Everyone,
The content of this blog will be moving to http://pandalabs.pandasecurity.com. Therefore, you can find new and interesting posts at http://pandalabs.pandasecurity.com or www.pandalabs.com for this point on.
Everyone,
The content of this blog will be moving to http://pandalabs.pandasecurity.com. Therefore, you can find new and interesting posts at http://pandalabs.pandasecurity.com or www.pandalabs.com for this point on.
Last week PandaLabs discovered a new tool for creating fake YouTube video pages as a way of deceiving users into installing malware. The vector for infection is similar to many fake codec based malware attacks seen in recent weeks (CNN, MSNBC, etc). The flexibility of this tool allows anyone to direct the fake Adobe Flash update error to any malicious executable file hosted on any server – this means that essentially a hacker could register several domains in different countries (as seen in the CNN alerts attack) and utilize a bot-net to distribute a mass amount of spam pointing to these fake YouTube pages.
This tool introduces considerable risk to the community as it allows any hacker to easily generate false pages that have the look and feel of authentic YouTube pages and with the right combination of sending out spam, this could cause great damage.
There is another round of spam messages claiming to be a ticket receipt for Southwest Airlines. The message attempts to entice the user into opening an attachment containing the electronic ticket which is actually malware classified as W32/Autorun.AEL.worm. The ploy here is the note that the ticket reservation system has changed and that an account has been created.