As more and more devices are connected to the internet, the attack surface for cybercriminals increases, making it easier for them to find vulnerabilities to exploit. On Monday, researchers said they discovered a massive 200-300 percent spike in YouTube videos containing links to malware that can steal sensitive financial data from computers.
Hackers are using YouTube video links to spread malware. One common method is to post a video that appears to be legitimate but contains a malicious link in the description or in the video itself. When a user clicks on the link, they may be redirected to a website that contains malware, or the malware may be automatically downloaded onto their device.
YouTube is a popular platform with over 2.5 billion active monthly users, making it an easy target for threat actors, said AI cybersecurity firm CloudSEK.
Termed Infostealers, these malware are spread via malicious downloads, fake websites and YouTube tutorials, infiltrate systems and steal information, which is uploaded to the attacker’s Command and Control server.
“In a concerning trend, these threat actors are now utilising AI-generated videos to amplify their reach, and YouTube has become a convenient platform for their distribution,” said Pavan Karthick, a CloudSEK researcher.
The research showed that 5-10 crack software download videos with malicious links are uploaded to YouTube every hour.
The videos contain deceptive tactics that mislead users into downloading malware, making it challenging for the YouTube algorithm to identify and remove them.
The researchers detected stealer malware such as Vidar, RedLine and Raccoon in YouTube videos from November 2022. These can steal passwords, credit card information, bank account numbers, and other confidential data.
These videos pretend to be tutorials on downloading cracked versions of licensed software, such as Adobe Photoshop, Premiere Pro, Autodesk 3ds Max, AutoCAD, and others, available only to paid users, said the report.
Hackers can also use comments on YouTube videos to post malicious links or to trick users into downloading malware. For example, they may post a comment that appears to be offering a software update or a free download, but when a user clicks on the link, they are downloading malware onto their device.
“These comments trick users into believing the malware is legitimate. Moreover, using AI-generated videos featuring personas that appear more familiar and trustworthy is a growing trend among threat actors,” the report mentioned.
It is essential to be cautious when clicking on links or downloading files from unknown sources. Always verify that the source of the link is legitimate before clicking on it, and use anti-malware software to protect your device from potential threats.
Also Read: Slack Security Concerns and DLP solutions
