VirusTotal - the popular free file checking website - has been spoofed by malware peddlers, warns Kaspersky Lab.
A simple visit to the site triggers the download of a worm via a java applet embedded in the code.
The worm in question is detected by Kaspersky Lab as Worm.MSIL.Arcdoor.ov. It's aim is to recruit the computer it infected into a botnet that would ultimately be used to perform DDoS attacks, and to communicate to the C&C information about the system (hostname, type and version of the OS, etc.)
See also http://www.securelis...gated_java_worm