Fake YouTube pushes out Trojan disguised as plugin

It could happen to anyone. A click on a link posted by a compromised Facebook account or in an e-mail sent from an e-mail account of a friend who got phished, and you’re on a spoofed page imitating a video sharing site.

Once on it, a Java applet keeps popping up and asking you to run it so that you can view the video you followed the link to see.

And if you aren’t aware that most video sharing sites use Adobe Flash to play them, you will likely fall for the request of installing an unsigned application or codec.

BitDefender researchers have recently discovered such a page:

In this particular instance, the application the site asks the user to run is a generic downloader Trojan that, once installed, will get in touch with its C&C center and download more malicious files that can make it spy on your chat conversations, make your computer part of a DDoS botnet and redirect your search queries to further malicious sites.