When viewed, clips on the site activate a Trojan Horse via a file called “YouTube04567”, which is then downloaded onto the user’s PC.
The payload code is an information stealing Trojan Horse which is designed to grab information from the user’s PC. It then uploads any sensitive information from the user’s PC to an undisclosed remote location.
“Although Websense has captured this code on the web, it is highly likely that there are still emails and/or instant messages spreading malicious YouTube URLs in the wild,” said Websense.
Websense has created a video of the code in action, and has posted it onto the YouTube website in order for users to better understand the nature of the attack.
Comment on this article: firstname.lastname@example.org