According to cyber-security experts, there has been a sharp increase of 200–300% in YouTube videos that contain links to malware that can steal sensitive financial data from computers.
Details on Up to 300% More YouTube videos now contain malware intended to steal sensitive user data
According to AI cyber-security company CloudSEK, YouTube is a well-known site with over 2.5 billion active monthly users, making it a simple target for threat actors.
Known as infostealers, these malware enter computers and steal data that is then uploaded to the attacker’s command and control server through malicious downloads, phoney websites, and YouTube tutorials.
According to a worrying trend, these threat actors are now using YouTube as a convenient distribution channel for their AI-generated videos, Pavan Karthick, a researcher at CloudSEK, said.
According to research, 5–10 videos with dangerous links are uploaded to YouTube every hour to promote the use of crack software.
The videos are difficult for the YouTube algorithm to recognise and remove because they use misleading techniques to trick viewers into downloading malware.
In YouTube videos dated November 2022, the researchers discovered stealth malware such as Vidar, RedLine, and Raccoon. They have the ability to steal passwords, credit card numbers, bank account numbers, and other private information.
According to the research, these films pose as guides for downloading illegal copies of software that is exclusively accessible to paying customers, such as Adobe Photoshop, Premiere Pro, Autodesk 3ds Max, and AutoCAD.
Also, the threat actors add false comments to the video to give it credibility.