YouTube Malware Threat: Up to 300% Spike in Malicious Downloads Through Videos To Steal Sensitive Financial Data

Cyber-security researchers on Monday said they have discovered a massive 200-300 per cent spike in YouTube videos containing links to malware that can steal sensitive financial data from the computers.

YouTube (Photo Credits : Facebook)

New Delhi, March 13 : Cyber-security researchers on Monday said they have discovered a massive 200-300 per cent spike in YouTube videos containing links to malware that can steal sensitive financial data from the computers. YouTube is a popular platform with over 2.5 billion active monthly users, making it an easy target for threat actors, said AI cyber-security firm CloudSEK. Android 13 QPR3 Beta 1 Release Date: Google Announces New Software Update for Beta Program Members, To Be Out On March 13.

Termed Infostealers, these malware are spread via malicious downloads, fake websites and YouTube tutorials, infiltrate systems and steal information, which is uploaded to the attacker's Command and Control server. ChatGPT 4 Release Date: From AI-Generated Videos to Quicker Response, Open AI Chatbot’s New Version With Advanced Feature Is All Set To Arrive on This Day.

"In a concerning trend, these threat actors are now utilising AI-generated videos to amplify their reach, and YouTube has become a convenient platform for their distribution," said Pavan Karthick, a CloudSEK researcher. The research showed that 5-10 crack software download videos with malicious links are uploaded to YouTube every hour.

The videos contain deceptive tactics that mislead users into downloading malware, making it challenging for the YouTube algorithm to identify and remove them.

The researchers detected stealer malware such as Vidar, RedLine and Raccoon in YouTube videos from November 2022. These can steal passwords, credit card information, bank account numbers, and other confidential data.

These videos pretend to be tutorials on downloading cracked versions of licensed software, such as Adobe Photoshop, Premiere Pro, Autodesk 3ds Max, AutoCAD, and others, available only to paid users, said the report. The threat actors also add fake comments to give legitimacy to the video.

"These comments trick users into believing the malware is legitimate. Moreover, using AI-generated videos featuring personas that appear more familiar and trustworthy is a growing trend among threat actors," the report mentioned.

(The above story first appeared on LatestLY on Mar 13, 2023 11:34 AM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).

Share Now

Share Now