Want to see a revealing video about the Gulf oil spill or the NBA Finals? Apparently thousands of Web users do, and many of them are being lured to video sites that look just like Google’s YouTube. But rather than playing the videos immediately, clicking “play” prompts the user to install a “media codec”. When the users accept, their computers are infected with malware.
According to the eSoft Threat Prevention Team, there are now over 135,000 such sites sprouting up all over the Web, many of which can be found by a simple Google search. Because the sites look and feel like YouTube, many users will not check the URL to verify that it actually is the giant video sharing website.
The “media codec” that the users download is actually a trojan that infects the computer and can access sensitive data, even taking control of the entire system. Currently, only 8 of 41 virus scanners are picking up the new malware, although that will probably change as the threat becomes more widespread. People who are concerned about inadvertently visiting one of these sites should use web filters that will detect malware sites and warn them before allowing the browsers to connect.