Security Attack on Winamp

[Didof3]

An article posted on http://www.ircspy.com titled
RIAA P2P programs, who controls who???

GOBBLES Security was recruited by the RIAA to create, and deploy a virus like app for winamp and other mp3 players.

Check the above link for the full article.

[d0rk]

Heres the article

Quote:

RIAA P2P programs, who controls who??? - [Entertainment Industry]
Submitted by Forcefire on 9/16/2003 12:03:03 AM 7 Comments

Several months ago, GOBBLES Security was recruited by the RIAA (riaa.org)to invent, create, and finally deploy the future of antipiracy tools.
They focused on creating virii/worm hybrids to infect and spread over p2p nets. Until Gobbles became RIAA contracters, the best they could do was to passively monitor traffic. There contributions to the RIAA have given them the power to actively control the majority of hosts using these networks.
They focused there research on vulnerabilities in audio and video players. The idea was to come up with holes in various programs, so that they could spread malicious media through the p2p networks, and gain access to the host when the media was viewed.
During the research, they auditted and developed our hydra for the following media tools:


mplayer (www.mplayerhq.org)
WinAMP (www.winamp.com)
Windows Media Player (www.microsoft.com)
xine (xine.sourceforge.net)
mpg123 (www.mpg123.de)
xmms (www.xmms.org)
After developing robust exploits for each, they presented this first part of the research to the RIAA. They were pleased, and approved them to continue to phase two of the project -- development of the mechanism by which the infection will spread.
It took them about a month to develop the complex hydra, and another month to bring it up to the standards of excellence that the RIAA demanded. In the end, they submitted them what is perhaps the most sophisticated tool for compromising millions of computers in moments.

You can see the headlines now:

interesting read...

[DJHotIce]

dang there in first grade.. What is RIAA gonna do, steal there lunch money?

[ShyShy]

Goddamn bastards just won't quit!

quote from above article:
"They focused there research on vulnerabilities in audio and video players. The idea was to come up with holes in various programs, so that they could spread malicious media through the p2p networks, and gain access to the host when the media was viewed."

Bastards.

[griffinn]

Meh, old news, and a hoax no less.

[laz]

A very nice hoax it is.
But I bet the RIAA would LOVE if it was true.

[Mr_007]

Bad news!