Fake Video Codecs and Fake AVs Bundled in a Single Attack

Even though fake antivirus products advertised on shady websites have represented a successful attack vector, cybercriminals are beginning to rely on other strategies to launch their malicious campaigns. Video codecs that are allegedly needed to watch scandalous or outrageous videos are at the core of the latest schemes.

Zscaler experts report that they even discovered a website that employed both of the methods.

At first, the visitor is greeted with a message warning him on the fact that he needs to download a video codec in order to view the video from the page. The so-called codec, represented by a file called codec.exe actually installs a fake AV that keeps warning the user of factitious threats.

To remove the threats, the victim is required to activate the product or purchase a premium version, both variants requesting the user to pay a certain amount of money.

Internet users are advised to download codecs only from trusted locations and if still the video won’t work, it may indicate the presence of a malicious plot.