Massive campaign uses YouTube to push password-stealing malware

Discussion in 'Headline News' started by RickAgresta, Oct 21, 2021.

  1. RickAgresta

    RickAgresta General Peanut, leader of the Peanutty Forces

    Likes Received:
    Trophy Points:
    Widespread malware campaigns are creating YouTube videos to distribute password-stealing trojans to unsuspecting viewers.

    Password stealing trojans are malware that quietly runs on a computer while stealing passwords, screenshots of active windows, cookies, credit cards stored in browsers, FTP credentials, and arbitrary files decided by the threat actors.

    When installed, the malware will communicate with a Command & Control server, where it waits for commands to execute by the attacker, which could entail the running of additional malware.

    Malicious YouTube videos gone wild
    Threat actors have long used YouTube videos as a way to distribute malware through embedded links in video descriptions.

    However, this week has Cluster25 security researcher Frost told BleepingComputer that there has been a significant uptick in malware campaigns on YouTube pushing various password-stealing Trojans.

    Frost told BleepingComputer that it is likely two clusters of malicious activity being conducted simultaneously - one pushing the RedLine malware and the other pushing Racoon Stealer.

    The researcher said that thousands of videos and channels had been made as part of this massive malware campaign, with 100 new videos and 81 channels created in just twenty minutes.

    Frost explained that the threat actors use the Google accounts they steal to launch new YouTube channels to spread malware, creating a never-ending and ever-growing cycle.

    "The threat actors have thousands of new channels available because they infect new clients every day. As part of these attacks, they steal victim's Google credentials, which are then used to create new YouTube Videos to distribute the malware," Frost told BleepingComputer.

    The attacks start with the threat actors creating numerous YouTube channels filled with videos about software cracks, licenses, how-to guides, cryptocurrency, mining, game cheats, VPN software, and pretty much any other popular category.

    scjjtt, BAB2000, Hook and 2 others like this.
  2. lelisa13p

    lelisa13p Your Super Moderator Super Moderator

    Likes Received:
    Trophy Points:
    Just when you think that you've been terrified as much as you can be. :vbfrown:
    headcronie, scjjtt, BAB2000 and 2 others like this.
  3. BAB2000

    BAB2000 An "Olde Moderator" #2

    Likes Received:
    Trophy Points:
    YouTube is overrun with TikTok clips. I stay with my subscriptions only and then keep my fingers cross.

    Sent from my iPhone using Tapatalk
    headcronie, lelisa13p, Hook and 2 others like this.
  4. EdmundDantes

    EdmundDantes Mobile Deity

    Likes Received:
    Trophy Points:
    Yeah, I almost exclusively watch car videos from the same channels. But I will try and be more vigilant.
Similar Threads - Massive campaign uses
  1. RickAgresta

Share This Page