Cyber Hackers are spreading Malware through YouTube
Cyber criminals have started leaning on YouTube to spread potent malware, security researchers have discovered. Researchers at Cyble Research Labs recently uncovered more than 80 videos, all of which have relatively few viewers and are all owned by the same user. The videos appear to be demonstrating how a bitcoin mining software works to convince viewers to download it.
The download link is in the video description and is housed in a password-protected archive to convince victims of its legitimacy. To add to the effect, the downloaded archive also includes a link to VirusTotal, which reports the file as clean. No false positives master passwords. It also steals Discord tokens and Telegram sessions, taking screenshots along the way.
Additionally, it scans the device for potential cryptocurrency wallets, cold storage wallet data, and crypto-related browser add-ons. When it collects all of the above points, it compresses it into a single file and sends it to a server under the attacker’s control. It then self-destructs.
PennyWise is also able to analyze its environment and ensure that it is not operating in a protected environment. If it detects that it is in a sandbox or that an analyzer tool is running on the device, it immediately stops all actions. The researchers discovered that the malware halts all operations entirely when it detects that the victim’s endpoint is located in either Russia, Ukraine, Belarus or Kazakhstan, giving a clue as to the operators’ affiliation.
Newer Articles
- Private Proxies are the best option for Anonymity Online.
- Coming Soon Intelligent Translation for Microsoft Teams Mobile users
- Netflix adds Spatial Audio to Selected Shows and Films
