When on Digg be careful
Trend Micro have published another excellent article on their malware blog entitled A Tangled Web ... of Malware. It describes how hackers use popular media websites to spread malware and how their methods become more sophisticated by each passing week. The one published on the Trend Micro blog is interesting because of two aspects.
The first is that popular web 2.0 communities, in this case Digg, are being used to spread the malware. A screenshot of a Digg page shows how this is done. The screenshots shows two comments for a not so popular entry and both have a link that seem to point to Youtube at first glance but does not when you look at the link more carefully.
The url is slightly off, instead of youtube it is youtuhe and ynotube. Many users won't recognize it and click on the link which leads to a number of redirects to a fake video site that asks you to download an ActiveX control which infects your computer. The number of redirects before the user reaches the destination is the second aspect worth noting.
I can't stress the importance of looking at links before you click on them. It is likely that these links fool a lot of users into thinking they are pointing to YouTube. You may say it is rather obvious but consider that you can also display a link text, e.g. youtube.com that is different from the web address the link is pointing to.
The only sure fire way of knowing where links lead is to hover the mouse over them to see where they point to in the status bar of the browser.You can alternatively right-click, select to copy the link and paste it into a text document to analyze the link there without running risk of opening it.
Advertisement
People/Bots are getting more and more effecient and tricky when it comes to malware and methods.
I’ve known about this “trick” a long time, but still a great article Martin!