control
Industrial Computer Hardware
Industrial Wireless
IS & Ex
IT in Manufacturing
Level Measurement & Control
Maintenance, Test & Measurement, Calibration
Mass Measurement
Motion Control & Drives
News
Operator Interfaces, Switches & Relays
PLCs, DCSs & Controllers
Pneumatics & Hydraulics
Pressure Measurement & Control
SAIMC
SCADA/HMI
Sensors & Transducers
Smart Home Automation
System Integration & Control Systems Design
Temperature Measurement
Training & Education
Valves, Actuators & Pump Control


IT in Manufacturing



Print this page printer friendly version

Winamp 0-day exploit opens backdoors

November 2010 IT in Manufacturing

Audio files downloaded from file-sharing websites can actually set you up.

On 15 October, the BitDefender labs came across four critical vulnerabilities affecting Winamp 5.x. Shortly thereafter, several exploits piggybacking on these vulnerabilities were spotted in the wild. We will not go into detail about the first three, as they basically need no user interaction beyond loading them into the playlist, so here is a short run of the fourth one.

The 'weapon' used by the cyber-criminals is a malformed MTM file – an audio file format similar to the MOD and MIDI file - distributed to different potential victims as e-mail attachments, or through social networking or peer-to-peer file sharing. Its purpose is to lure computer users into downloading and adding it to their playlist. 

However from this point on, a little bit of social engineering is in demand since, in order for the exploit to trigger its payload, it is mandatory for the user to view the file info in Winamp. This is the action that sets the exploit contained inside the malformed MTM file into motion.

Long story short, as soon as the user views the file information, the exploit will initialise a backdoor service running on port 4444 and it will be ready to take connections from the outer world. The backdoor will be consequently used by an ill-intentioned person to easily gain remote access to your computer with the same privileges as the user running Winamp. 

Here is a short video demonstrating how a connection becomes possible on port 4444 after the user has viewed the file info. http://www.youtube.com/watch?v=ebx5fiSYf6A

BitDefender detects the malformed file as Exploit.Winamp.D and will terminate it before the user is able to load it in the player. In order to stay safe from these types of exploits, you are advised to download files from trustworthy repositories only and never perform any actions on the computer if they have been requested or suggested by persons you do not know or trust.

The technical information in this article is available courtesy of Razvan Benchea, BitDefender malware analyst.

For more information contact Alina Anton, senior PR and marketing coordinator, EMEA & APAC Business Unit, BitDefender, +40 212 063 470, [email protected], www.bitdefender.com





Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Optimising the product design process
Siemens South Africa IT in Manufacturing
OPmobility is partnering with Siemens to adopt its Teamcenter X Product Lifecycle Management software. OPmobility’s increasingly complex products now include electronics and software, to create energy storage systems, which include battery and hydrogen electrification solutions and fuel tanks.

Read more...
Smart milling for resilient, sustainable food production
IT in Manufacturing
As the global demand for food continues to rise due to increasing urbanisation, the milling industry faces the challenge of balancing efficiency with sustainability. Bühler is committed to making milling more energy-efficient while maintaining high operational performance. Its solutions allow mills to reduce energy costs and ensure long-term sustainability.

Read more...
The evolving landscape of data centres in the age of AI
Schneider Electric South Africa IT in Manufacturing
The data centre industry is undergoing a period of rapid transformation, driven primarily by the explosive growth of AI. It’s clear that the demands of AI are reshaping the very foundations of data infrastructure. This isn’t merely about incremental upgrades; it’s a fundamental shift in how we design, power and operate these critical facilities.

Read more...
SA Food Review
IT in Manufacturing
Food Review is a monthly trade journal for South Africa’s food and beverage manufacturing industry, for industry professionals seeking detailed information on trends, technologies, best practices and innovations.

Read more...
Keeping an eye on oil consumption with moneo
ifm - South Africa IT in Manufacturing
Manufacturing companies in the metal industry need oils and other fluids that are consumed by their machines. To make this consumption transparent and to establish a link to the ERP system, Arnold Umformtechnik relies on the IIoT platform, moneo, in combination with the SAP-based software solution Shop Floor Integration (SFI) – both from ifm.

Read more...
AI accelerates energy transformation
RJ Connect IT in Manufacturing
With the rapid expansion of generative AI applications, data centre power demand is reaching unprecedented levels.

Read more...
Revolutionising mining operations with MineOptimize
IT in Manufacturing
Now more than ever, mining and mineral processing companies need to boost productivity, ensure safety, and protect the environment. ABB’s comprehensive electrification, automation and digital solutions portfolio is ideally positioned to meet these challenges across all mining processes, from mine to port, transforming performance in a digital world.

Read more...
Buildings in Africa’s urban evolution
Schneider Electric South Africa IT in Manufacturing
Africa is now an urban continent. How does the continent mobilise to accommodate urban dwellers and maintain and implement critical infrastructure that allows for this expansion? Building management systems provide a tangible solution to optimise resource use, lower operations costs and ultimately contribute to a growing continent that also employs green practices.

Read more...
TwinCAT Vision functionality extended
Beckhoff Automation IT in Manufacturing
The image processing and camera integration capabilities of Beckhoff’s TwinCAT 3 Vision software have been expanded.

Read more...
Automation software to future-proof your operations
Adroit Technologies IT in Manufacturing
As the official partner of Mitsubishi Electric Factory Automation, Adroit Technologies empowers businesses with cutting-edge solutions that reduce costs, improve quality and increase productivity.

Read more...











Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  Hi-Tech Security Solutions
»  Hi-Tech Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd | All Rights Reserved