PandaLabs detected more than 400% more examples of the adware VideoPlay in February than in January. The main reason for this is the use of popular Web 2.0 sites such as Digg.com or YouTube to distribute this malware.
On both pages this adware was distributed through comments on news stories (in the case of Digg.com) or videos (with YouTube). These comments claim that users will be able to see pornographic videos if they click on a link provided in the comment. However, users that click the link will be redirected to a page where they will be asked to download a codec in order to watch the video. Users that do this will actually be allowing the adware onto their systems.
VideoPlay is designed to download a worm aimed at stealing email accounts and passwords for accessing different Web services.
This information could then be used to steal new passwords to services such as Digg.com and YouTube and post malicious comments, thereby increasing the infections caused by this adware.
Luis Corrons, Technical Director of PandaLabs said:
This is another example of how cyber-crooks are using the most popular Web pages and social engineering to distribute malware massively. Users should remember that even though they may be visiting trusted websites, they should always be on their guard, and in particular, watch out for sensationalist headlines, as these are typically use to trick users and infect the computers.