Just like phishing pages being commodity, these commodity spoofs of legitimate software/plugins relying on "visual social engineering" represent a market segment by themselves, one that some cybercriminals have been attempting to monetize for a while.
These very same modules represent the dominant social engineering attack vector on the Internet due to the quality of the spoofs and the end users' gullibility while self-infecting themselves. For the time being, the author appears to be an opportunist rather than someone interested in setting new benchmarks for standardization social engineering by using the efficiency and delivery methods offered by a web malware exploitation kit.
Interestingly, a huge number of fake codec serving web sites are already detecting the OS/Browser of the visitor, and serving Mac OS X based malware or Windows based malware based on the detection. This fact, as well as the fact that visual spoofs of OS X like dialogs are also getting template-ized are not a coincidence - it's a signal for an efficient and social engineering driven malware delivery mechanism in the works. The development of the kit will be monitored and updates posted - if any.
Meanwhile, the recent blackhat SEO campaign which attempted to hijack 'Harry Potter and the Half-Blood Prince' related traffic is a good example on how despite the magnitude of the campaign -- hundreds of thousands of indexed and malware serving pages -- due to the manual campaign management, its centralized nature makes it easier to shut down.
the-blue-tube .com - Email: firstname.lastname@example.org
onlysteeltube.com - Email: email@example.com
thecooltube .com - Email: firstname.lastname@example.org
etesttube .com - Email: email@example.com
thegrouttube .com - Email: firstname.lastname@example.org
exefiledata .com - Email: email@example.com
exereload .com - Email: firstname.lastname@example.org
load-exe-world .com - Email: email@example.com
cool-exe-file .com - Email: firstname.lastname@example.org
last-home-exe .com - Email: email@example.com
exefreefiles .com - Email: firstname.lastname@example.org
boardexefiles .com - Email: email@example.com
exeloadsite .com - Email: firstname.lastname@example.org
This post has been reproduced from Dancho Danchev's blog.