Fake YouTube Installs OS X TrojanDNSChanger

".. I clicked on a normal-looking link to a BlogSpot blog. Instead of taking me to the blog it took me to a website that looks 100% identical to a YouTube page. Where a video would normally start playing it instead said "Video ActiveX Error" and a DMG entitled "1234" that was approximately 750kb automatically downloaded to my computer."

Question: How did you get that link ?

Answer: I found it on the wall of a Facebook group. [Read MacRumors Forum]

~~ooOOoo~~

TrojanDNSChanger for Mac is getting in the wild and it is desperately trying to get into users by using channels with wide or massive audience such as social networks.

This incident has been around for a week where a malicious link will redirect users to a Fake YouTube website and without user intervention it automatically download a DMG file, which is the Trojan DNSChanger for Mac.

**Take Note: The installer filename changes everyday.

The installer name usually displays: "MacVideo" or "Porn4Mac".

Although this trojan requires manual installation, it is still possible that some Mac users will get hooked to this trick.

Always be on the look-out for this type of dodgy websites.

MySpace Spammers Are Back

What is Crowdguard.com ? This is the question asked by MySpace user after getting a message from a friend telling her to visit this site.

You need to login your MySpace email address and password to view your pictures. For some people this site seems harmless, but behind this page the objective is to lure people in giving out their Myspace credentials.

Once you give your login credentials, a cgi script will take these informations to a remote server.

And, this message box will pop-up.

To make the story short, the user will not be able to see any pictures - because there's none. This site is phising for your login details so a remote attacker could use it and send spam bulletins or messages to your MySpace friends. It also generates web traffics for all visited sites.

Similar to Crowdguard is Stalkertrack.com. This site promises for free tracking tool that will let you track or "stalk" all profiles that visits your Myspace page.

Once you entered your MySpace login details, this spammer will start using it to spam your friends.

Not only that, your email address and password are sent to multiple IP addresses in clear text form.

**Note: IP address may change.

Do you wonder how many spams were already created in Myspace?

There are 4 million generated post relating to StalkerTrack and this number will keep increasing if more and more vulnerable MySpace users will get deceived by this trick.

Stay away from these sites!