I heard about a message being sent to YouTube users that was a self-extracting Trojan, so that when you clicked on the message (that is entirely blank) the Trojan goes to work and it works on any operating system. Is all this true and have they gotten rid of it entirely if it is true?

Hi tmcclelland47,

Can you provide us with resources?

~!Donovan

!Donovan, I’ve just heard it from friends who heard it from somewhere else.

Well this situation would be virtually impossible in the youtube environment as I assume they use some restrictions to sending messages.

There would have to be a third party at hand in order to change the message div’s onclick operations to include a redirect to a exploit hotspot. Even then youtube’s redirecting algorithm would likely take place thus preventing the malicious site from being executed automatically.

In short words, no it isn’t logically possible.

No it’s not possible,sometimes authors post malicious codes at the description of the video to allow users to cope&paste it and then use it,usually these codes trigger AV’s,but they can’t do anything,they are completely harmless,so don’t be afraid to use YouTube ;D