Cyber-security researchers on Monday said they have discovered a massive 200-300 per cent spike in YouTube videos containing links to malware that can steal sensitive financial data from the computers.
YouTube is a popular platform with over 2.5 billion active monthly users, making it an easy target for threat actors, said AI cyber-security firm CloudSEK.
Termed Infostealers, these malware are spread via malicious downloads, fake websites and YouTube tutorials, infiltrate systems and steal information, which is uploaded to the attacker’s Command and Control server.
“In a concerning trend, these threat actors are now utilising AI-generated videos to amplify their reach, and YouTube has become a convenient platform for their distribution,” said Pavan Karthick, a CloudSEK researcher.
The research showed that 5-10 crack software download videos with malicious links are uploaded to YouTube every hour.
The videos contain deceptive tactics that mislead users into downloading malware, making it challenging for the YouTube algorithm to identify and remove them.
The researchers detected stealer malware such as Vidar, RedLine and Raccoon in YouTube videos from November 2022. These can steal passwords, credit card information, bank account numbers, and other confidential data.
These videos pretend to be tutorials on downloading cracked versions of licensed software, such as Adobe Photoshop, Premiere Pro, Autodesk 3ds Max, AutoCAD, and others, available only to paid users, said the report.
The threat actors also add fake comments to give legitimacy to the video.
“These comments trick users into believing the malware is legitimate. Moreover, using AI-generated videos featuring personas that appear more familiar and trustworthy is a growing trend among threat actors,” the report mentioned.
