It appears that the cybercriminals behind both of these campaigns aren't giving up just yet, and are currently experimenting with a catchy social engineering attack at YouTube which is once again attempting to serve rogue security software under the disguise of a required media codec.
Here's how the new campaign looks like.
The campaign does suffer from a major weakness, and that's its adult content which YouTube has already -- perhaps automatically -- started removing. The fake codecs used in the campaign act as downloaders for rogue security software, with the cybercriminals earning revenue in the process. Moreover, not only are the Google Video, Digg.com's and this latest campaign launched by the same attackers, but the malware campaigners behind them continue using highly toxic net blocks residing within the Latvian DATORU EXPRESS SERVISS Ltd (zlkon.lv), and the Dutch WORLDSTREAM DBM which makes them fairly easy to keep track of - at least for now.