By Elinor Mills
Friday, September 12 2008 10:37 AM
URL: http://www.zdnetasia.com/news/security/0,39044215,62046052,00.htm

Cybercriminals are getting more and more business-like. The latest examples involve a tool that automates the creation of fake YouTube Web sites that can be used to deliver malware and password cracking services for sale.

Panda Security says it has uncovered a tool circulating in underground hacking forums, dubbed YTFakeCreator, that enables anyone to easily create a fake YouTube page that surreptitiously installs a Trojan, virus or adware on a visitor's computer, says Ryan Sherstobitoff, chief corporate evangelist of Panda Security.

The tool does not spread the video link on its own. An attacker must distribute it via e-mail, FTP, IRC channels, peer-to-peer file sharing networks or CD.

Once a visitor arrives at the page, a fake error message appears saying that the video cannot be played because an important software component, such as a codec or Flash update, is missing. The visitor is prompted to download the software and the malware is installed.

YTFakeCreator makes it easy for even unskilled people to set up an attack. It has a configuration menu that lets the would-be attacker select a warning message to be displayed on the fake video page and properties of the video, among other options. More details are on the Panda site.

"They've really commercialized malware. There's been an upsurge of sophisticated custom-built Trojans that come with service level agreements and tech support sold in underground forums," said Sherstobitoff. "They are renting out denial of service attacks and botnets and selling trading, just like arms dealers, but in this case it's electronic crime."

Meanwhile, IBM's Internet Security Systems says password cracking is also being commercialized and marketed as "password recovery" services.

This article was first published as a blog on CNET News.com.