Original URL: http://www.theregister.co.uk/2006/11/08/fake_myspace_vid_installs_zango/
Bogus YouTube clip installs Zango Cash
Mucky video
Posted in Security, 8th November 2006 16:54 GMT
Watch Now : Virtual Machine Movement with Hyper-V
Security researchers have discovered a number of user pages on MySpace containing what appear to be YouTube videos that come bundled with a Zango Cash adware installer, an application that loads intrusive pop-up advertising software onto infected PCs.
Users curious about the Windows Media videos are directed to a site called "Yootube.info". The site - which is nothing to do with the Google owned naff clip site - has a picture of a scantily clad young woman on its front page.
Surfers lured onto the site via the MySpace link are invited to accept an end-user licensing agreement in order to watch the video. If the user accepts, the video downloads while covertly attempting to install Zango Cash, net security firm WebSense reports [1]. The attack uses a type of Windows DRM loophole previously used [2] to spread Trojans and other malware.
Last Friday, the US Federal Trade Commission reached a settlement with Zango (PDF [3]) over complaints about sneaky adware installs made by its affiliates. Zango (formerly know as 180Solutions) agreed to pay $3m and to be bound over by an agreement to make sure its widely criticised software apps are only installed with consent.
For its part, Zango said [4] it's cleaned up its act. The MySpace attack suggests that Zango still has some way to go in putting its house in order. ®