Comments in Digg.com used to distribute malware

This is another example of how cyber-criminals are using Web 2.0 to distribute malware: Digg.com (www.digg.com), the globally-popular news and link aggregation service, is being used by cyber-crooks to distribute the VideoPlay adware. They are doing this by leaving comments on news items, supposedly related with celebrity videos.

Examples of such comments include:

Christian Bale freak out dubbed with video!

Jessica Simpson Hotel Sex Tape Megan Fox naked

NEW SEX TAPE

These comments include a link claiming to point to the video. Users that click the link will be redirected to a page where they will be asked to download a codec in order to see the video. If they do so, the adware VideoPlay will be downloaded onto their computers.

VideoPlay is designed to download a worm aimed at stealing email accounts and passwords for accessing different Web services. This information could then be used to steal new passwords to services such as Digg.com and YouTube and post malicious comments, thereby increasing the infections caused by this adware.

On a first analysis, PandaLabs, Panda Security’s laboratory, has detected more than 50 profiles leaving these types of comments on Digg.com.

“The profiles used have probably been ‘stolen’ from their owners, by stealing account passwords. This is another example of how cyber-crooks are using trusted Web 2.0 services to distribute malware”, explains Luis Corrons, Technical Director of PandaLabs.

More information is available in the PandaLabs blog. http://pandalabs.pandasecurity.com/archive/Have-you-ever-heard-the-term-_2200_Rickrolling_22003F00_-Malware-distributors-have_2E002E002E00_.aspx

You can view all the images here: http://www.flickr.com/photos/panda_security/tags/videoplay/

• Feed RSS for Press Release

Since 1990, its mission has been to analyze new threats as rapidly as possible to keep our clients safe. Several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), work 24/7 to provide global coverage. To achieve this, they also have the support of TruPrevent® Technologies, which act as a global early-warning system made up of strategically distributed sensors to neutralize new threats and send them to PandaLabs for in-depth analysis. According to Av.Test.org, PandaLabs is currently the fastest laboratory in the industry in providing complete updates to users. More information is available in the PandaLabs blog.