Cybercriminals Launch Attacks Through Digg

Once again, hackers are using celebrity names in order to get people to download malware onto their PCs. This time, they are using the popular news aggregator Digg, according to PandaLabs threat researcher Sean-Paul Correll’s blog.

Correll told that he found 52 accounts posting news stories or comments with malicious URLs. Many of these accounts purport to be news items about celebrities, including actors Christian Bale and Alyssa Milano, singer Britney Spears and Paris Hilton.

They contain a link to a video about the celebrity that takes victims to one of several sites that downloads the Adware/VideoPlay fake anti-malware, or scareware, package when the user clicks on it, Correll said.

Correll said he alerted Digg about the problem. Digg spokesperson Jen Burton told by e-mail that it has taken action on this issue.

“While we don’t comment on specific accounts in order to protect the privacy of our community, malware accounts reported to us by the community are terminated immediately and all content is removed,” Burton said. “To date, we have terminated more than 300 accounts for malware.”

However, terminating the accounts does not mean the problem has been solved, Correll warned. “We’re sure there’s still some more accounts out there,” he said. “The attackers make scripts that can automatically submit these.”

The Digg attacks download the MS Antispyware 2009 scareware package to victims’ PCs. This pretends to scan the PCs, then tells victims the PCs are infected with malware. It then asks the victim to pay by credit card to have the malware removed.

The scareware distributors may find themselves in Microsoft’s (NASDAQ:
MSFT) gun sights soon, as the vendor recently teamed up with the attorney general of Washington, Rob McKenna, to crack down on scareware.

Correll said the malware distributors are using two tactics – posting fake news stories about celebrities, or commenting on real stories about the celebrities.

Correll said hackers using Digg are also blogging on Blogspot to bolster the credibility of their fake messages and stories. “For example, if they talk about Heath Ledger being naked in the shower, they create a post on Blogspot on that topic,” he explained.

Experts expect more legitimate Web sites to be compromised. A recent study from IBM (NYSE: IBM) said that legitimate Web sites are increasingly likely to be hijacked by cybercriminals.

News Around the Web