CadCrazy
in search of myself
Just a couple of days since being caught in a legal wrangle vs Super Cassettes Industries aka T-Series, and YouTube is again making headlines for abuse by phishers.
According to security major, Trend Micro, it starts with spam containing an obscure thumbnail of what looks like entwined limbs, along with a video description that says, "A touching tale of how two lovers found their heart".
If an unsuspecting user should click on the links within this message, he/she would be led to a page that informs about the necessity to get a new Flash player to be able to view the video.
The user is then redirected to the url:
*www5.youtube.com.site{BLOCKED}.be4koy.com.es/watch/v/install_flash_player.exe.
And, the file "install_flash_player.exe" is offered as download. Trend Micro has detected this file as "TROJ_DROPPER.KAP". The file gets installed as "aspimgr.exe", and immediately starts sending new email messages containing similar such information.
Trend Micro warns that alternatively, users may be duped into providing email addresses, etc, on the login page allowing the spammer to easily harvest valid email addresses.
Trend Micro has advised users to be wary of all such spam messages.
Source
According to security major, Trend Micro, it starts with spam containing an obscure thumbnail of what looks like entwined limbs, along with a video description that says, "A touching tale of how two lovers found their heart".
If an unsuspecting user should click on the links within this message, he/she would be led to a page that informs about the necessity to get a new Flash player to be able to view the video.
The user is then redirected to the url:
*www5.youtube.com.site{BLOCKED}.be4koy.com.es/watch/v/install_flash_player.exe.
And, the file "install_flash_player.exe" is offered as download. Trend Micro has detected this file as "TROJ_DROPPER.KAP". The file gets installed as "aspimgr.exe", and immediately starts sending new email messages containing similar such information.
Trend Micro warns that alternatively, users may be duped into providing email addresses, etc, on the login page allowing the spammer to easily harvest valid email addresses.
Trend Micro has advised users to be wary of all such spam messages.
Source
