May 23, 2012, 08:46:10 AM
Xtreme Stylez > Support and Tutorials > Security Center > Warning - New tool creates fake YouTube pages for spreading malware.
Pages: [1]   Go Down
« previous next »
  Send this topic  |  Print  
Share this topic on FacebookShare this topic on DiggShare this topic on RedditShare this topic on StumbleUponShare this topic on Twitter Topic: Warning - New tool creates fake YouTube pages for spreading malware.  (Read 719 times)
0 Members and 1 Guest are viewing this topic.
B.SkiLLs
Xtreme Administrator
Resident Badass
*****

Reputation: +56/-0
Offline Offline

Posts: 2365



View Profile WWW
« on: July 25, 2009, 11:25:54 PM »
New tool creates fake YouTube pages for spreading malware.

ref: CNET.COM @ http://news.yahoo.com/s/cnet/20080912/tc_cnet/8301100931003997483

By Elinor Mills, CNET Thu Sep 11, 8:40 PM ET




Cybercriminals are getting more and more business-like. The latest examples involve a tool that automates the creation of fake YouTube Web sites that can be used to deliver malware and password-cracking services for sale.


Panda Security said it has uncovered a tool circulating in underground hacking forums, dubbed YTFakeCreator, that enables anyone to easily create a fake YouTube page that surreptitiously installs a Trojan, virus, or adware on a visitor's computer, said Ryan Sherstobitoff, chief corporate evangelist of Panda Security.

The tool does not spread the video link on its own. An attacker must distribute it via e-mail, FTP, IRC channels, peer-to-peer file-sharing networks or CD.

Once a visitor arrives at the page, a fake error message appears saying that the video can't be played because an important software component, such as a codec or Flash update, is missing. The visitor is prompted to download the software and the malware is installed.

YTFakeCreator makes it easy for even unskilled people to set up an attack. It has a configuration menu that lets the would-be attacker select a warning message to be displayed on the fake video page and properties of the video, among other options. More details are on the Panda site.

"They've really commercialized malware. There's been an upsurge of sophisticated custom-built Trojans that come with service level agreements and tech support sold in underground forums," Sherstobitoff said. "They are renting out denial of service attacks and botnets and selling trading, just like arms dealers, but in this case it's electronic crime."

Meanwhile, IBM's Internet Security Systems said password cracking is also being commercialized and marketed as "password recovery" services.

http://www.pandasecurity.com/homeusers/security-info/about-malware/encyclopedia/overview.aspx?lst=det&idvirus=199609&sitepanda=particulares


----------------
Logged



Pages: [1]   Go Up
  Send this topic  |  Print  
« previous next »
 
Jump to: