YouTube has become a daily habit for millions all over the world, but it looks like there has been some malicious activity on the website - which may have affected more than 100,000 users over a 30 day period.
According to Trend Micro, they have been monitoring the activity on YouTube over the past couple of months and have found that the attack comes in the form of ads that are present on the site. While the ads themselves have no malicious content, the issue seems to occur when the ad is clicked.
Although these ads should be monitored and screened by YouTube, some have seemed to slip through the cracks, redirecting to malicious websites that could cause infections. While this all sounds fairly simple, the actually process for passing off a malicious site for something legitimate is fairly complex.
Trend Micro explains:
The exploit kit seems to target Java, Internet Explorer, and Flash. Luckily, those that keep their OS up to date will not be exposed to this infection as Microsoft has patched the vulnerability in May of 2013. It's also probably a good idea to make sure that you update your Adobe and Java products to their latest available editions. It is unknown how long these ads will remain on YouTube, but their team will hopefully have the issue patched soon.
Axarhöfði 14,
110 Reykjavik, Iceland