Network News

X My Profile
View More Activity

Web Fraud 2.0: Fake YouTube Page Maker Helps Spread Malware

A new Web Fraud 2.0 tool makes it a cakewalk for criminals to create fake YouTube pages in a bid to trick people into installing malicious software.

ytfake.jpg

The YTFakeCreator tool, pictured at right, is a point-and-click program that automates the creation of authentic-looking YouTube pages, minus the familiar video window. This is the version of YouTube visitors see if their browser is configured to block Javascript or Adobe Flash videos (as the Firefox "noscript" add-on does by default) or if the visitor does not have those programs installed.

Even if visitors have both of those programs installed and is not blocking either file format, they will be prompted to install Flash when visiting one of these fake YouTube pages. And, of course, the tool allows the page creator to substitute any nasty file they want for the supposed Flash download.

ytfake2.jpg

According to Panda Security, crooks can use YTFakeCreator to manipulate the error message displayed by the Web page; define how long it takes the message to appear; enter the link to the infected file to be downloaded onto the victim's PC; and create a false profile similar to those one would see on the actual Youtube.com Web site, to add to the illusion that the video has been uploaded by a real user.

In all likelihood, these same fake page creators exist for other major video- and image-heavy Web sites, such as Facebook and MySpace.

Remember this rule of thumb: If you didn't set out looking for a program, don't install it just because a site prompts you to do so. If you want or need a particular program or plug-in, download it from the maker of said program (i.e., for Flash, get it straight from Adobe's Flash download page). Also, be extremely wary of clicking on links that arrive in e-mail, particularly those inviting you to view video or image files.

By Brian Krebs  |  September 12, 2008; 12:50 PM ET
Categories:  Fraud , Latest Warnings , Safety Tips , Web Fraud 2.0  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Fake Antispyware Purveyor Doubles as Domain Registrar
Next: Virginia Anti-Spam Law Overturned, Spammer Walks

Comments

Every internet user should be required to embroider, with his or her own hands, Brian's final paragraph and set up a plaque containing the results beside his or her computer :

Remember this rule of thumb: If you didn't set out looking for a program, don't install it just because a site prompts you to do so. If you want or need a particular program or plug-in, download it from the maker of said program (i.e., for Flash, get it straight from Adobe's Flash download page). Also, be extremely wary of clicking on links that arrive in e-mail, particularly those inviting you to view video or image files.

Alas, it would probably take me a month to do so....

Henri

Posted by: mhenriday | September 12, 2008 3:18 PM | Report abuse

"Remember this rule of thumb: If you didn't set out looking for a program, don't install it just because a site prompts you to do so. If you want or need a particular program or plug-in, download it from the maker of said program (i.e., for Flash, get it straight from Adobe's Flash download page). Also, be extremely wary of clicking on links that arrive in e-mail, particularly those inviting you to view video or image files."

Thanks for raising the awareness on this, Brian. Such intentional deception will likely hurt some people, and it seems we can minimize the casualities only through such education.

(But I've got to wonder about a would-be scammer installing such an app on their machine... wouldn't the original writer try to take advantage of follow-on exploiters too?)

tx, jd/adobe

Posted by: John Dowdell | September 12, 2008 3:27 PM | Report abuse

TO AVOID THE RULE OF 'FINGER'

REMEMBER THIS RULE OF 'THUMB.'

Remember this rule of thumb: If you didn't set out looking for a program, don't install it just because a site prompts you to do so. If you want or need a particular program or plug-in, download it from the maker of said program (i.e., for Flash, get it straight from Adobe's Flash download page). Also, be extremely wary of clicking on links that arrive in e-mail, particularly those inviting you to view video or image files.

DON'T REMEMBER AND YOU ARE DUMB DE DUMB.

Posted by: brucerealtor | September 12, 2008 8:55 PM | Report abuse

>>for Flash, get it straight from Adobe's Flash download page

...except when that simply doesn't work. In that case, you'll just have to find a reliable second source, e.g.:
http://www.filehippo.com/download_flashplayer_ie/4007/

@ John Dowdell:
>>it seems we can minimize the casualities only through such education.

Oh, I dunno; ISTM that your employer could help do its part by--at a bare minimum--disabling JavaScript & ActionScript by default in Flash Player, so that ignorant users can't shoot themselves in the foot and become "casualities".

Running the Flash Player plug-in inside IE's actual security context--including obeying the "Allow programmatic Clipboard access" setting--is a pregnant idea too.
http://msmvps.com/blogs/spywaresucks/archive/2008/08/19/1644990.aspx

Posted by: Mark Odell | September 13, 2008 3:24 PM | Report abuse

The number of ways to cheat,trick and get web browsing public to surf unintended sites are many. But an alert surfer can always get over this by only downloading programmes from the original download site. Dont click on suspicious links and dont respond to emails from unknown sources, however tempting it may be.

Posted by: viabhav | September 16, 2008 9:40 AM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company