YouTube becomes a heaven to info stealing malware


Whenever we see a YouTube video that is informative, we tend to go through the description or ‘show more’ feature and have a habit of clicking on the links. What if the link leads us to a website that is a malware dropper?

A new report by cloud security firm CloudSEK says that there has been a 200% to 300% monthly rise in such attacks, where the videos are filled with info stealing malware aka malware stealers.

This is being possible, as hackers are using AI programs such as Synthesia and D-ID to embed malicious links in the videos, some with the knowledge of the host and, in most cases, without the user’s knowledge.

Most of the videos pertaining to educational training, recruitment details, product reviews, gaming tutorials and movie promotional video bits are being used to spread such nasty malware, say experts.

RedLine, Racoon, Fraser, Vidar, WallPost are some of the malware that are being spread through videos having 1000s of views.

Slowly and steadily, the practice has spread to Twitter and Instagram platforms, with the practice becoming a never-ending trend.

Google, the Alphabet Inc has already an effective automated threat monitoring tools to curb such info-stealer spread. However, users generating such content should also keep a watch on their videos from time to time and find and report any such malicious links to the service provider, as soon as they are discovered.

NOTE- Product review videos such as the one describing a computer, mobile phone or something sold on Amazon often attract the attention of hackers. As they can embed malicious links diverting the viewer to info-stealing websites. Thus, better be careful with such video descriptions by avoiding clicking on such links.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display