Warning: YouTube Could Be Used To Hack Your Computer

Salman — Tue, 12 Jun 2007 16:10:00 +0000

The most viewed online video website YouTube could be used to gain unauthorized control to your computer. The entire exploitation is based on a file named YouTube04567.exe that must be downloaded and executed by a user with administrator privileges. After the malicious file is entirely installed on a computer, it opens a YouTube video called “After World Episode 6″ while, in the background, it downloads other two dangerous files used for stealing information. After the transfer of the sensitive details is completed, your information is uploaded on a HTTP server until it is viewed by the attacker.

“The other day we ran into a new technique that makes and attempt to distract the user into viewing a new YouTube video. The application uses the movie icon when it gets downloaded to the machine but strictly relies on deception to get you to run it.The file is called YouTube04567.exe and was hosted on a web server in the .SU domain (Soviet Union). Although we captured this code through on the web, our guess is that there are email and/or instant messaging lures for this URL in the wild,” mentions the Websense Blog.

One should learn that executable files that are claiming to be YouTube clips can NOT be YouTube clips by any means. Also, keep in mind that YouTube is a clean website and it doesn’t deliver any type of threat; so don’t be afraid that you might get infected while you’re viewing clips on the online video sharing service. Still, try to keep your antivirus updated and your firewall enabled.

Websense has created a video demonstrating the hack in action. Any ironically its uploaded in you tube. Do have a look at it to be clear about the hack.

Tags: youtube bugs

CompuWorld » youtube bugs

Warning: YouTube Could Be Used To Hack Your Computer

Related posts