September 11, 2008

Panda Security Detects Malicious Program for Creating Fake YouTube Pages to Infect Users With Malware

GLENDALE, Calif., Sept. 11 /PRNewswire/ -- Panda Security, a leading provider of IT security solutions, today announced that PandaLabs, Panda Security's laboratory for detecting and analyzing malware, has detected YTFakeCreator, a program used by cyber-crooks to create fake YouTube pages to infect users with malware.

The infection method is as follows: cyber-crooks send an email containing a video with supposedly sensational content (erotic images, death of a celebrity, etc.) and encourage users to click a link to watch the video. This is known as social engineering.

Once users reach the fake page, which is very similar to the actual YouTube site (see image:, they will see an error message informing that they can't watch the video because a certain component is missing (a codec, an Adobe Flash update, etc.) and prompting them to download it. However, by downloading the missing component they will actually be allowing malware onto their computers.

YTFakeCreator enables cyber-criminals to create these fake YouTube pages very easily. They can enter the text for the error message displayed by the web page; define how long it takes the message to appear; enter the link to the infected file downloaded onto the victim's computer; and create a false profile similar to those in YouTube to pretend the video has been uploaded by a real user. All of this is achieved with a single program (image:

In addition, the program allows criminals to choose the type of malicious code to be distributed from these fake pages, including viruses, worms, adware, and Trojans, etc.

"This type of program has led to the increased use of social engineering to infect users. The tools made available to cyber-criminals nowadays force users to take every precaution to avoid falling victim to these attacks," explains Luis Corrons, technical director of PandaLabs. "Also, the fact that the pages used by criminals are very difficult to distinguish from the legitimate pages helps ensure that a growing number of users are infected."

More information is available in the PandaLabs blog:

Check if your computer is infected by this malicious code at the Infected or Not website (

About PandaLabs

Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security's new security model which can even detect malware that has evaded other security solutions.

Currently, 94% of malware detected by PandaLabs is analyzed through this system of collective intelligence. This is complemented through the work of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc.), working 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients.

More information is available in the PandaLabs blog:

About Panda Security

Panda Security is one of the world's leading IT security providers, with millions of clients across more than 200 countries and products available in 23 languages. Its mission is to develop and provide global solutions to keep clients' IT resources free from the damage inflicted by viruses and other computer threats, at the lowest possible total cost of ownership.

Panda Security proposes a new security model, designed to offer a robust solution to the latest cyber-crime techniques. This is manifest in the performance of the company's technology and products, with detection ratios well above average market standards and most importantly, providing greater security for its clients. For more information and evaluation versions of all Panda Security solutions, visit our website at:

Panda Security

CONTACT: Bill Bourdon of Bateman Group, +1-415-602-1491,[email protected], for Panda Security

Web site: