Massive campaign uses YouTube to push password-stealing malware

Discussion in 'Headline News' started by RickAgresta, Oct 21, 2021.

  1. RickAgresta

    RickAgresta General Peanut, leader of the Peanutty Forces

    Messages:
    22,384
    Likes Received:
    21,050
    Trophy Points:
    288
    Widespread malware campaigns are creating YouTube videos to distribute password-stealing trojans to unsuspecting viewers.

    Password stealing trojans are malware that quietly runs on a computer while stealing passwords, screenshots of active windows, cookies, credit cards stored in browsers, FTP credentials, and arbitrary files decided by the threat actors.

    When installed, the malware will communicate with a Command & Control server, where it waits for commands to execute by the attacker, which could entail the running of additional malware.

    Malicious YouTube videos gone wild
    Threat actors have long used YouTube videos as a way to distribute malware through embedded links in video descriptions.

    However, this week has Cluster25 security researcher Frost told BleepingComputer that there has been a significant uptick in malware campaigns on YouTube pushing various password-stealing Trojans.

    Frost told BleepingComputer that it is likely two clusters of malicious activity being conducted simultaneously - one pushing the RedLine malware and the other pushing Racoon Stealer.

    The researcher said that thousands of videos and channels had been made as part of this massive malware campaign, with 100 new videos and 81 channels created in just twenty minutes.

    Frost explained that the threat actors use the Google accounts they steal to launch new YouTube channels to spread malware, creating a never-ending and ever-growing cycle.

    "The threat actors have thousands of new channels available because they infect new clients every day. As part of these attacks, they steal victim's Google credentials, which are then used to create new YouTube Videos to distribute the malware," Frost told BleepingComputer.

    The attacks start with the threat actors creating numerous YouTube channels filled with videos about software cracks, licenses, how-to guides, cryptocurrency, mining, game cheats, VPN software, and pretty much any other popular category.

    LINK:
    https://www.bleepingcomputer.com/ne...es-youtube-to-push-password-stealing-malware/
     
    scjjtt, BAB2000, Hook and 2 others like this.
  2. lelisa13p

    lelisa13p Your Super Moderator Super Moderator

    Messages:
    23,850
    Likes Received:
    9,897
    Trophy Points:
    288
    Just when you think that you've been terrified as much as you can be. :vbfrown:
     
    headcronie, scjjtt, BAB2000 and 2 others like this.
  3. BAB2000

    BAB2000 An "Olde Moderator" #2

    Messages:
    13,448
    Likes Received:
    218
    Trophy Points:
    258
    YouTube is overrun with TikTok clips. I stay with my subscriptions only and then keep my fingers cross.


    Sent from my iPhone using Tapatalk
     
    headcronie, lelisa13p, Hook and 2 others like this.
  4. EdmundDantes

    EdmundDantes Mobile Deity

    Messages:
    2,675
    Likes Received:
    3,038
    Trophy Points:
    288
    Yeah, I almost exclusively watch car videos from the same channels. But I will try and be more vigilant.
     
Loading...
Similar Threads - Massive campaign uses
  1. RickAgresta
    Replies:
    3
    Views:
    908

Share This Page