Hackers Using YouTube To Deliver Malware

Uploaded on 2024-04-17 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY-Key Areas-Social Media

Data stealing malware is being delivered via YouTube disguised as pirated software and video game cracks, according to  cyber security firm Proofpoint in a new report.

“Threat actors often target home users because they do not have the same resources or knowledge to defend themselves from attackers compared to enterprises... While the financial gain might not be as large as attacks perpetrated on corporations, the individual victims likely still have data like credit cards, cryptocurrency wallets, and other personal identifiable information (PII) stored on their computers which can be lucrative to criminals” Proofpoint say.

The videos purport to show an end user how to do things like download software or upgrade video games for free, but the link in the video descriptions leads to malware. “Many of the accounts that are hosting malicious videos appear to be compromised or otherwise acquired from legitimate users, but researchers have also observed likely actor-created and controlled accounts that are active for only a few hours, created exclusively to deliver malware.” researchers found.

The infostealer malwares detected include Vidar, StealC and Lumma Stealer, all disguised as pirated software and video game cracks and delivered alongside apparently legitimate content.

Proofpoint also detected significant gaps between the posted videos and content that differs from previously published videos, suggesting that an account was compromised or acquired by malicious actors. For example, one such account that was found by the researchers was a verified YouTube channel with 113,000 subscribers.

While the majority of its videos were posted over a year previously and were all in the Thai language, Proofpoint found 12 new English language videos about popular video games and software cracks posted within 24 hours upon discovery, all containing links to malicious content. Furthermore, some of those videos had over 1,000 views, which was possibly artificially boosted by bots to appear more legitimate to unsuspecting victims.

In response, YouTube says that it has policies in place banning users from putting content in the description boxes that violates the platform’s community guidelines and this includes malware and that their platform uses “a combination of machine learning and human review” to enforce its policies, and the systems “proactively monitor videos and livestreams to detect and remove deceptive behaviour.”  

Proofpoint     |     I-HIS     |     Infosecurity Magazine     |     Cybereason    |    The Record     |    Trade Arabia

Image: stux

You Might Also Read:

Investigating Fake News With Google, YouTube & Facebook:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Large Language Models Are An Inflection Point For Cyber Security
British Businesses Must Do More To Protect Themselves »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Via Resource

Via Resource

Via Resource specialise in Information and Cyber Security recruitment in the UK, Europe and USA.

Frazer-Nash Consultancy

Frazer-Nash Consultancy

Frazer-Nash is a leading engineering, systems and technology company. Areas of expertise include information security and cyber security.

Seagate Technology

Seagate Technology

Seagate data storage systems are purpose-built for enterprise and data centre performance, scalability, reliability and security.

Norwegian Business & Industry Security Council (NSR)

Norwegian Business & Industry Security Council (NSR)

NSR is a member organization serving the Norwegian business sector in an advisory capacity on matters relating to crime and security including cyber.

The Media Trust

The Media Trust

The Media Trust continuously scans websites, ad tags and mobile apps and alerts on anomalies affecting websites and visitors.

Bluink

Bluink

Bluink specializes in identity and access management and customer identity verification, using your smartphone as a strong authenticator and secure identity store.

mPrest

mPrest

mPrest is a global provider of mission-critical monitoring and control solutions for the defense, security, utility and Industrial Internet of Things (IoT) sectors.

Basque Digital Innovation Hub (BDIH)

Basque Digital Innovation Hub (BDIH)

The aim of the BDIH initiative is to provide industrial enterprises, especially SMEs, with the technological capabilities needed to meet the challenges of industry 4.0.

Code Intelligence

Code Intelligence

Code Intelligence offers a platform for automated software security testing to help developers make their software more robust and secure.

Netstar

Netstar

Netstar is an IT Support company based in Central London providing fully managed IT Support, Cyber Security and Technology Consulting services.

Seccuri

Seccuri

Seccuri is a unique global cybersecurity talent tech platform. Use our specialized AI algorithm to grow and improve the cybersecurity workforce.

CornerStone

CornerStone

CornerStone is an award winning, independent risk, cyber and security consulting firm providing a range of Risk Management, Security Design and Implementation Management Services.

Appalachia Technologies

Appalachia Technologies

Appalachia is a full service Managed Services Provider with a focus on cybersecurity, backed by the best engineers.

Ipstack

Ipstack

Ipstack offers one of the leading IP to geolocation APIs and global IP database services worldwide. Protect your site and web application by detecting proxies, crawlers or tor users at first glance.

Fairdinkum Consulting

Fairdinkum Consulting

Fairdinkum is a leading full-service IT consulting firm with more than two decades of experience in the industry.

Hive

Hive

Hive is a leading provider of cloud-based AI solutions to understand, search, and generate content, and is trusted by hundreds of the world's largest and most innovative organizations.