Up to 4 900 videos on YouTube have comments that contain links that point to a web page designed to download malware. This highlights the problem of social networking sites being used to distribute malware. Previous attacks have been detected on Digg.com and Facebook.
"The comments are normally suggestive, claiming that the link will take users to a legal Web page with pornographic content," says Jeremy Matthews, head of Panda's sub-Saharan operations. "However, when users click the link, they are taken to a page that spoofs the original and which is really designed to download malware.
"On this page, users will be prompted to download a file in order to be able to view the video. If they take the bait, users will really be downloading a copy of the PrivacyCenter fake antivirus."
This malware, when run on a computer, pretends to scan the system, supposedly detecting dozens of (non-existent) viruses. It then offers users the chance to buy the paid version of the antivirus to clean their computers. The ultimate aim of cyber-crooks is to profit from the sale of this 'Premium' version.
"The technique of using malicious comments on YouTube is not new in itself but what's alarming is the quantity of links we have detected pointing to the same webpage," says Matthews. "This suggests that cyber-criminals are using automated tools to publish these comments."