Fake YouTube sites target Syrian activists with malware

Summary:The Electronic Frontier Foundation (EFF), has recently spotted a fake YouTube site that's serving malware to Syrian activists.

Cyber spies are constantly looking for new social engineering tricks in an attempt to trick anti-government activists in authoritarian regimes to install malware on their PCs.

Some of their tactics include the automatic syndication of relevant content for building blackhat SEO content farms where the bogus content will attract unsuspecting visitors into clicking on malware-serving links.

The Electronic Frontier Foundation (EFF), has recently spotted a fake YouTube site that's serving malware to Syrian activists.

The web site is a combination of a phishing site, and malware-serving site, enticing end user into logging in with their YouTube credentials in order to post comments, or tricking  them into installing a bogus Adobe Flash Player update in order to view the video.

What's particularly interesting about this attack, is the fact that the content has been localized to the native language of the prospective victims. Localization within the cybercrime ecosystem is emerging as a tactic of choice for a huge number of malware-serving malicious campaigns wanting to increase the probability of a successful infection.

Topics: Security, Malware, Social Enterprise

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.