Malware Being Distributed Through Comments and Posts on Digg and YouTube
March 5, 2009 – 10:20 amAn increasing amount of users are falling victim to malware that is distributed on Digg and YouTube comments and posts.
Lately attackers have been putting up comments and posts on Digg stories and YouTube videos that contain a link claiming to link to a video, usually pornographic, which essentially infects the user with malware. This comes as no big surprise as hackers and cyberthieves are ramping up actives during the slumping economy seeking some type of monetary gain.
We are certain that you are familiar with YouTube and have an idea what Digg is. Digg is a social network designed to allow users to post interesting stories where they may get Dugg-Up if it is a popular subject or post. Digg allows users to post comments with links in them. YouTube allows users to post links within video posts but the spread of malware through comments is not as prevalent as it is with Digg currently. The attackers are promoting malicious links that are promising to be anything from a celebrity video to pornographic material. Many computer users who do not know any better may fall victim to these links where malicious files or programs may be installed or downloaded onto their computer.
From the newly reported malicious links it was found that many of them infect a computer through a process of prompting users to download a codec to view a video. One of the fake video codec downloads was found to be VideoPlay adware which is a worm that steals email logins and other personal information stored on your computer. The worm may further spread through a removable drive where it could infect other machines.
What type of comments or links should you look out for?
Some of the fake titles or story subjects in comments that you should look out for are reported to be of those related to “Megan Fox naked”, “Christian Bale freak out dubbed with video” and “Jessica Simpson Hotel Sex Tape.” The type of comment may vary as the attackers find new subject matter to exploit only to entice users to click on their malicious links.
It is highly advisable that you avoid clicking on links within comments on Digg and also embedded links found on YouTube video pages. Over 500,000 comments on Digg.com alone were found to be malicious. This may be a confirmation that these attackers are using automated scripts to post the comments that contain malicious links. Either way, you must use your gained knowledge so that you are aware of the dangers of clicking links within Digg.com comments and/or YouTube video page links.
Have you ever been redirected to a malicious site or promoted to download a video codec by clicking on a link found in a Digg.com comment?
Nothing really new here. Just more of the same hacker crap. They have malware links on just about everything on the internet now days. You cannot escape them.