Tuesday, August 28, 2007

Storm worm spam spoofs YouTube

I've been receiving Emails that says stuff like :

Dude I know thats you, someone emailed me a link to the video. go look at it... http://www.youtube.com/watch?v=iG9RLGJX9mY

OMG, what are you doing man. This video of you is all over the net. see for yourself... http://www.youtube.com/watch?v=78MmCPFJpQo

Since the link looks exactly like it's coming from youtube.com it can trick you to click on it. But when I moved my mouse over the link, it showed a different URL. Although in this example I didn't post the links that showed up in the Emails I received since I don't want anyone to go to that site even accidentally! I replaced them with http://no-links-here.com. If you move your mouse over the "youtube.com" links, you will see the fake link on the bottom of your browser on the far left.

Below is what I found about this Scam:
By Cara Garretson, Network World, 08/27/07

New spam trick rides on popularity of YouTube Web site

A spam blast released over the weekend invites recipients to see themselves in a YouTube video, but the included link directs them to a Web site that downloads a package of a dozen different pieces of malware.

According to Exploit Prevention Labs, the link in the spam message looks like a YouTube link, but is to a site that downloads the Q4Rollup package, an encrypted collection of keyloggers, spyware, rootkits and other malware.

Visitors to the site are directed to download software to view the video, at which point the malware is transferred to their PCs.

The storm worm, a Trojan horse that secretly infects PCs and turns them into members of a botnet that attacks other PCs, has been busy of late. First detected in January, the malware has been used in the last few weeks in a confirmation spam scam and has also been leveraged in blogs and Web message forums.

[Taken from NetworkWorld.com]

No comments: