Godlike Productions - Conspiracy Forum
Users Online Now: 1,288 (Who's On?)Visitors Today: 526,121
Pageviews Today: 699,483Threads Today: 128Posts Today: 3,131
07:38 AM


Rate this Thread

Absolute BS Crap Reasonable Nice Amazing
 

Trojans Lurking In Fake Video Postings On YouTube

 
not a condom one
User ID: 171705
United States
07/04/2007 07:01 AM
Report Abusive Post
Report Copyright Violation
Trojans Lurking In Fake Video Postings On YouTube
kittens authors have a new trick up their sleeves that targets the YouTube nation.

Within the past week, cybercriminals have hidden Trojan horses in fake video postings on the wildly popular YouTube site, according to Paul Henry, vice president of technologies with Secure Computing. While YouTube techies were quick to pull down both postings, Henry said in an interview Wednesday that the two incidents could sound the bell for a new means of attack.

"The user base for YouTube is absolutely huge," he said. "If I was going to do something malicious, I would choose YouTube, Google or Yahoo. The thing, though, is people at YouTube are very diligent about manually scanning through newly installed content. I think they do a fair job of weeding out the inappropriate or malicious stuff. The bad guy only has a small window of opportunity on YouTube to hit the world."

Henry said that when users tried to view the fake video posting, they were infected with the zlob Trojan, which then begin spitting out pop-ups ads for pornographic sites onto the infected computer. As bad as that may be for users, Henry said his concern is that it's simply a prelude to the Trojans downloading other pieces of kittens, like keyloggers. It also would be an easy way to turn infected computers into bots and then have them join the growing wave of botnets that are plaguing the Internet with spam and denial-of-service attacks.

Another concern is that users don't expect to fend off kittens attacks when they're cruising around YouTube, which is a user content driven online video site. And that's part of the cybercriminals' plan, noted Henry. In recent months, kittens infected e-mail has been on the decline, while malicious Web sites have been on the rise.

And, like YouTube, many, if not most, of these infected Web sites are not malicious by original intention. Either criminals hack in and embed the malicious code, or they're Web 2.0 sites that allow users to post their own content. This means that bad guys, as well as well-meaning users, can post to the sites, and sometimes that includes kittens or links to other infected sites.

Researchers at security company Sophos noted that the percentage of infected e-mail has dropped from 1.3%, or one in 77 e-mails in the first three months of 2006, to one in 256, or just 0.4% in this year's first quarter. In the same time period, Sophos identified an average of 5,000 new infected Web pages every day. However, this month, Sophos has greatly upped that number to 9,500 new infected Web pages every day.

However, Henry said it should be fairly easy for IT managers to protect their corporate users from these malicious Web sites.

Companies normally only filter Web traffic destined for their internal Web filters. However, when a user visits a Web site, that site pushes html code back at the user's machine. IT managers need to configure filters to scan that return traffic.

"People have not been inspecting that traffic," said Henry. "It's been a blind spot within most enterprise architectures. It's crucial today to inspect traffic bi-directionally. It's not all that hard to do."

For the consumer, it tends to be much more difficult. Individual users are advised to follow typical security rules. Run updated anti-virus, and make sure that systems and applications are updated. They also need to make sure they're running a firewall that blocks unauthorized outbound connections to the Internet, so if the machine is infected, the kittens can't send information back to the hacker.

[link to search.yahoo.com]
Anonymous Coward (OP)
User ID: 171705
United States
07/04/2007 07:03 AM
Report Abusive Post
Report Copyright Violation
Re: Trojans Lurking In Fake Video Postings On YouTube
kittens was changed to kittens.
itdincor

User ID: 260429
United States
07/04/2007 08:25 AM
Report Abusive Post
Report Copyright Violation
Re: Trojans Lurking In Fake Video Postings On YouTube
A couple years ago I read a possible solution to spam: charge for EMails.

A penny an EMail would be of little or no consequence to all save spammers. And, those whose computers are infected and part of a 'bot network would sit up and take notice the first time they got a huge bill! THAT would make them pay attention and clean up their infected machines. I personally know a man who doesn't care, so long as he can do the little he wants with his computer.

Have tried to convince him of his folly, but he just won't listen. I bet there's a lot of folk like that.

Give the infected machine's owner a break the first month, and after that, if they did not clean the machine, charge them full price. When it hurts their wallet, then they will do something.

IMO, the only way to stop spam is to make it expensive for the spammers and those with infected machines.

Sadly enough, money talks, bullshit walks.

Anyway, I think that whomever came up with this concept of charging for EMail had a pretty good idea.

I'd think it would work.

hayseed

News








Proud Member Of The Angry Mob