PandaLabs, Panda Security's laboratory for detecting and analyzing malware, has detected YTFakeCreator, a program used by cyber-crooks to create fake YouTube pages to infect users with malware.
The infection method is as follows: cyber-crooks send an email containing a video with supposedly sensational content (erotic images, death of a celebrity, etc.) and encourage users to click a link to watch the video. This is known as social engineering.
Once users reach the fake page, which is very similar to the actual YouTube site, they will see an error message informing that they can't watch the video because a certain component is missing (a codec, an Adobe Flash update, etc.) and prompting them to download it. However, by downloading the missing component they will actually be allowing malware onto their computers.
YTFakeCreator enables cyber-criminals to create these fake YouTube pages very easily.
They can enter the text for the error message displayed by the web page; define how long it takes the message to appear; enter the link to the infected file downloaded onto the victim's computer; and create a false profile similar to those in YouTube to pretend the video has been uploaded by a real user. All of this is achieved with a single program.
In addition, the program allows criminals to choose the type of malicious code to be distributed from these fake pages, including viruses, worms, adware, and Trojans, etc.