Nothing earth-shattering, but worth a mention anyway. I've noticed a couple of blogs pushing security blog feeds are also hawking pretend Youtube vids:
When the videos are clicked, you'll find your browser vanishes down onto the taskbar, replaced by this sitting in the middle of the screen:
Once you click the popup box away, you're confronted with this:
Click to Enlarge
...a randomly selected rogue antivirus product. From here on it, any and all attempts to get rid of this page results in an endless barrage of popups, scare tactics ad hilariously lame warning messages (note the first one is called a "Security Update"):
Wow, they just get more and more hysterical, don't they?
The site to block that's pimping the fake videos is
thoughtcrime(dot)blogtodo(dot)com
Click to Enlarge
When the videos are clicked, you'll find your browser vanishes down onto the taskbar, replaced by this sitting in the middle of the screen:
Once you click the popup box away, you're confronted with this:
Click to Enlarge
...a randomly selected rogue antivirus product. From here on it, any and all attempts to get rid of this page results in an endless barrage of popups, scare tactics ad hilariously lame warning messages (note the first one is called a "Security Update"):
Wow, they just get more and more hysterical, don't they?
The site to block that's pimping the fake videos is
thoughtcrime(dot)blogtodo(dot)com
Christopher,
After reading this article, I was wondering if you have noticed a significant presence of spam forums using similar techniques lately? I run a free forum host and I notice every once in a while a forum is created where the admin uses a javascript redirect code to hijack / redirect the visitor from the forum's URL on my server to similar sites as mentioned above pushing fake video files. Of course I delete anything I find right away, however I was wondering if you noticed at all a trend of forums on free forum hosts being hijacked / redirected to these spam blogs or malicious websites?
Thanks,
BMR777
Hey! I've heard a few people mention something along these lines but not seen an example of it - if you have any, feel free to email me
paperghostATvitalsecurityDOTorg
and I'll try and check it out before you delete it (or failing that, grab some screenshots and send them my way too, this sounds pretty interesting).