GoMPlayer contains malware after update

McAfee warns of an infected variant of GoMPlayer, a media player for Windows. The infected versions silently install a backdoor that allows attackers to place malware on the system in the second instance.

The malware in GoMPlayer, a popular media player, goes by the name FBPZ! and has been spotted by McAfee in six variants. It concerns both 32bit and 64bit versions in compromised versions of GoMPlayer. According to McAfee, there are zip files of GoMPlayer in circulation that are already infected, while versions have also been discovered where the malware arrives via a software update.

If FBPZ! infected a Windows system by injecting itself into explorer.exe, the malware opens a port allowing a remote attacker full access to the affected computer. Then all kinds of malware can be placed on the system. It is still unclear how the malware got into circulation.