Malicious Video Spreads via Multiply;Cross-Border Korean Shelling Leads to FAKEAV

Trend Micro researchers recently discovered attacks on the social networking site Multiply. The cybercriminals behind the said attack created new Multiply user accounts then sent malicious personal messages to other site users.

The personal message contains a greeting with the target?s Multiply user name and a video that the recipient is supposed to watch. Clicking the play button redirects users to the malicious URL http://yourtube.{BLOCKED}

The page then asks the recipient to download a codec to view the video.

These sorts of attacks have been occurring for some time. Users should avoid downloading new codecs to watch videos posted online, as these are frequently malicious.

Screenshots in

Cross-Border Korean Shelling Leads to FAKEAV

News outlets all over the world are talking about the recent cross-border clash between North and South Korea. The shelling, one of the worst incidents between the two countries in years, is naturally being used by the usual criminals behind fake antivirus malware.

Within hours of the incident, certain Korea-related search terms were already poisoned.

Note that the Google preview of the page shows the supposed content of the page. However, if the user clicks on the offered search result, they see these (familiar) pages.

Published Tue, Nov 23 2010 14:09 by donna