Web Fraud 2.0: Fake YouTube Page Maker Helps Spread Malware

E-mail Facebook VKontakte Google Digg del.icio.us BlinkList NewsVine Reddit YahooMyWeb LiveJournal Blogmarks TwitThis Live News2.ru BobrDobr.ru Memori.ru MoeMesto.ru

[ Replies ] [ Leave reply ] [ Proxy list bulletin board ] [ New Message ]

Posted by Brian Krebs September 12, 2008 at 18:20:46:

In reply:
Web Fraud 2.0: Distributing Your Malware posted by Brian Krebs August 23, 2008 at 10:51:35:

Original text: The allure of cyber crime lies in its promise of quick riches, much like that of the illegal drug trade. But building a network of hacked personal computers that can distribute ..

A new Web Fraud 2.0 tool makes it a cakewalk for criminals to create fake YouTube pages in a bid to trick people into installing malicious software.


The YTFakeCreator tool, pictured at right, is a point-and-click program that automates the creation of authentic-looking http://www.YouTube.com/ pages, minus the familiar video window. This is the version of http://www.YouTube.com/ visitors see if their browser is configured to block Javascript or Adobe Flash videos (as the Firefox "noscript" add-on does by default) or if the visitor does not have those programs installed.

Even if visitors have both of those programs installed and is not blocking either file format, they will be prompted to install Flash when visiting one of these fake YouTube pages. And, of course, the tool allows the page creator to substitute any nasty file they want for the supposed Flash download.


According to Panda Security http://www.pandasecurity.com/ , crooks can use YTFakeCreator to manipulate the error message displayed by the Web page; define how long it takes the message to appear; enter the link to the infected file to be downloaded onto the victim's PC; and create a false profile similar to those one would see on the actual http://www.Youtube.com/ Web site, to add to the illusion that the video has been uploaded by a real user.

In all likelihood, these same fake page creators exist for other major video- and image-heavy Web sites, such as http://www.Facebook.com/ and http://www.MySpace.com/ .

Remember this rule of thumb: If you didn't set out looking for a program, don't install it just because a site prompts you to do so. If you want or need a particular program or plug-in, download it from the maker of said program (i.e., for Flash, get it straight from Adobe's Flash download page http://www.adobe.com/.. ). Also, be extremely wary of clicking on links that arrive in e-mail, particularly those inviting you to view video or image files.


Leave reply:



Subject: Re: Web Fraud 2.0: Fake YouTube Page Maker Helps Spread Malware


Optional link, URL:

Link description:

Optional picture URL:

[ Replies ] [ Leave reply ] [ Proxy list bulletin board ] [ New Message ]