- Security Center
- English ▾
Navigating the Sea of Fake Codecs
The Internet has become a major scene for sharing all sorts of media files. These files may have been compressed using different codecs, some free and some commercial. What is a codec? A codec, in this case, is used to decode compressed data streams in order to make them viewable and audible in a proper player. Watching an AVI (Audio Video Interleaved) video and audio file with compressed data, or other compressed movie formats, may require a proper codec. The amount of codecs out there amounts to a level that makes it hard for common users to find and install the correct one required to play an eagerly awaited sequence of images. The situation gets even more complicated considering that unscrupulous individuals want to transform the common codec-eagerness into cash in, one way or another, by offering fake codecs. Read more below about false codec lures, codecs in general and possible ways to avoid getting scammed-
The Sea of Fakes
Fake codecs provide everything but the satisfying access to adequate digital decompression. These fake codecs are lures that the dishonest net-trollers deploy in order to catch credulous people that fall for their social engineering skills. In the Lavasoft Research department, we work to continuously inform people about new threats. The lure often consists of providing an easy way to watch a particular celebrity video. This can be presented actively via e-mail (where the addressee is spammed continuously with movie offerings) or passively via a compromised website. The enforced drive-by download represents a combination of these strategies. The latter is possible using malicious web-coding and by exploiting vulnerabilities in the users web-browser to enforce fake codec downloads.
Don't Take the Bait
Swallowing the lure may lead to a situation where the user has a severe system infection on their hands caused by hard-to-remove rogue applications or other dropped or downloaded malware. So what is a movie-loving, codec-craving individual supposed to do in the sea of fake codecs? The first step is, of course, always to secure the excursion-vessel in order to make the hunt for codecs as pleasant and secure as possible. A good starting point is to follow available online security guides to patch possible security glitches (in the system, browser, etc.). Securing the system with proper security applications would be another. I would, however, like to emphasize the need of obtaining knowledge in order to be less exposed for the traps laid out by the unscrupulous net-trollers. The trick is to acquire as much knowledge as possible, navigate to the right location in order to get the right codec, and then stick to that winning combination (i.e. something that is malware/adware clean and works well.) Developing - and trusting - a gut feeling for what is safe to install is also essential, but this must be combined with adequate knowledge.
Learning by Example
The following is a possible scenario of how a user could handle a situation where a movie is unplayable due to the lack of a specific codec. (Note: I have chosen to call this a possible scenario, not a recommendation or guide; this is due to the fact that codecs change on a regular basis and a codec or codec pack that is clean from malware at one moment may be infected or ad-infested at another.)
The movie X does not play as a suitable codec is not found on the system. The application Videoinspector (or Gspot) is used to pinpoint which codec(s) the media file in question requires. Both Videoinspector and Gspot (freeware utilities) can also be used to display the codecs that already are installed on a system. Each codec is usually represented by a four character code (FOURCC). Here's a bit more info on some of these codes:
- Xvid, DivX (belonging to the XMPEG-4 Part 2 standard) are commonly used to compress .avi files.
- MPEG-1 is used for Video CDs. MPEG-2 are used for the DVD and SVCD formats.
- WMV (WMV 7-9) stands for Windows Media Video supported natively by the media players from Microsoft.
- Files with the .mov extension are media files encoded in the Apple Quicktime video and audio format. QuickTime files could also be played using the Quicktime Alternative software.
- Files with the .rm extension are Real Media files which have to be played with Real Player (or by using the Real Alternative software).
- Files with the .mp4 extension are encoded in the MPEG-4 format and those could be played in several portable video players.
- Files with the .mpg or .mpeg extensions indicate that the file is either MPEG-1 or MPEG-2 video. If the .mpg or .mpeg files cannot be played with Windows Media Player it may indicate that a DVD software player has to be used in order to play the file.
- Files with the .vob extension indicate that the file is a DVD Video Object file. Those files belong to the MPEG-2 format and are usually stored on DVD discs. The .vob files may be played with a DVD software player or by using Media Player classic with the proper codecs.
The file name does not always show the encoding method, sometimes for example DivX- and Xvid encoded files come with only the .avi extension. In other cases, the file-name itself can provide valuable information that could be used to pinpoint which codec to use.
Audio codecs are, in scope of this article, used to decompress digital audio data to allow the user to listen to the audio track that is accompanying a movie. The .mp3 extension stands for MPEG-1 Audio Layer 3, which is a common container format for audio. Many .avi files may come with .mp3 audio. The .ogg extension usually refers to the Ogg Vorbis audio file format. While .mp3 and .ogg are compressed audio formats PCM audio is a uncompressed audio format (commonly used in audio CDs). MPEG Layer II (.mpa) and AC3 are common audio formats that can accompany DVDs. The .wav extension stands for Waveform audio format which is a Microsoft and IBM audio standard.
The next step is to navigate to a selected, trusted location in order to get the correct codecs. Sites are dynamic in their nature and they change with time which could mean that a former "safe" site could be "malicious" at some other occasion. This is where awareness and use of gut-feelings come in handy. Sites like h**p://www.free-codecs.com/ offer links to many codecs, codec packs and freeware players. The K-lite codec pack is a common freeware codec pack that comes in three versions: Basic, Standard and Full. The Basic version comes with the most common codecs. Keep in mind, there is no need to install all of the codecs out there - only the ones that have been pinpointed with tools like Videoinspector or Gspot. The standard version of the K-Lite codec pack also includes the Media Player Classic which can be used as a media player. Security conscious users may check the codec files by using online scanning services (such as virustotal.com) before installing them.
Users that do not want to deal with separate codecs or codec packs may use the freeware VLC (VideoLAN client) player to play movie files. This client has all the common codecs "built in".
You may be wondering if there is an easy way to remove codecs that are installed on your system. Codec packs are most easily removed by using their uninstaller (as in the case with the K-lite Codec Packs), something that all trustworthy codec packs should come with. There are, however, some instances when it may come in handy to know how to remove codecs
manually. In order to uninstall codecs manually navigate to Start - Settings - Control panel and then to System. In the System Properties, click on the Hardware tab and then on the Device Manager button. In the Device Manager, expand "Sound, video and game controllers". Clicking on the Audio Codecs opens the Audio Codecs Properties and clicking the Properties tab in that interface presents a list of the Audio Compression Codecs that are installed on the system. Now the user may remove or enable/disable a selected codec from the list. Video Codecs can be handled in the same manner by choosing "Video Codecs" from the Device Manages under "Sound, video and game controllers".
Simple Codec Tips & Tricks
I hope that this article has shed some light into the comprehensive and often misunderstood area of codecs. Here are three important things to remember:
- NEVER download codecs on the fly. The same is true for when you're prompted to add obscure codecs automatically in order to be able to watch some spectacular movie.
- If it sounds to be too good to be true it probably is. Most of the online movie offerings stating to be movies of nude celebrities are just lures that are laid out to trick gullible surfers. McAfee has, by the way, listed the names of the most dangerous celebrities in Cyberspace, to the article, showing that the names of famous celebrities are frequently used to trick users to download malicious content on the Internet.
- Get the knowledge you need in order to be aware of the tactics used by unscrupulous codec scammers!