back to article Is that YouTube clip you just watched booby trapped?

Video clips from YouTube might come booby-trapped with malware, security watchers warn. A fake video file containing the Zlob Trojan has been planted on the video-sharing site. If selected, the Trojan bombards infected users with ads. It might also be used to upload other forms of malware onto compromised PCs. According to the …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    more details please...

    Is this a Flash vulnerability, or an EXE file masquerading as a video download, or via user-added HTML markup, or something else?

  2. Antony Curtis

    Not entirely Google's fault if the client will run anything.

    Call me "old fashioned" if you like but in my opinion, if a web server were to host a file with "Content-type: video/avi" and it actually serves a binary executable, I would expect the web browser to display an empty rectangle with perhaps a red X through it with a message saying that the data was corrupted rather than it try to decide what the file was and run it.

    I would expect it to do the same if the data cannot be decoded using only the content-type information as provided by the server and if that information was somehow out of step with the data stream, it should fail and display an error message.

    Alas, I know that this will never happen.

  3. bigfoot780

    files?

    wonder if it in the .flv file or .swf? strange could this burst the youtube bubble.

  4. Neil Anderson

    How many?

    Is it possible for YouTube to automatically scan all uploads for malicious payloads or file types?

    --

    Neil Anderson

    http://www.cyclelogicpress.com

  5. Alan Donaly

    where did it come from

    Flash content is used by advertisers

    every day is this a new threat or an old

    one Google knows about advertising

    they know how to keep this from happening

    notice we haven't

    heard of this before I would think it was fairly

    common if it were easy to accomplish Elreg

    knows all about corrupted ad servers this

    seems like that sort of exploit.

This topic is closed for new posts.

Other stories you might like

Biting the hand that feeds IT © 1998–2022