Hackers Using YouTube To Deliver Malware

Data stealing malware is being delivered via YouTube disguised as pirated software and video game cracks, according to  cyber security firm Proofpoint in a new report.

“Threat actors often target home users because they do not have the same resources or knowledge to defend themselves from attackers compared to enterprises... While the financial gain might not be as large as attacks perpetrated on corporations, the individual victims likely still have data like credit cards, cryptocurrency wallets, and other personal identifiable information (PII) stored on their computers which can be lucrative to criminals” Proofpoint say.

The videos purport to show an end user how to do things like download software or upgrade video games for free, but the link in the video descriptions leads to malware. “Many of the accounts that are hosting malicious videos appear to be compromised or otherwise acquired from legitimate users, but researchers have also observed likely actor-created and controlled accounts that are active for only a few hours, created exclusively to deliver malware.” researchers found.

The infostealer malwares detected include Vidar, StealC and Lumma Stealer, all disguised as pirated software and video game cracks and delivered alongside apparently legitimate content.

Proofpoint also detected significant gaps between the posted videos and content that differs from previously published videos, suggesting that an account was compromised or acquired by malicious actors. For example, one such account that was found by the researchers was a verified YouTube channel with 113,000 subscribers.

While the majority of its videos were posted over a year previously and were all in the Thai language, Proofpoint found 12 new English language videos about popular video games and software cracks posted within 24 hours upon discovery, all containing links to malicious content. Furthermore, some of those videos had over 1,000 views, which was possibly artificially boosted by bots to appear more legitimate to unsuspecting victims.

In response, YouTube says that it has policies in place banning users from putting content in the description boxes that violates the platform’s community guidelines and this includes malware and that their platform uses “a combination of machine learning and human review” to enforce its policies, and the systems “proactively monitor videos and livestreams to detect and remove deceptive behaviour.”  

Proofpoint     |     I-HIS     |     Infosecurity Magazine     |     Cybereason    |    The Record     |    Trade Arabia

Image: stux

You Might Also Read:

Investigating Fake News With Google, YouTube & Facebook:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Large Language Models Are An Inflection Point For Cyber Security
British Businesses Must Do More To Protect Themselves »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

FinalCode

FinalCode

FinalCode offers a file encryption and file-based enterprise digital rights management (eDRM) platform.

ESG Elektroniksystem- und Logistik-GmbH

ESG Elektroniksystem- und Logistik-GmbH

ESG offer a comprehensive portfolio of cyber and IT services ranging from consulting, solutions and operations to testing, simulation and training.

Exprivia

Exprivia

Exprivia is active in the design, development and integration of IT systems including cyber security.

Advisen

Advisen

Advisen is the leading provider of data, media, and technology solutions for the commercial property and casualty insurance market including cyber risk.

Jeffer Mangels Butler & Mitchell LLP (JMBM)

Jeffer Mangels Butler & Mitchell LLP (JMBM)

JMBM is a full service law firm providing counseling and litigation services in a wide range of areas including cyber security.

CloudMask

CloudMask

CloudMask patent technology provides Dynamic Data Masking (DDM) that masks sensitive data, structured or non-structured, in real-time.

Cybersecurity Tech Accord

Cybersecurity Tech Accord

The Cybersecurity Tech Accord promotes a safer online world by fostering collaboration among global technology companies.

Maximus Consulting (MX)

Maximus Consulting (MX)

Maximus designs and delivers corporate-wide information security management system with our full-time IRCA Accredited consulting team.

Garland Technology

Garland Technology

Garland Technology specializes in network access points (TAPs) for 100% visibility allowing you to see every bit, byte, and packet flowing through your network.

Cygenta

Cygenta

Cygenta brings a new approach to cybersecurity. We understand that true security means having digital, human and physical security working in harmony.

BridgingMinds Network

BridgingMinds Network

BridgingMinds Network is an industry leading best practices and IT security training provider in Singapore.

IoTeX

IoTeX

Building the connected world. IoTeX is a fast, secure, and decentralized platform that connects real world devices/data to the blockchain.

The PenTesting Company

The PenTesting Company

The PenTesting Company is owned and operated by offensive security professionals. Penetration Testing is essentially all we do.

Kralos

Kralos

Kralos are an experienced team of Software and IT experts, specialized in the development of innovative cybersecurity solutions.

Opkalla

Opkalla

We started Opkalla because we believe IT professionals deserve better. We help our clients navigate the confusion in the marketplace and choose the solution that is right for your business.

Blackmere Consulting

Blackmere Consulting

Blackmere Consulting is a Nationwide Technical and Executive Recruiting firm dedicated to Cyber Security and Information Technology.