Malware that creates fake YouTube pages for infecting users

PandaLabs has detected YTFakeCreator, a program used by cyber-crooks to create fake YouTube pages to infect users with malware. The infection method is as follows:  cyber-crooks send an email containing a video with supposedly sensational content (erotic images, death of a celebrity, etc.) and encourage users to click a link to watch the video. This is known as social engineering.

Once they reach the fake page, which is very similar to the actual YouTube site, the user will see an error message informing that they can’t watch the video as a certain component is missing (a codec, an Adobe Flash update, etc.) and prompting them to download it. However, by doing it, they will actually be allowing malware onto their computers.

YTFakeCreator lets cyber-criminals create these fake YouTube pages very easily. They can enter the text for the error message displayed by the web page; define how long it takes the message to appear; enter the link to the infected file downloaded onto the victim’s computer; and create a false profile similar to those in YouTube to pretend the video has been uploaded by a real user.

All this is done with just a single program. The criminal can choose the type of malicious code to be distributed from these fake pages: viruses, worms, adware, Trojans, etc.