14 DAY TRIAL // The fake codec Trojans that affected so many websites are back. These days, they are being spread through Google Blogger's pages that host all sorts of content. Yesterday, Alex Eckelberry of Sunbelt informed that an avalanche of fake codecs was discovered on numerous Blogger accounts, which looked similar to the old scams conducted on malicious pornographic websites. Searching for common keywords, such as "NFL playoff bracket video" or "deviled egg recipe video", on Google's search engine, returns a number of Blogger blogs equipped with fake codecs that attempt to deploy Trojan horses on your computer.
"Often, they are seen in porn sites. However, by doing a few simple searches today, we can see that they're available to those simply doing American football pools, checking bank hours or searching for New Year's eve clipart. All of these are taking advantage of the free Blogger service", the Sunbelt official wrote in the blog post published today.
Just like usual, clicking on one of these websites means deploying a fake codec on your computer. "Video ActiveX Object Error: Your browser cannot display this video file. You need to download new version of Video ActiveX Object to play this video file. To download new version of video decoder click Continue", the displayed error message reads.
"Note that I wouldn't put this in the same league as the massive Google poisoning we saw last month. That was an epic attack, using exploits and all kinds of nasty tricks. However, this is something to be aware of, and hopefully the good folks at Google will take them down lickety-split", Alex Eckelberry added.
How can we protect ourselves against these attacks? Well, it's simple: just avoid visiting this kind of websites and, in case you reach one of them, do not download the fake codecs installed on them!