PandaLabs has released research with evidence proving that Digg.com, the popular news aggregation service, is being used by cyber-criminals to distribute VideoPlay adware.
Criminals execute their attacks by leaving comments on news items related to celebrity videos. On a first analysis, PandaLabs has detected more than 50 profiles leaving these types of comments on Digg.com.
Examples of such comments include:
- “Christian Bale freak out dubbed with video!”
- “Jessica Simpson Hotel Sex Tape”
- “Megan Fox naked NEW SEX TAPE”
These comments include a link claiming to redirect users to the video. Users that click the link are redirected to a page where they are asked to download a codec in order to see the video. If they do so, the adware VideoPlay will be downloaded onto their computers.
VideoPlay adware is in the same category of fake antivirus products. As with all such malware, VideoPlay is designed to run a fake scan of the computer as if it were an antivirus, convincing users that the system is infected with malware.
To make its claims more believable, it prevents the system from operating correctly, furthering the impression that it is infected with several strains of malware. It then offers users the option to eliminate the malware using a pay version of the fake antivirus. The aim is obviously to profit from sales of this spoof security solution.
Luis Corrons, Technical Director of PandaLabs explains:
The profiles used have probably been stolen from their owners, by stealing account passwords. This is another example of how cyber-crooks are using trusted Web 2.0 services to distribute malware.