Cyber spies are constantly looking for new social engineering tricks in an attempt to trick anti-government activists in authoritarian regimes to install malware on their PCs.
Some of their tactics include the automatic syndication of relevant content for building blackhat SEO content farms where the bogus content will attract unsuspecting visitors into clicking on malware-serving links.
The Electronic Frontier Foundation (EFF), has recently spotted a fake YouTube site that's serving malware to Syrian activists.
The web site is a combination of a phishing site, and malware-serving site, enticing end user into logging in with their YouTube credentials in order to post comments, or tricking them into installing a bogus Adobe Flash Player update in order to view the video.
What's particularly interesting about this attack, is the fact that the content has been localized to the native language of the prospective victims. Localization within the cybercrime ecosystem is emerging as a tactic of choice for a huge number of malware-serving malicious campaigns wanting to increase the probability of a successful infection.