Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
Hackers use AI-generated YouTube videos to deploy Raccoon, RedLine, and Vidar malware. The videos look like tutorials on how to download Adobe Photoshop, Premiere Pro, Autodesk 3ds Max, AutoCAD, etc. for free. Some of the videos claim to show the viewers how to crack software that is otherwise available only for cost.
Researchers warn that videos that contain links to info-stealing malware in the description section are on the rise.
The Distribution Method
Threat actors use SEO poisoning techniques to make the malicious videos rank high in the results. They trick the victim to click on links that are often obfuscated by using URL shorteners: bit.ly, cutt.ly, etc.
Sometimes, hackers hide the links on file hosting platforms, like Discord, GitHub, Google Drive, MediaFire, or Telegra.ph, for example. In some cases, when you click the link, it directly downloads the malicious file on the device.
Top Accounts Are in Focus
The threat actors’ goal is to hijack top accounts. So, they use social engineering and information that comes from data leakage to snatch large, legit, YouTube accounts. This way, they rapidly gain access to a large number of people.
To make their materials more credible and appealing, they use AI-generated personas. The videos also contain share screen recordings and audio walkthroughs. Threat actors have also developed a method to trick the YouTube review process.
Threat actors use region-specific tags, write fake comments with automated processes to add legitimacy, and continuously upload videos to keep up with takedowns.
How to Avoid Being a Victim to Info-stealing
Due to the huge, over 2.6 billion number of active monthly users that YouTube has, malicious videos have become a serious threat to cybersecurity. Lots of these users are not aware of the danger and can easily be tricked. In order to avoid falling victim to info-malware, researchers recommend that organizations:
- Educate their teams and launch awareness campaigns.
- Enforce a threat-monitoring solution.
- Enable multi-factor authentication (MFA).
- Never install files from unauthorized sources.
And if you liked this article, follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.
- Next-gen Antivirus & Firewall which stops known threats;
- DNS traffic filter which stops unknown threats;
- Automatic patches for your software and apps with no interruptions;
- Privileged Access Management and Application Control, all in one unified dashboard
