• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Important: New Malicious Code That Utilises Youtube Brand

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Anonymity // Privacy // Spam

View previous topic :: View next topic  
Author Message
Ltangelic
Just Arrived
Just Arrived


Joined: 28 Dec 2007
Posts: 0


Offline

PostPosted: Fri Dec 28, 2007 1:32 pm    Post subject: Important: New Malicious Code That Utilises Youtube Brand Reply with quote

Just wanted to alert you guys on this news I read about:

Websense Security Labs ThreatSeeker has received reports of new malicious code that utilizes the YouTube brand to lure users into running the code.

The attack begins with an email lure written in html that invites users to view a video from YouTube. Upon connecting to the site, users are directed to a page that resembles the real YouTube site. The page then reports that the video cannot load and attempts to dupe users into downloading and installing a flash player.

In what could be a disturbing sign of things to come, the site is hosted on a server that has hosted more than one hundred Phishing sites over the last 4 months. This server is managed by the infamous "Rock Phish" group, which is the largest phishing gang on the Internet and which is responsible for the majority of Phishing URL's.

Additionally concerning is the potential for Rock Phish to add malicious code to its attack arsenal in conjunction with standard Web forms on bogus sites.

The file is called "install_flash_player.exe," is 1.2 Mb in size, and has an MD5 of "fb38066c348aaf5bf0d6513a2e635490."

The Web site URL (with part of the address stripped out for protection) is: "www5.youtube.com.site670221.X.X/watch/v/install_flash_player.exe"


Email screenshot:



Malicious website screenshot:



Be on your alert guys.

Lt
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Anonymity // Privacy // Spam All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register