Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    October 2014
    S M T W T F S
    « Sep    
     1234
    567891011
    12131415161718
    19202122232425
    262728293031  
  • About Us

    Our honeypots captured spammed email messages, written in Portuguese, supposedly coming from the popular video sharing website YouTube.


    Figure 1. Sample email message (forwarded).

    The message body translates into the following:

    Hello,

    Attention!

    Someone has published a video you appear in, and your name was mentioned in several videos this evening.

    To report, Click Here!

    Watch the video you appear in: (http://www.youtube.com/watch?v=Y6BS8926mVgI)

    Regards,
    YouTube Team

    The text Para denunciar, Clique Aqui!, and the YouTube URL are actually HTML links, which interestingly point the user to a website hosted in Japan. This site then leads to the binary cartaoyoutube.exe, a banker-type Trojan designed to steal information from an infected user’s computer. The pieces of information stolen from affected systems are uploaded to a remote server.

    Trend Micro detects the malware as TROJ_BANLOAD.JC. It further downloads from remote websites several other malicious files commonly related to information stealing activities.

    While the social engineering techniques differ – software updates, celebrity videos, sensational news – YouTube‘s popularity among Internet users remains a popular tool for malware writers and spammers too in trying to influence people towards malware. The name has been used many different times in the past:

    Trend Micro Smart Protection Network already blocks the spammed message and detects all the malware involved in this threat. Users are strongly advised to beware of unsolicited email messages even though they may appear to come from legitimate sources. Clicking links found in these messages almost always leads to malware or to malicious web pages.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    Comments are closed.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice