Trend Micro have published another excellent article on their malware blog entitled A Tangled Web ... of Malware. It describes how hackers use popular media websites to spread malware and how their methods become more sophisticated by each passing week. The one published on the Trend Micro blog is interesting because of two aspects.
The first is that popular web 2.0 communities, in this case Digg, are being used to spread the malware. A screenshot of a Digg page shows how this is done. The screenshots shows two comments for a not so popular entry and both have a link that seem to point to Youtube at first glance but does not when you look at the link more carefully.
The url is slightly off, instead of youtube it is youtuhe and ynotube. Many users won't recognize it and click on the link which leads to a number of redirects to a fake video site that asks you to download an ActiveX control which infects your computer. The number of redirects before the user reaches the destination is the second aspect worth noting.
I can't stress the importance of looking at links before you click on them. It is likely that these links fool a lot of users into thinking they are pointing to YouTube. You may say it is rather obvious but consider that you can also display a link text, e.g. youtube.com that is different from the web address the link is pointing to.
The only sure fire way of knowing where links lead is to hover the mouse over them to see where they point to in the status bar of the browser.You can alternatively right-click, select to copy the link and paste it into a text document to analyze the link there without running risk of opening it.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.