When on Digg be careful - gHacks Tech News

When on Digg be careful

Trend Micro have published another excellent article on their malware blog entitled A Tangled Web ... of Malware. It describes how hackers use popular media websites to spread malware and how their methods become more sophisticated by each passing week. The one published on the Trend Micro blog is interesting because of two aspects.

The first is that popular web 2.0 communities, in this case Digg, are being used to spread the malware. A screenshot of a Digg page shows how this is done. The screenshots shows two comments for a not so popular entry and both have a link that seem to point to Youtube at first glance but does not when you look at the link more carefully.

The url is slightly off, instead of youtube it is youtuhe and ynotube. Many users won't recognize it and click on the link which leads to a number of redirects to a fake video site that asks you to download an ActiveX control which infects your computer. The number of redirects before the user reaches the destination is the second aspect worth noting.

digg malware

I can't stress the importance of looking at links before you click on them. It is likely that these links fool a lot of users into thinking they are pointing to YouTube. You may say it is rather obvious but consider that you can also display a link text, e.g. youtube.com that is different from the web address the link is pointing to.

The only sure fire way of knowing where links lead is to hover the mouse over them to see where they point to in the status bar of the browser.You can alternatively right-click, select to copy the link and paste it into a text document to analyze the link there without running risk of opening it.





  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:

    Comments

    1. Grim said on January 11, 2008 at 12:34 pm
      Reply

      People/Bots are getting more and more effecient and tricky when it comes to malware and methods.
      I’ve known about this “trick” a long time, but still a great article Martin!

    Leave a Reply