Digg accounts used to spread codec Malware

by Steve Ragan - Feb 11 2009, 08:05

Researchers have noticed a trend on Digg where criminals and Malware authors are using the comments on popular stories to link users to codec-based Malware. Sean-Paul Correll, from Panda, said that in the examples he has seen, the criminals do not create the content, but use the context of relevant articles to latch onto.

“My initial search identified 52 accounts posting news stories or comments with malicious URI's. The links all point to various fake codec sites, which lead to rogue anti-Malware infections,” said Correll.

Rogue anti-Virus sites are nothing new, neither is the fake codec message used to install Malware. The fake codecs work by attempting to trick a user into installing software on their own, in order to view a video or flash-based movie. Once the codec is installed, the movie often appears along with various Malware or rogue anti-Virus applications, such as MS Antispyware 2009 or XP Anti-Virus.

What makes this emerging vertical attack interesting is that it would appear, from the images taken (see below), that the criminals are using bots, and either creating accounts or hijacking other accounts to spread their malicious links. Another aspect that is of interest is that Digg is the source. The social news community has a habit of taking a blog post or news article and quickly making it viral in nature.

“The profiles used have probably been stolen from their owners, by stealing account passwords. This is another example of how cyber-crooks are using trusted Web 2.0 services to distribute Malware”, explains Luis Corrons, technical director of PandaLabs.

The sad part is, while the Digg community is seemingly an untapped resource for criminals, the methods to grab attention from users and lure them to the malicious sites is the same. Simple, often misspelled or mixed up information, promising sex tapes or new video footage.

The list below is an example of some comment subjects left on Digg [left in their original formatting]:

Pregnant Ujwala Raut in Bikini
megan fox naked secret videos
Sexy Megan Fox having sex Sex Tape, rally nice and hot video
Naked Truth on Celebrity News and Edison Chen Sex Scandal
Heath Ledger naked in shower, playing with herself!!
Breaks Season 4 Episode 9
Emma Watson Nude Video

In the image below the comment reads: "Heath Ledger naked in the shower, playing with herself," and is posted to a relevant story about Heath Ledger.

Credit:Panda Security

While the idea that Digg is being used to spread Malware is bad, the upside is that most of the criminal attempts are so silly that the Digg community will “bury” them without a second thought.

Around the Web