A new worm, SpreadBanker.A, uses a YouTube video to trick users and spread, according to PandaLabs. The worm has two components. When the user runs the first of these, it connects to the YouTube page and displays a video. The problem is that at the same time it is downloading the second part of the worm.
SpreadBanker.A is programmed to steal passwords entered in several online banks. Similarly, it can steal the login details for a range of games including Age Of Mythology, GTA, Unreal Tournament, WarCraft or Final Fantasy.
It also makes modifications to the Windows registry and creates copies of itself in several folders belonging to P2P file-sharing applications. These copies have enticing names such as “sexogratis” (free sex) or “crackwindowsvista” to attract users of these networks and spread.
The worm also modifies the hosts file to block access to several web pages related with security products.
Source: Panda Software.