Porn Forums Distribute Malware
Online attackers have been authoring blog posts for the sake of luring end users into downloading their malware files for some time, but Trend Micro researchers have now discovered entire Web forums that appear to have been created with similar intentions in mind. According to blog posted by Trend researcher Loucif Kharouni on Thursday, the AV specialists' threat analysis labs have already found over 300 individual forums created on ProBoards.com -- a popular forum portal with thousands of sub-categories -- that have been created explicitly in the name of passing along malware. All 300 of the involved forums are adult-themed, and through the attacks, the malware schemers offer forum visitors the chance to view free video files. However, when someone clicks on one of the files being presented, they are redirected to another URL and hit with a Trojan drive-by attack. In some cases the forum pages ask users to download a codec needed to view the videos, but which also loads a Trojan. The malware being delivered via the forum posts also appears to be changed on a frequent basis, Kharouni reported, with the TROJ_FAKEAV.NN and TROJ_CODECPACK.R examples among the most frequent attacks that Trend has already observed being distributed via the involved URLs. The researcher said that malware may also be installed on users' systems when they refresh a page as they are redirected to other Web sites.
|
