Lately, I've had to delete about half a dozen spam comments from various entries on my LJ & at other communities. They've all shared a commonality: a single embed & link to a YouTube video in Portuguese titled "Camarate: A confissao de Farinha Simoes" or in English titled "Dying call from prison. Details about Portugal Premier Minister air-crash
(
Read more... )
Fast-forward to the past few days: I've been receiving the same video embed in Suspicious comments from LJ accounts, and deleted them after reporting & banning them. I assumed that the spammers were looking for increasing the view-count on the video, for some inexplicable reason. I Googled, as you did, and found luma_chan post & thought "Eureka!" Then, "Oh shit, a rootkit can be hidden in a YouTube video?"
I, too, have been searching for more information on how a trojan can be part of a video file, but no luck. If indeed a rootkit can be buried inside a video file, HOLY CRAP THIS IS A PROBLEM. I mean, embed it in a Lady Gaga music video & it'll spread like wildfire, right? If this isn't a trojan, but just a viewcount-boosting tactic, it's pretty lame.
In any case, the accounts ARE spambots, and it frustrates me that LiveJournal hasn't deleted the accounts by now.
Reply
Reply
So far, I can't find anything about the YouTube video codec being compromised, or embedded YouTube ads being click-jacked. That doesn't mean they're not possible, but I'm still trying to figure out why this sub-species of spambots want us to watch that video, if not to increase the view count. To what purpose? It's so weird.
Reply
Reply
Reply
Leave a comment