Downloader Trojans Hide in Counterfeit Video Clippings on YouTube
In the third week of June 2007, malware authors posted two counterfeit video clippings on YouTube that popped up porn ads containing trojans to infect users. The malware creators have now discovered a new trick to play on the popular YouTube site, warned Secure Computing, as per the news published by Itnews.com on June 21, 2007.
Paul Henry, vice president of technologies with Secure Computing, said that cyber criminals concealed Trojan horses in fake video films and posted them on the frequently visited YouTube site. The YouTube techies though quickly removed the postings. According to Henry, the incidents could augur a new mode of attack.
Henry further said the Google subsidiary is short of adequate content filtering thus exposing surfers to malicious programs. There is normally minimum expectation of malware in YouTube files. Yet the site is so popular that it entices as a medium for mass distribution of malicious code. The alarming thing from the security standpoint is that users and organizations may be easily convinced thus causing their potentially serious exposure, as reported by The Register on June 20, 2007.
Henry explained when users attempted to watch the video postings a virus called Zlob Trojan infected their computers resulting in a number of pop-up ads canvassing pornographic websites, as published by Itnews.com on June 21, 2007.
While the worse could happen to users, Henry said the most worrying part is that this behavior is the beginning of the Trojan horses downloading more malware such as keyloggers. It could also convert target PCs into bots to build networks of botnets that could inflict the Internet with spam and denial of service assaults.
The best of the firewalls are explicitly designed to safeguard internal web servers while they fail to stop web code returning from external servers. The present threat takes on this trend, added Henry, and The Register published it in news on June 20, 2007.
Companies typically only block web traffic aiming to reach their internal servers. But when a surfer visits a malicious website, it injects html code on the return path to the user's PC. Therefore, IT experts need to build filters for scanning the return traffic.
Related article: Downloading Freebies Could Invite Malware
» SPAMfighter News - 04-07-2007