Government Technology

Comments in Digg.com Used to Distribute Malware



February 12, 2009 By

Panda Security has just released research with evidence proving that Digg.com, the popular news aggregation service, is being used by cyber-criminals to distribute VideoPlay adware. Criminals execute their attacks by leaving comments on news items related to celebrity videos. On a first analysis, PandaLabs has detected more than 50 profiles leaving these types of comments on Digg.com.

Examples of such comments include:

  • "Christian Bale freak out dubbed with video!"
  • "Jessica Simpson Hotel Sex Tape"
  • "Megan Fox naked NEW SEX TAPE"

These comments include a link claiming to redirect users to the video. Users that click the link are redirected to a page where they are asked to download a codec in order to see the video. If they do so, the adware VideoPlay will be downloaded onto their computers.

VideoPlay adware is in the same category of fake antivirus products. As with all such malware, VideoPlay is designed to run a fake scan of the computer as if it were an antivirus, convincing users that the system is infected with malware. To make its claims more believable, it prevents the system from operating correctly, furthering the impression that it is infected with several strains of malware. It then offers users the option to eliminate the malware using a pay version of the fake antivirus. The aim is obviously to profit from sales of this spoof security solution.

"The profiles used have probably been stolen from their owners, by stealing account passwords. This is another example of how cyber-crooks are using trusted Web 2.0 services to distribute malware", explains Luis Corrons, technical director of PandaLabs.

 


| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Maintain Your IT Budget with Consistent Compliance Practices
Between the demands of meeting federal IT compliance mandates, increasing cybersecurity threats, and ever-shrinking budgets, it’s not uncommon for routine maintenance tasks to slip among state and local government IT departments. If it’s been months, or even only days, since you have maintained your systems, your agency may not be prepared for a compliance audit—and that could have severe financial consequences. Regardless of your mission, consistent systems keep your data secure, your age
Best Practice Guide for Cloud and As-A-Service Procurements
While technology service options for government continue to evolve, procurement processes and policies have remained firmly rooted in practices that are no longer effective. This guide, built upon the collaborative work of state and local government and industry executives, outlines and explains the changes needed for more flexible and agile procurement processes.
Fresh Ideas In Online Security for Public Safety Organizations
Lesley Carhart, Senior Information Security Specialist at Motorola Solutions, knows that online and computer security are more challenging than ever. Personal smartphones, removable devices like USB storage drives, and social media have a significant impact on security. In “Fresh Ideas in Online Security for Public Safely Organizations,” Lesley provides recommendations to improve your online security against threats from social networks, removable devices, weak passwords and digital photos.
View All

Featured Papers