Players on the lookout for cheats on YouTube are being focused with hyperlinks to malicious password-protected archive information designed to put in the RedLine Stealer malware and crypto miners on compromised machines.
“The movies promote cheats and cracks and supply directions on hacking common video games and software program,” Kaspersky safety researcher Oleg Kupreev stated in a brand new report revealed right this moment.
Video games talked about within the movies are APB Reloaded, CrossFire, DayZ, Farming Simulator, Farthest Frontier, FIFA 22, Closing Fantasy XIV, Forza, Lego Star Wars, Sniper Elite, and Spider-Man, amongst others.
Downloading the self-extracting RAR archive results in the execution of Redline Stealer, a coin miner, in addition to quite a few different binaries that allow the bundle’s self-propagation.
Particularly, that is achieved via an open-source C#-based password stealer that is able to extracting cookies from browsers, which is then utilized by the operators to achieve unauthorized entry to the sufferer’s YouTube account and add a video with a hyperlink to the malicious archive.
As soon as a video is efficiently uploaded to YouTube, one of many executables within the archive transmits a message to Discord with a hyperlink to the uploaded video.
The findings come as the overall variety of customers who encountered gaming-related malware and undesirable software program from July 1, 2021, by means of June 30, 2022 touched practically 385,000, with over 91,000 information distributed beneath the guise of video games resembling Minecraft, Roblox, Want for Pace, Grand Theft Auto, and Name of Responsibility.
“Cybercriminals actively hunt for gaming accounts and gaming pc assets,” Kupreev stated. “Stealer-type malware is usually distributed beneath the guise of sport hacks, cheats and cracks. All that is additional proof, if any had been wanted, that unlawful software program needs to be handled with excessive warning.”