Digg has recently been used for more than sharing a good story by also becoming a breeding ground for malware users.
Computer security firm PandaLabs has reported that cyber-criminals have been using Digg comments on popular stories to link Diggers to codec-based Malware. The criminals do not create the content, but instead exploit the context of relevant articles.
Malware writers pose as Digg members and entice readers with fake links to online videos in celebrity news forums. People who follow these links are then prompted to install software in order to view the video or flash-based movie
While you watch the video, a programme claiming to be a legitimate anti-virus application such as MS Antispyware 2009 or XP Anti-Virus is covertly installed onto your PC and pretends to scan computers for malicious software.
This “security software” will claim to find a critical errorand then offer to eliminate the problem for a cost. The software will even prevent your system from operating correctly to make its claims more believable.
In a preliminary analysis, PandaLabs have found that over 50 profiles have been used to leave comments to trap members.
According to the Tech Herald, it appears that the criminals are using bots, and either creating accounts or hijacking other accounts to spread these malicious links.
Digg has reportedly terminated more than 300 accounts suspected of spreading malware.
Source: The Tech Herald and AFP on Google News