/ 10 October 2008

Hackers using fake YouTube pages to attack computers

Computer security specialists warn that hackers are using fake YouTube pages to trick people into opening their machines to diabolical software.

A deceptive YouTube attack evolving as it spreads on the internet is part of a growing trend of hackers to prowl popular online social networking communities in which people trustingly share web links and mini-programs.

“We are seeing tools like this not just for YouTube, but for MySpace, Facebook, America Online instant messaging …,” said Trend Micro software threat research manager Jamz Yaneza on Thursday.

“All the various social networking sites have been hit with some page or another.”

Hackers using the YouTube attack send people links to what are said to be must-see snippets at the Google-owned video-sharing website.

The links, instead, connect to convincingly realistic replicas of YouTube pages and tell people that a software update is needed to view a requested video.

Agreeing to the update lets the hacker install malicious software that could log keystrokes, steal data, or even take over people’s computers, according to David Perry of Trend Micro.

Victims are not likely to catch onto the invasion since the hackers’ software is able to stealthily link to the real YouTube website and play a promised video.

“This works as your typical drive-by download,” Yaneza said of hackers planting malicious software in machines while rerouting online traffic.

“Essentially this can be used as a tool to serve up everything — botnets, key loggers. Visually, you can’t differentiate this from your regular YouTube page, it is done so well.”

While some computer users might be able to spy something unusual about the URL of a bogus page, the safest thing to do is not trust links and instead go directly to YouTube for recommended videos.

“The reason they are using YouTube now is that during the elections we are looking at YouTube a lot,” Perry said of hackers. “It is using social networking software in an anti-social way — anti-social networking.”

Hackers at a recent gathering of software savants in Las Vegas said that social networks are prime places to take advantage of people’s trust.

While people may be wary of links or programs emailed to them by strangers, they eagerly open such offerings from “friends” in social networking communities.

Online evil doers can easily create false social networking profiles and even impersonate people who may be well known or respected. The imposter can then build a network of trusting contacts in online communities.

Estimates are that as much as 40% of social networking profiles are fakes, according to figures cited by Cloudmark, a company specialising in protecting internet messaging systems from spam and hackers.

A poll conducted in the United States in June for Cloudmark concluded that 83% of the people using social networking accounts received unwanted “friend” invitations or messages steering them to dubious websites.

“Friends” are granted access to pictures, message boards, contact lists and other personal data stored in social networking profiles.

“Unfortunately, the very qualities that make social networks successful — the wide variety of communication channels, the openness of the networks and the size of the audience — are also powerful lures for spammers and hackers,” Cloudmark says.

Be wary of taking strangers in as friends at social networking websites and only install trusted applications when customising profile pages with mini-programs, sometimes called “widgets”, according to Cloudmark.

Security specialists say to also limit the amount of personal information revealed to the internet through profile pages.

“Understanding the risks and knowing how to protect yourself is critical to avoiding scams and other threats” said Cloudmark chief technical officer Jaime de Guerre.

“As spammers, hackers and other online criminals broaden their scope to social networks [people] must be especially vigilant and employ safe practices while engaging in online communities.” – AFP