Malware spread via Google Code
According to McAfee's Avert Labs blog which, rather inaccurately, talks of spammers, Google's free code-hosting project has, in recent weeks been subverted by malware distributors. Over the Christmas holiday they have used it to create a large number of websites offering such things as free sex movies. Attempting to view the movie by clicking on the play button results in a message offering a 'required' CODEC for download, acceptance delivers a trojan payload and further clicking reaches an adult content site that is also infectious.
The malware distributors are taking advantage of the fact that at present Google automatically prioritises its code project pages in its index, helping them to achieve high search hit rates for their fly trap sites.
The McAfee blog entry shows a map of the relationship between the servers used to distribute the malware and traces the source back to servers operating in Latvia.