Domx
DOM-X, sometimes often referred to as DOM-X, Domx or Domplayer, is a fabricated application program and/or software codec alleged to have the ability to play encrypted and/or otherwise protected media content.
DOM-X is a universally recognized form of malware, capable of execution under the Microsoft Windows platforms. It can allegedly perform an array of undesirable once installed, such as reporting copyright violation.
DOM-X is distributed in two stages: First, the distributors create a fake video file, typically targeting a new cinema release. On execution of the video file, the user will see the following message, or similar:
"CONTENT BLOCKED
This media file can only be played using DOM-X
Please visit goto.sw-archives.com to download"
The second stage of distribution occurs here, where a user visits the given website address and is presented with varying options for software purchase and download.
History
Though it is not clear how this malicious strain of software was first started, some believe it to be the result of anti-piracy groups such as the MPAA and RIAA attempting to enforce copyright laws. A recent entry on isohunt.com says a new copyright enforcement agency called MediaDefender may be the culprit. However, it is unlikely that an official, legal organisation is behind DOM-X.
The first form of this software was circulated around December 2006 when the movie Eragon first debuted in cinemas.
Since December 2006 the distribution of the malware has been far more widespread. It has been observed that P2P software, especially the Bittorrent program, has been the center of the target for this malware. Since it is easy to manufacture a file and make it look legitimate, many false representations of otherwise illegally distributed media have been produced and sent across extensive P2P platforms and masked as real media content.