Feeds

back to article Is that YouTube clip you just watched booby trapped?

Video clips from YouTube might come booby-trapped with malware, security watchers warn. A fake video file containing the Zlob Trojan has been planted on the video-sharing site. If selected, the Trojan bombards infected users with ads. It might also be used to upload other forms of malware onto compromised PCs. According to the …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

more details please...

Is this a Flash vulnerability, or an EXE file masquerading as a video download, or via user-added HTML markup, or something else?

0
0

Not entirely Google's fault if the client will run anything.

Call me "old fashioned" if you like but in my opinion, if a web server were to host a file with "Content-type: video/avi" and it actually serves a binary executable, I would expect the web browser to display an empty rectangle with perhaps a red X through it with a message saying that the data was corrupted rather than it try to decide what the file was and run it.

I would expect it to do the same if the data cannot be decoded using only the content-type information as provided by the server and if that information was somehow out of step with the data stream, it should fail and display an error message.

Alas, I know that this will never happen.

0
0

files?

wonder if it in the .flv file or .swf? strange could this burst the youtube bubble.

0
0

How many?

Is it possible for YouTube to automatically scan all uploads for malicious payloads or file types?

--

Neil Anderson

http://www.cyclelogicpress.com

0
0

where did it come from

Flash content is used by advertisers

every day is this a new threat or an old

one Google knows about advertising

they know how to keep this from happening

notice we haven't

heard of this before I would think it was fairly

common if it were easy to accomplish Elreg

knows all about corrupted ad servers this

seems like that sort of exploit.

0
0
This topic is closed for new posts.