Attackers are never short of ideas for disguising their malware or adware as legitimate software. While following some of the spam links I recently discovered, I stumbled upon a free video site which attempts to get users to install both the Zango and LoudMo adware.
First, an ad for VLC, a popular open-source video player, pops up. However, the executable downloaded is actually Zango adware. Only 8 antivirus vendors out of 42 find this particular piece of adware. This malicious file is only 20KB, compared to the official, and clean, 18.6MB official executable file for VLC.
|This VLC executable comes with a spyware|
|Second attempt to install an adware|
These adware attacks are a major source of revenue for websites that distribute copyrighted material such as pirated novies, as they cannot participate in legitimate advertising networks. I've found several websites offering free movie downloads which linked to these 2 sites.