A New YouTube Virus
Virus authors are always looking for new methods they can use to spread malware to unwary users. Fewer and fewer users are willing to open attachments unless they’re sure of the content, so that vector is becoming less productive. As a result, they’re turning to infecting legitimate websites via security vulnerabilities.
Another tactic involves forged websites, such as those used by phishers to lure people into divulging sensitive personal data. Hackers have created complete, fully functional copies of bank and brokerage websites and used them to obtain such information for later use. Now another use for forged sites has appeared in the form of fake YouTube URLs embedded in email messages.
Here’s how it works: you get a message from someone, saying “wow dude, check out this kewl video.” A link to what appears to be a YouTube URL is included, and you decide to click on it. Surprise! You’ve been sent to a spoofed site set up by the hacker. Apparently someone is even providing software that helps them create and populate the site. When someone visits the URL, they “see an error message that claims the video they want won’t play without installing new software first.” You can probably guess the rest: the “new software” is actually the virus.
The sneakiest aspect of this dodge is that the user can then be redirected to the actual YouTube URL they expected to see in the first place. This can lull even experienced users into believing nothing bad has happened, when in reality their machine is now infected.
The only good news is that alert users are unlikely to be taken in, presuming they actually check the URL embedded in the message before clicking on it. And that’s the lesson: never click on a link without verifying it first. It’s very easy for a hacker to set up a URL like “http://www.YooTube.com” — i.e. one that looks legitimate at first glance, but doesn’t actually point to the expected destination. Be alert. Be careful. Keep your machine virus-free.