Experts of anti-virus laboratory PandaLabs have faced the next example of use of services Web 2.0 for distribution of malware: a wide-popular public news resource Digg.com (www.digg.com) has been used by cyber-criminals for distribution of a free advertising product with the information on a video game. Criminals left comments on pages with news at which there were references to video with known people. Examples of such comments include following phrases:
Christian Bale freak out dubbed with video!
NEW SEX TAPE
In comments there was a link to a videofile. To users who tried to look the video, were offered to load the codec for video viewing. If they agreed to load it, the free advertising product with the information on video-game was loaded on the computer. The given kind harmful advertising concerns a category of fake anti-virus products. As well as in other similar cases, video-game is designed so that to carry out start of false scanning of the computer (as if it is an antivirus) and to assure the user that the system is infected by any type malicious software. For persuasiveness the program breaks operating system work, making false impression that the personal computer is really infected by several harmful programs. Then the program suggests the user to eliminate a malicious code by means of the paid version of a fake antivirus. The obvious purpose here is reception of benefit from sales of the counterfeit decision of safety.
After the first check, Panda Security laboratory has found out more than 50 profiles of the users leaving “harmful” comments on Digg.com. “Profiles were used, probably after the data of their owners has been stolen. The case in point represents one more example of how cyber-criminals use proved services of services Web 2.0 for distribution malware”, – Luis Korrons, the Technical director of laboratory PandaLabs explains.