Sophos：別下載這些YouTube短片

Don't download that YouTube video!

August 29, 2007 – Sophos, a world leader in IT security and control, has warned internet users about the latest disguise being used by malware authors in their attempt to infect people's PCs: an email claiming to point to a YouTube video.

Experts at SophosLabs™ have proactively protected customers against a wave of malicious emails that pose as links to a YouTube video. The emails, which have a wide variety of subject lines and message texts, all encourage recipients to click on a link to download an online movie.

Subject lines include the following:
Dude your gonna get caught, lol
LOL, dude what are you doing
Dude, what if your wife finds this?
Dude dont send that stuff to my home email
LOL, that is too cool.....
A typical malicious email claiming to point to a YouTube video.

Clicking on a link inside the email will send surfers to a webpage containing a malicious script and a Trojan horse designed to compromise the user's PC and turn it into a zombie.

Clicking on the links in the email takes computer users to a malicious webpage.

Interestingly, the malware that hackers are using to try and infect innocent computer users is from the same families of malware used in the waves of Storm Trojan that wreaked havoc on the internet earlier this year.

“The gang behind these attacks are amongst the most professional we have ever seen - spewing out new variants of their code with multiple disguises in their attempt to infect as many PCs as possible,” said Graham Cluley, senior technology consultant for Sophos. “Clicking on the links in the email doesn't take you to YouTube's real website, but the IP address of a compromised PC. If infected, victims' computers can be used by hackers to steal personal information, spam out malware and junk email, or launch distributed denial of service attacks against innocent parties.”

Sophos products proactively detect the malware as Troj/JSXor-Gen and Mal/Dorf-E, without requiring an update. Users of other vendors' products are recommended to update their protection and ensure that they are defended from the threats.

“Sophos's proactive protection meant that our millions of users won't have been infected by this latest attack,” explained Cluley. “Sophos recommends that everyone on the internet treats security as a priority when they use the web and email, or risk putting their livelihoods at risk.”

Last month, Sophos published research revealing the rise of web-based malware in the first half of 2007. With computer users becoming increasingly aware of how to protect against email-aware viruses and malware, hackers have turned to the web as their preferred vector of attack.