Panda Security has revealed that malware creators are using popular social media sites such as Digg.com and YouTube to distribute VideoPlay, a code designed to download a worm aimed at stealing confidential information. The global IT security vendor detected over 400% more examples of the adware VideoPlay in February than in January.
VideoPlay is distributed through comments on news stories (in the case of Digg.com) or videos (with YouTube). You can see an example of this here. The comments claim that users will be able to see pornographic videos if they click on a link provided in the comment. However, users that click the link will be redirected to a page where they will be asked to download a codec in order to watch the video. Users that do this will actually be allowing the adware onto their systems.
Once installed, VideoPlay downloads the worm to the affected computer. The aim of this worm is to spread through the system drives and steal the information stored in the Internet browser, such as email accounts and the login passwords to different web services.
“This is another example of how cyber-crooks are using the most popular Web pages and social engineering to distribute malware on a massive scale,” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “Users should remember that even though they may be visiting trusted websites, they should always be on their guard, and in particular, watch out for sensationalist headlines because these are typically used to trick users and infect the computers.”