Friday, December 21, 2007

Zlob fake codecs in Google Groups

We have seen so many websites and domains serving Zlob fake codecs and rogue anti-malware applications. Now, the gang behind Zlob is using Google Groups to peddle their junk. Google Groups - with poor security measures and moderation - seems to be an ideal place for these Zlob bots to spread their junk. There are numerous fake pages in different sections of Google Groups, and they look just like YouTube pages. Below screen shot shows one such page:

If you click on the video, it takes you either to a fake codec page or to a rogue application page:

Some of the fake codecs are very new and are poorly detected. Hopefully, AV vendors will add the detections very soon.