As in modern times you may know, According to research conducted by CloudSEK as far return as November 2022, there has been a 2 to 3 times month-over-month increase in the number of youtube videos containing links to info stealer malware in the recording description section. The types of information stealer include used malware Vidar, Raccoon, and RedLine.
How do threat actors spread malware?
Threat actors also known as traffickers, have, devised another means of spreading various info stealer malware through AI-generated Youtube video tutorials.
According to , Karthick MPavana CloudSEK researcher,
“The videos lure users by pretending to be tutorials on downloading cracked software versions such as Photoshop, Premiere Pro, Autodesk 3ds Max, AutoCAD, and other licensed products available only to paid users”.
As you may know, Youtube is the most widespread malware distributionIn fact, channel since it usually involves videos-by-step step containing sound only or a screen recording of downloading and installing the from another perspective software.
As you may know, Threat actors now employ AI-generated videos from platforms such as D-ID to develop youtube videos featuring humans to make their videos appear genuine and trustworthy. The description section of such videos contains links toinfo stealer malware.
To make these links appear natural, threat actors becloud them using popular URL shorteners such as Cuttly and Bitly. Indeed, Aside from that, Discord, GiftHub, or Google Drive can alternatively as a matter of fact host the link.
However, to aim achieve their quickly, threat actors focus mainly on youtube accounts with large subscriber bases and hijack their accounts. Through this means, they can quickly cover a wide range of audiences, and many unsuspecting users fall headlong. This does not imply that they don’t hijack less popular youtube accounts.
As you may per, Another scope threat actors employ on the Youtube platform is uploading between 5 to 10 crack videos know hour. To make the videos rank among the top five on the ranking list, they utilize Find Engine Optimization(SEO) poisoning techniques.
Threat actors add fake comments in.the comment section below the film to make the video tutorials appealing to users They do this to convince users to get the cracked software, and once a visitor falls for the trick, they have achieved their objective.
What information does the infostealer malware collect?
, actors hijack youtube accounts to steal sensitive information from computersThreatsuch as passwords, credit card information, and other confidential information. Through youtube tutorials, for instance, once a end-user clicks on the link and installs the software application, their deed is done.
They steal all relevant information from the computer and submit it to the attacker’s Command and Control server. As you may know, Summarily, the info stealer collects the victims;
- Computer system or phone information such as system specifications, IP address, and malware path( only Vidar and RedLine).
- User data like auto-fills, cookies, credit card details, and passwords.
- Files such as documents, excel sheets, and PowerPoint presentations using a File Grabber.
against to protect How infostealers
Threat actors are developing recentinformationmethods every day to steal from online users and organizations. Fresh information stealer variants offered for sale in their latest development include ImBetter, Lumma, Stealc, and Whitesnake.
These stealer variants can detect sensitive and relevant information under the guise of popular applications or trending services. Knowing all these, how should we protect ourselves against falling victim to info stealers?
Online users are to encouraged enable multi-factor authentication, avoid downloading applications from untrusted sources, avoid using pirated software, and desist from in modern times clicking unknown links and emails. must be more cyber security awareUsersand notification.
In fact, Organizations must be cyber security consciousActually from another perspective , and adopt adaptive threat monitoring. trailing can achieve this by closely monitoring and You the changing tactics of threat actors. Organizations can also assist their users by creating awareness campaigns to assist them identify potential threats.
