From news.com:
According to Trend Micro, a Trojan horse that downloads a certain YouTube video could compromise your computer. The video appears to be an episode of Afterworld, a Web TV series about a society where technology is dead. Security vendor Websense has also been tracking this Trojan horse and has traced the video to a .su domain, which was originally assigned to the former Soviet Union and still remains in use today.

The use of online media files to infect end users with malware is not new. A worm last October used a JavaScript flaw in Apple Quicktime to spread on MySpace. For this attack, Websense has produced, ironically, an informative YouTube video demonstrating what happens to your computer. This YouTube Trojan steals personal information from a compromised PC and then broadcasts it to an undisclosed location.


Pretty scary when you consider the vast number of times people are directed to youtube to see videos of WoW instances/crits/funeral bimbings and the like.

I'd like to both warm people of the dangers of these subtle and silent pests, and inform them of the easy methods (and free!) ways they could defend themselves.

A trojan operates in three major stages. Stage one is infiltration, entering your computer. It'll hide itself, most of the time you won't even know it is there. It can come in a video, a picture, even a webpage you viewed. It only has to be once, for mere seconds, and you've got it on your PC, doing it's designed purpose. This is stage two, and there's not much that can be done about it; it begins to watch and gather information, keystrokes, personal information, copy+pasted text, anything it's programmed to learn about. A good virus scanner can watch out for the telltale accessing of data committed by these trojans and will catch a great deal. It can also recognise them when they attempt enterence at Stage One as well as Stage Three.

Stage Three is the final opportunity to protect yourself, the last hurdle before the information gathered reaches wherever the programmer instructed the trojan to forward the information to. The trojan has to break its cover while internet access is possible and transmit the data, making itself very visable for antivirus. To prevent that transmission leaving your computer, a strong firewall, an example would be ZoneAlarm, can monitor all transactions of data between the WWW and your PC, anything that isn't legitimate traffic authorised to go through shall not, the trojan may have been able to complete stage 1 and 2, but for all its attempts to complete stage 3 it simply won't, the information remains contained and unleaked, the trojan has failed its mission.

Trojans can be stopped at any one of these stages to which they all invariably follow. It is highly recommended to take actions to shore up all three, dispite Microsoft's insistence that that is overkill and unneccessary having failsafe levels incase one happens to fail is a common business practice and is just safer, the odds are more in your favour of not having any leaks. Avoiding dodgy websites, getting a firewall that monitors both outgoing and incoming transmissions, and an antivirus package are all things that can be undertaken. Today, trojans thrive on systems where users don't prepare, don't know how to or simply don't care. But for users that take as little as half an hour to secure their system a little, they can prevent their credit card information or their financial records known only to themselves for example. The benifits most likely outweigh the gains, and nobody wants a spy hanging around thier computer anyhow.

I <3 you Kalos.

I'm definitely going to be disabling those services you mentioned in another post when I get home tonight.

I <3 you Talos.

I'm definitely going to be disabling those services you mentioned in another post when I get home tonight.
Ok, but I'm not Talos the Farseer :laugh:

And yes, those services are pretty dangereous. A complete remote access system built into every XP computer in the world, on 24/7 by default? Asking for someone to take advantage, and it can and does happen. I don't understand simply why they are on at all, but I know how to switch them off, and that Windows XP works fine without them in the ordinary home environment. They only even come into play, any usefulness, when you actually want someone to be able to remote control your PC, and to be honest that situation never arises for pretty much all of the home user base. I have to keep one of those services on, because I actually do use the remote desktop connection system sometimes, saves me climbing into the attic and having to address my server face to face, essentially moving full controlling abilities downstairs to my laptop I can control it anywhere in the house or even the garden. But like I said, not many people have a computer which they would want to connect+control, and it's a huge risk if anyone worked out the details to connect to your system. You can hope they don't, but locking those services shut will take that possibility to a flat zero. Thankfully, that's one Microsoft maneouver the user can adjust and clamp down by themselves.

Dammit! I must not have enough caffiene in me yet.

*edits post*