BKIS Detects Fresh IM PC Worm Spoofing YouTube
The Bach Khoa Internet Security (BKIS) a Vietnamese security company confirms that a fresh PC worm is currently proliferating through Instant Messaging all over the Internet.
In this e-mail campaign, cyber-criminals are apparently employing an extremely smart as well as sophisticated tactic. Moreover, its spam mails arrive in the users' inboxes from friends after the worm infects their computers.
The junk e-mail, reportedly talks about a new film of the sender on YouTube and then reminds the reader about an iPhone4 he got for free as well as that he's about to get a new iPad.
The security company observes that the unsolicited e-mail provides web-links leading onto the form: http://youtube.com%2Ech[censored]config%2Einfo/?video=flash&vid=thr2503. According to it, a not so technically savvy user may think that the link connects to YouTube.com, but actually it doesn't.
As a result, users who follow the link in anticipation of the film get victimized with the cyber-criminals' ploy. The reason being that the landing web-page merely resembles YouTube through one video of human rights propaganda regarding Myanmar, which refers to Tila Tequila, the security researchers from BKIS indicate.
Meanwhile, for watching the video, users are required to take down and execute Adobe Flash Player that's actually a PC virus authored with the basic scripting program Autoit. This virus, according to BKIS is dubbed W32.Faketube.Worm.
Highlights the security company, as soon as the virus becomes loaded onto the target computer, it mechanically creates its own copy on the %Startup% folder while naming it "Adobe.exe." The file then begins to run whenever Windows is booted. In addition, it alters the default configurations on Internet Explorer's homepage and also dispatches spam mails via a number of IM programs like AIM, Yahoo! Messenger, the XP Windows Messenger client and Windows Live Messenger.
Importantly, as per BKIS, the tactics of social engineering, which include telling users to take down Flash Player updates or missing codecs, are frequently employed for disseminating malware, however, the current one, unlike most tricks, is more convincing.
Ultimately, users are recommended that they must load the most recent security software to remain safe from getting infected with the harmful PC worm.
Related article: Bugs Swell In Browsers in 2006
» SPAMfighter News - 25-10-2010