Panda Security, a leading provider of IT security solutions, announced that PandaLabs, Panda Security's laboratory for detecting and analyzing malware, has detected YTFakeCreator, a program used by cyber-crooks to create fake YouTube pages to infect users with malware.
The infection method is as follows: cyber-crooks send an email containing a video with supposedly sensational content (erotic images, death of a celebrity, etc.) and encourage users to click a link to watch the video. This is known as social engineering.
Once users reach the fake page, which is very similar to the actual YouTube site (see this image), they will see an error message informing that they can't watch the video because a certain component is missing (a codec, an Adobe Flash update, etc.) and prompting them to download it. However, by downloading the missing component they will actually be allowing malware onto their computers.
YTFakeCreator enables cyber-criminals to create these fake YouTube pages very easily. They can enter the text for the error message displayed by the web page; define how long it takes the message to appear; enter the link to the infected file downloaded onto the victim's computer; and create a false profile similar to those in YouTube to pretend the video has been uploaded by a real user. All of this is achieved with a single program, see this image
In addition, the program allows criminals to choose the type of malicious code to be distributed from these fake pages, including viruses, worms, adware, and Trojans, etc.
This type of program has led to the increased use of social engineering to infect users. The tools made available to cyber-criminals nowadays force users to take every precaution to avoid falling victim to these attacks," explains Luis Corrons, technical director of PandaLabs. "Also, the fact that the pages used by criminals are very difficult to distinguish from the legitimate pages helps ensure that a growing number of users are infected."
More information is available in the PandaLabs blog. Check if your computer is infected by this malicious code at the Infected or Not website (http://www.infectedornot.com)
About PandaLabs
Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security's new security model which can even detect malware that has evaded other security solutions.
More information is available in the PandaLabs blog: http://www.pandalabs.com
About Panda Security
Panda Security is one of the world's leading IT security providers, with millions of clients across more than 200 countries and products available in 23 languages. Its mission is to develop and provide global solutions to keep clients' IT resources free from the damage inflicted by viruses and other computer threats, at the lowest possible total cost of ownership.
|
