Digital Trends
With e-mail spam filters becoming more and more refined by the day, spammers have had to find new and innovative ways to keep their addresses off of blacklists. Their newest way to worm through: using YouTube.
By exploiting the YouTube feature that allows users to send links to their friends, spammers have found a way to send their own malicious messages from a trusted and unblocked address, service@youtube.com.
If you use Google’s Blogger site, you’d better be careful, because it’s becoming a very dangerous place. Hackers are posting fake entries to a number of blogs there. That might not seem too threatening, but the entries contain links that lead to downloads that are booby-trapped to infect a Windows PC. The malicious links were noticed by security researcher Alex Eckelberry from Sunbelt Software on August 27. Several hundred blogs have been updated with the fake entries. These entries are the work of the same group that have distributed spam with the same text. They try to persuade people into clicking on the links. That downloads the malware onto the computer. Some of the links falsely appear to lead to YouTube, while others claim to be looking for testers of software packages or digital greetings cards. The messages change to capitalize on news events. The group behind the Blogger attack seems to be the same one that’s been sending out hundreds of thousands of spam e-mail messages since January of this year, all with links that can lead to infected computers if the user clicks on them. The first attack was a spam mail that claimed to offer more information about the severe storms seen in Europe in January. This led to the virus used by the gang being dubbed the Storm Trojan. It would appear to be a massive, co-ordinated effort. At some points, it’s been estimated that between 4-6% of all spam e-mail on a given day was Storm Trojan. This, according to speculation, is because the group has managed to hijack so many PCs to add to their total of slaves sending out spam. One estimate is that over a million computers have been infected in the last eight months and made part of a giant botnet. Eckelberry isn’t sure how the fake entries were posted to Blogger. It’s possible that fake accounts were set up, or that the entries could have exploited a feature whereby users can e-mail entries to their blog. There’s been no comment from Google. "The criminals responsible for this spam campaign are experts at exploiting social engineering to propagate their botnets," said Bradley Anstis from security firm Marshal.
Everyone wants to be an insider, and you can be one too! Choose your poison: sign-up for our Newsletter, join us on Facebook, or follow us on Twitter. Do all three and you'll be swimming in the the latest news, reviews, videos and more gadget goodness!
Become a DT soldier! Join us on Facebook and share the best news, guides, videos and other cool information directly with all your friends. Some might even thank you for it!
Join the thousands and follow the best of us on Facebook.
Do you like information in small snippets? Then our Twitter feed is just for you. Follow Digital Trends and you'll be able to catch up daily on our latest content, or even interact directly with our team. Tweet Tweet!
Join the thousands and follow the best of us on Twitter.
That’s Right, Sign-up For Our Monthly Random Prize Drawings and You Could Be That Winner.
