Self-Spreading Malware Attacking Gamers, Stealing Credentials via YouTube: Kaspersky

The malware comes in a malicious bundle available at a very small price tag.

Self-Spreading Malware Attacking Gamers, Stealing Credentials via YouTube: Kaspersky

Photo Credit: Sora Shimazaki/ Pexels

Google says it has terminated the hacked channels

Highlights
  • YouTube videos are used to spread malware
  • These videos advertise cheats and cracks of popular games
  • The bundle consists of three executable files
Advertisement

A self-spreading malware is said to be attacking gamers via YouTube videos. As per a report by Kaspersky, this is caused by an unusual malicious bundle, which includes malicious programs distributed in the form of a single installation file, self-extracting archive or other file with installer-type functionality. Its main payload is the widespread RedLine stealer — one of the most common Trojans used to steal passwords and credentials from browsers. The report also says that the bundle is available on underground hacker forums for a small price tag.

According to the Kaspersky report, the malicious bundle is merely a few hundred dollars, which is a small price tag for malware. The RedLine stealer can steal usernames, passwords, cookies, bank card details, and autofill data from Chromium- and Gecko-based browsers, data from cryptowallets, instant messengers, and FTP/SSH/VPN clients. In addition, RedLine can download and run third-party programs, execute commands, and open links in the default browser.

Alongside the stealer, there are other files in the bundle that facilitate self-propagation of the malware. In the process, the YouTube channels are hacked and videos with malware are posted. “These videos advertise cheats and cracks and provide instructions on hacking popular games and software,” the report said.

The games for which cheats and cracks are mentioned in the videos include APB Reloaded, CrossFire, DayZ, Dying Light 2, F1 22, Farming Simulator, Farthest Frontier, FIFA 22, Final Fantasy XIV, Forza, Lego Star Wars, Osu!, Point Blank, Project Zomboid, Rust, Sniper Elite, Spider-Man, Stray, Thymesia, VRChat, and Walken. The report cited Google as saying that the hacked channels were quickly terminated for violation of the company's Community Guidelines.

Once accessed, the malicious bundle unpacks and runs three executable files. The first is the RedLine stealer, and the second is a miner. The report says that the main target audience is gamers who are likely to have video cards installed in their systems. These cards can be used for mining. The third executable file ensures automatic startup and runs the first of the batch files. These batch files run three other malicious files, which are responsible for the bundle's self-distribution.


Buying an affordable 5G smartphone today usually means you will end up paying a "5G tax". What does that mean for those looking to get access to 5G networks as soon as they launch? Find out on this week's episode. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Motorola Edge 30 Ultra 12GB RAM Variant to Launch in India Soon: All Details
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

Advertisement

Follow Us
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »