- Jan 8, 2011
- 22,453
- Content source
- http://grahamcluley.com/2014/02/youtube-malware/
Security researchers at Bromium have discovered that hackers were spreading malware onto computers while unsuspecting users were watching YouTube videos.
The drive-by-download attack was distributed via adverts shown on the YouTube website, and used an exploit kit to infect Windows PCs with a version of the Caphaw banking Trojan.
According to a blog post by Bromium, the attack relied upon the exploitation of a Java vulnerability (CVE-2013-2460, patched by Oracle in mid-2013).
Bromium's Blog post: http://labs.bromium.com/2014/02/21/the-wild-wild-web-youtube-ads-serving-malware/