YouTube sees another surge of fraudulent videos with data theft software

13 March researchers cyber security announced a massive surge by 200-300% videos containing links to malware that can steal sensitive data.

YouTube is a popular platform with more than 2.5 billion monthly active users, making it an easy target for attackers, cybersecurity company CloudSEK said. Dubbed Infostealers, these malware are distributed through downloads, fake websites and YouTube tutorials, infiltrate systems and steal sensitive information that is uploaded to a server controlled by the attacker.

“There is a worrying trend that attackers are now using AI-generated videos, and YouTube has become a convenient platform to distribute them,” said Pawan Karthik, a CloudSEK researcher. The study found that between 5 and 10 videos with malicious links are uploaded to YouTube every hour. They contain deceptive tricks that cause malware to be downloaded, making it harder for YouTube’s algorithm to detect and remove.

Researchers found stealer malware such as Vidar, RedLine and Raccoon in a November 2022 YouTube video. They can steal passwords, credit card information, bank account numbers, and other sensitive data. These videos pose as tutorials on how to download cracked versions of licensed software such as Adobe Photoshop, Premiere Pro, Autodesk 3ds Max, AutoCAD and others that are only available to paid users, the report says. The attackers also add fake comments to give the video legitimacy. Kaspersky Lab toldhow to identify and how to protect yourself from such fraud.

How this YouTube scam works

The scheme is quite simple. First, the attackers create a new YouTube account, change the avatar and name of the channel, masquerading as a popular YouTube star. This is easy to do, because the platform allows the user to set any name channel, regardless of his name account.

Then the scammers send out friend requests en masse, which can be sent to any user of the platform. They don’t even bother uploading any content to the fake channel – it won’t be visible in the friend request anyway. For many fans of stars, a recognizable name and avatar is enough to accept such requests without hesitation. The last step is to compose and send a seductive-looking personal message.

At the moment, this scheme is used to deceive English-speaking YouTubers. But, most likely, Russian Internet scammers will also quickly master it – it is very simple and convenient for mass deception.

What is the point of this divorce?

Using this scheme, attackers kill two birds with one stone. They use a simple phishing message to get your personal details and earn extra money along the way. Their message always contains a link, by clicking on which you supposedly can receive your prize. The link leads to a fake website that looks like the official one. It will ask you to enter your contact and personal details, which will fall into the hands of crooks. But that’s not the end of the story. You will need to “verify that you are not a robot” and take a survey – of course, also fake.

If you agree, you will be sent to another site, then to a third, and so on. This is how attackers make money off of you by forwarding traffic to the web pages of client organizations. When you follow these links, you run the risk not only of being on a site offering dubious goods and services, but also of picking up, for example, a ransomware or a banking Trojan.

According to researchconducted by RiskIQ specialists, at least several tens of thousands of YouTube users have already become victims of this fraudulent scheme – the attackers managed to lure them to fake sites. At the same time, the authors themselves admit that the figures they cited do not reflect the entire scale of the disaster, there may be more victims.

How to protect yourself from phishing on YouTube:

• If someone you don’t know wants to add you as a friend or sends you a private message, be on your guard, even if he’s pretending to be a star. Find out who the sender really is. Check if the channel is marked as official (a gray check mark next to the channel name), and evaluate the content of the message sensibly.
• Do not leave your personal information on sites that you have followed links from YouTube messages. If an offer looks too good to be true, you are almost certainly being scammed.
• Use a reliable antivirus solution that will alert you when you click on links that lead to phishing or other malicious web pages.

Source link