YouTube popularity attracting criminals

Enterprises are increasingly using YouTube as their vehicle for hosting internal an external videos. However, researchers at vendor Trend Micro have discovered that criminals are exploiting the popularity of site by finding ways to place malicious ads there in hopes viewers will click on them.

Their tool is an exploit kit dubbed Sweet Orange, which leverages vulnerabilities in Internet Explorer, Java and Flash.

“The ads we’ve observed do not directly lead to malicious sites from YouTube,” the researchers said in a column. “Instead, the traffic passes through two advertising sites, suggesting that the cybercriminals behind this campaign bought their traffic from legitimate ad providers.”

The overwhelming number of victims in a 30-day period were from the U.S., the column adds.

“In order to make their activity look legitimate, the attackers used the modified DNS information of a Polish government site,” says the column. “The attackers did not compromise the actual site; instead they were able to change the DNS information by adding subdomains that lead to their own servers.” At the time of writing how the hackers were able to do this was unclear.

The traffic passes through two redirection servers (located in the Netherlands) before ending up at the malicious server, located in the United States.

Users who keep their systems patched won’t be affected by this attack, says Trend Micro. For example, Microsoft released a patch for this particular vulnerability in May 2013. Still, note that old vulnerabilities are still being exploited by attackers.

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web