VirusBulletin has reported that cyber criminals are now spreading Cryptolocker / CryptoWall around via YouTube. Malware researchers Vadim Kotov and Rahul Kashyap discovered cyber-criminals were purchasing advertising space on YouTube and then then using exploit kits to infect workstations.
According to KnowBe4 CEO Stu Sjouwerman; "Clicking on a thumbnail after the first video causes a redirect, kicks in an exploit, which in turn looks for an unpatched hole and executes the ransomware. The user files are then locked with a $500 ransom fee."
Sjouwerman (pronounced "shower'man") advocates the increased use of best practices to offset the increased threats. "It is important to patch end-user workstations as soon as possible. You might also consider either blocking YouTube at the edge, and/or deploying ad blockers in your Internet filter or as browser plug-ins."
KnowBe4 offers Kevin Mitnick Security Awareness Training as a means of protecting against such attacks. For more information visit http://www.KnowBe4.com