The Electronic Frontier Foundation says political activists in Iran and Syria are being targeted in malware attacks. The attacks occur after users visit a fake Youtube page and are encouraged to update their Flash Player. The update in turn downloads a file, setup.exe, to their computer. Once installed via Microsoft s.NET, it connects to a Syrian IP and downloads additional malware. A phishing site connected to the bogus Youtube page has since been taken down where users were tricked into entering their actual Youtube credentials.
Source: https://threatpost.com/pro-syrian-malware-targets-impedes-activists-031512/76333/