The Panda Labs blog details how malware is spreading on YouTube comments through the use of “Malspam,” that leads users to malware sites where users are duped into paying for bogus software.
The trap is becoming increasingly common on social sites. According to Panda Labs, Rogue Antivirus, is one of the most prolific malware in today’s threat landscape. PandaLabs has received more Rogue Antivirus samples in Q1 of 2009 than in all of 2008.
Panda Labs discovered about 30,000 “Malspam” comments on YouTube, all pointing to a fake pornography website called “PornTube 2.0”
The comments target people looking for pornography through keywords like kinky, porn, sex, etc.
The PornTube 2.0 site looks like a YouTube page. When clicking on the video, a download box appears for a fake Adobe Flash plugin, which is the malware installer for Adware/Privacy Center.
Once the malware is downloaded it scans the computer and tells the user that their computer is infected. They are then directed to a site where they pay for the bogus software.