YouTube Video being used to hide the spread of Banker.A Worm, says PandaLabs

Panda Software Logo PandaLabs has announced that a new worm called Spreadbanker.A is using a YouTube video to trick users and spread over the Internet in a fast manner. Panda Software’s TruPrevent Technologies have detected and managed to eliminate this malicious code.

The SpreadBanker.A worm has two components; when the user runs the first of these, it connects to the YouTube page and displays a video. The problem arises when at the same time it downloads the second part of the worm.

The SpreadBanker.A worm is programmed to steal passwords entered in several online banks. It is also capable of stealing the login details for online games such as Age of Mythology, GTA, Unreal Tournament, Final Fantasy and World of WarCraft.

That’s not all; this worm can also make modifications to the Windows registry and creates copies of itself in many folders that belong to the P2P file-sharing applications.

According to Luis Corrons, technical director of PandaLabs, “Malware is becoming increasingly sophisticated. In this case, it combines the propagation features of worms with the ability of Trojans to steal passwords. This way, cyber-crooks hope to squeeze the maximum profit out of each infection.”