PandaLabs, the malware detection and analysis laboratory at Panda Security, has reported that YouTube’s message sending system is being used by cyber-crooks to spread malware. Criminals are sending messages that seem to take users to a YouTube video.
These messages have subjects such as “ConrhdSchiffer1983 has sent you a message on YouTube”. Whereas the message body is: “spy camera. Are you sure this http://(blocked URL) is your first acting experience?” .
If the user clicks the attached link a malware strain -detected by PandaLabs as Autodelete.G- is downloaded .
“This is another example of social engineering techniques: cyber-crooks make users believe they have been caught on tape from a spy camera in order to trick them into clicking the link to the video. They use popular services such as YouTube to give authenticity to their emails and increase the number of potential victims”, explains Luis Corrons, Technical Director of PandaLabs.
According to PandaLabs, popular social networks and online services such as YouTube will continue to be used to spread malware throughout 2009. Internet users are therefore advised to be extra cautious when using these tools.
The Panda Security laboratory advises users not to reply to any emails of unknown origin or follow the links or attachments they might contain.