Hackers Using YouTube To Deliver Malware

Uploaded on 2024-04-17 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY-Key Areas-Social Media

Data stealing malware is being delivered via YouTube disguised as pirated software and video game cracks, according to  cyber security firm Proofpoint in a new report.

“Threat actors often target home users because they do not have the same resources or knowledge to defend themselves from attackers compared to enterprises... While the financial gain might not be as large as attacks perpetrated on corporations, the individual victims likely still have data like credit cards, cryptocurrency wallets, and other personal identifiable information (PII) stored on their computers which can be lucrative to criminals” Proofpoint say.

The videos purport to show an end user how to do things like download software or upgrade video games for free, but the link in the video descriptions leads to malware. “Many of the accounts that are hosting malicious videos appear to be compromised or otherwise acquired from legitimate users, but researchers have also observed likely actor-created and controlled accounts that are active for only a few hours, created exclusively to deliver malware.” researchers found.

The infostealer malwares detected include Vidar, StealC and Lumma Stealer, all disguised as pirated software and video game cracks and delivered alongside apparently legitimate content.

Proofpoint also detected significant gaps between the posted videos and content that differs from previously published videos, suggesting that an account was compromised or acquired by malicious actors. For example, one such account that was found by the researchers was a verified YouTube channel with 113,000 subscribers.

While the majority of its videos were posted over a year previously and were all in the Thai language, Proofpoint found 12 new English language videos about popular video games and software cracks posted within 24 hours upon discovery, all containing links to malicious content. Furthermore, some of those videos had over 1,000 views, which was possibly artificially boosted by bots to appear more legitimate to unsuspecting victims.

In response, YouTube says that it has policies in place banning users from putting content in the description boxes that violates the platform’s community guidelines and this includes malware and that their platform uses “a combination of machine learning and human review” to enforce its policies, and the systems “proactively monitor videos and livestreams to detect and remove deceptive behaviour.”  

Proofpoint     |     I-HIS     |     Infosecurity Magazine     |     Cybereason    |    The Record     |    Trade Arabia

Image: stux

You Might Also Read:

Investigating Fake News With Google, YouTube & Facebook:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Large Language Models Are An Inflection Point For Cyber Security
British Businesses Must Do More To Protect Themselves »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Bob's Business

Bob's Business

Bob's Business adopts a fresh approach to information security awareness and compliance training, delivering key information through the use of short animated movies.

SysTools

SysTools

SysTools provides a range of services including data recovery, digital forensics, and cloud backup solutions.

Armis

Armis

Armis offers the markets leading asset intelligence platform designed to address the new threat landscape that connected devices create.

L3Harris Technologies

L3Harris Technologies

L3Harris Technologies is a global aerospace and defense technology innovator, delivering solutions to meet mission-critical needs across air, land, sea, space and cyber domains.

Focal Point

Focal Point

We aspire to be the focal point for Medium and Small size companies providing 24/7 cyber security advice, services and solutions.

Guardian Digital

Guardian Digital

Guardian Digital makes email safe for business. Threat-ready business email protection. Fully supported.

Pakistan Telecommunication Company Limited (PTCL)

Pakistan Telecommunication Company Limited (PTCL)

Pakistan Telecommunication Company Limited (PTCL) is the largest integrated Information Communication Technology (ICT) company of Pakistan.

Data Protection Commission (DPC)

Data Protection Commission (DPC)

The Data Protection Commission (DPC) is the national independent authority responsible for upholding the fundamental right of individuals in the EU to have their personal data protected.

Willyama Services

Willyama Services

Willyama Services is a certified Information Technology and Cybersecurity professional services business providing services to government and private sector clients.

Kivera

Kivera

Kivera enforces your organisation governance and security policies across cloud deployments preventing misconfigurations turning into attack vectors.

Vector Choice Technologies

Vector Choice Technologies

Vector Choice Technology Solutions has a long standing reputation in cyber security consulting since 2008.

Positiwise Software Pvt Ltd

Positiwise Software Pvt Ltd

Positiwise Software offers end-to-end software development solutions to accelerate the digital growth of businesses.

Leaf IT

Leaf IT

Leaf IT are a pioneering cloud-first MSP, dedicated to helping businesses in the UK and Ireland. We focus on delivering tangible results for our clients through IT transformation.

Codenotary

Codenotary

Codenotary provide a comprehensive suite of verification and enforcement services to guarantee the integrity of your software throughout its entire lifecycle.

Hiya

Hiya

Hiya's mission is to secure voice with trust, identity and intelligence. We're protecting people from spam and fraud calls, and helping carriers secure their networks for all.

Assurestor

Assurestor

Assurestor's singular focus is delivering leading cloud-based backup and disaster recovery designed to increase levels of IT resilience.