14 DAY TRIAL // The Websense Security Lab released an advisory announcing the popular online video sharing service YouTube is being used in an attempt to steal private information from an affected computer. The entire exploitation is based on a file named YouTube04567.exe that must be downloaded and executed by a user with administrator privileges. After the malicious file is entirely installed on a computer, it opens a YouTube video called "After World Episode 6" while, in the background, it downloads other two dangerous files used for stealing information. After the transfer of the sensitive details is completed, your information is uploaded on a HTTP server until it is viewed by the attacker.
"The other day we ran into a new technique that makes and attempt to distract the user into viewing a new YouTube video. The application uses the movie icon when it gets downloaded to the machine but strictly relies on deception to get you to run it.The file is called YouTube04567.exe and was hosted on a web server in the .SU domain (Soviet Union). Although we captured this code through on the web, our guess is that there are email and/or instant messaging lures for this URL in the wild," Websense mentioned in the security advisory.
Because YouTube's popularity is continuously increased, it's obvious that the attackers are now trying to exploit any YouTube-related aspect and use it for their malicious attempts. However, it is extremely important to avoid opening executable files that are claiming to be YouTube clips as most of the movies are stored on the official page while the downloaded ones have the videos formats. Also, keep in mind that YouTube is a clean website and it doesn't deliver any type of threat; so don't be afraid that you might get infected while you're viewing clips on the online video sharing service. Still, try to keep your antivirus updated and your firewall enabled.