Trend Micro have published another excellent article on their malware blog entitled A Tangled Web … of Malware. It describes how hackers use popular media websites to spread malware and how their methods become more sophisticated by each passing week. The one published on the Trend Micro blog is interesting because of two aspects.
The first is that popular web 2.0 communities, in this case Digg, are being used to spread the malware. A screenshot of a Digg page shows how this is done. The screenshots shows two comments for a not so popular entry and both have a link that seems to point to Youtube at first glance but does not at second.
The url is slightly off, instead of youtube it is youtuhe and ynotube. Many users won’t recognize it and click on the link which leads to a number of redirects to a fake video site that asks you to download an ActiveX control which infects your computer. The number of redirects before the user reaches the destination is the second aspect worth noting.
Related Articles:
Bye Bye DiggNewspond is like an automated Digg 2.0
Manipulating Digg
Why Stumbleupon is better than Digg for Webmasters
Twitter Account Suspended? Be Careful What You Post
People/Bots are getting more and more effecient and tricky when it comes to malware and methods.
I’ve known about this “trick” a long time, but still a great article Martin!