Cyber-criminals are using accounts that are likely stolen to post comments with links supposedly pointing to videos of celebrities such as Christian Bale, Megan Fox or Jessica Simpson. Users that try to watch these videos will be asked to download a codec. This codec, however, is just a copy of VideoPlay adware.
PandaLabs, Panda Security's malware analysis and detection laboratory, has just released research with evidence proving that Digg.com (www.digg.com), the popular news aggregation service, is being used by cyber-criminals to distribute VideoPlay adware. Criminals execute their attacks by leaving comments on news items related to celebrity videos. On a first analysis, PandaLabs has detected more than 50 profiles leaving these types of comments on Digg.com.
Examples of such comments include:
* "Christian Bale freak out dubbed with video!"
* "Jessica Simpson Hotel Sex Tape"
* "Megan Fox naked NEW SEX TAPE"
These comments include a link claiming to redirect users to the video. Users that click the link are redirected to a page where they are asked to download a codec in order to see the video. If they do so, the adware VideoPlay will be downloaded onto their computers.
VideoPlay adware is in the same category of fake antivirus products. As with all such malware, VideoPlay is designed to run a fake scan of the computer as if it were an antivirus, convincing users that the system is infected with malware. To make its claims more believable, it prevents the system from operating correctly, furthering the impression that it is infected with several strains of malware. It then offers users the option to eliminate the malware using a pay version of the fake antivirus. The aim is obviously to profit from sales of this spoof security solution.
"The profiles used have probably been stolen from their owners, by stealing account passwords. This is another example of how cyber-crooks are using trusted Web 2.0 services to distribute malware", explains Luis Corrons, Technical Director of PandaLabs.
More information is available in the PandaLabs blog: http://bit.ly/zPuk. Images on Flickr are available here: http://bit.ly/LoOe
About PandaLabs
Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security's new security model which can even detect malware that has evaded other security solutions.
Currently, 94 percent of malware detected by PandaLabs is analyzed through this system of collective intelligence. This is complemented through the work of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), work 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients. More information is available in the PandaLabs blog: http://www.pandalabs.com and the Panda Security website: www.pandasecurity.com/usa |
