YouTube Video on Kim Jong-il Disseminating Malware

Researchers from ESET a security company based in Latin America have come across a malware program that's getting disseminated through a phony YouTube movie file, seemingly showing Kim Jong-il the dictatorial leader of North Korea as dead, published Softpedia on January 6, 2012.

Moreover, different from previous schemes that actually presented a fake video, the current movie file is genuine as it shows still pictures, though merely a few, while suggesting visitors for watching the remaining part of the movie by going to a website address exhibited within the description.

Essentially about the above videos, researchers say that they found them during the days just following the leader's death and which exploited the natural inquisitiveness of the public. The videos prompt end-users to follow certain web-link so they can see the whole story. But clicking on that web-link produces one fresh page apparently presenting exhaustive television films and shows. Further, it urges for installing certain toolbar associated with the web-browser.

Meanwhile, anyone accessing the website devoid of safeguards may get infected with anything from Trojans that steal data to spyware.

Also, if an end-user proceeds to do the installation, a software program mechanically gets copied to the PC prior of the download manager of the browser noticing one file coming in afresh. This file normally has ad tools, bots or spyware threats that ordinarily give access to target computers via bait for software downloads. The bait, in the current instance, is a promise for accessing well-known TV films and serials online, free of cost.

Now similar of the above malware scam related to Kim Jong-il's death, in December 2011 too, investigators spotted spam mails referring to Jong-il's demise. The e-mails carried a malicious PDF file attached to them that when downloaded and run produced an innocuous PDF file providing information and images of the deceased leader so that the actual behavior of the first file remained concealed on users' victimized PCs.

Conclusively, ESET stated that people considered watching YouTube videos straight onto a website as harmless, but, web-links within their descriptions were a completely separate tale because they sneakily linked up with malware.

Related article: YouTube Videos Link Users to Malicious Web Pages

» SPAMfighter News - 1/14/2012