Threat Actors Hack YouTube Channels to Distribute Infostealers

216.73.217.22

Threat Actors Hack YouTube Channels to Distribute Infostealers

· Published 10/05/2024 13:47 · Modified 10/05/2024 14:25

Essential information

Published: 10/05/2024 13:47
Modified: 10/05/2024 14:25
Tags: 2024-05-05 2024-05-06 2024-05-07 2024-05-08 2024-05-09 2024-05-10 compromised accounts infostealers lummac2 malware distribution vidar youtube
Related entities: 13 observables, 8 techniques (mitre), 2 malware

Description

This analysis reveals that malicious groups have been exploiting popular YouTube channels, including some with over 800,000 subscribers, to distribute various infostealer malware strains like Vidar and LummaC2. The attackers upload videos promoting cracked software with links to malicious payloads hosted on file-sharing platforms. Users unsuspectingly download these payloads, believing they are genuine installers, resulting in system infections and data theft.

External references

https://asec.ahnlab.com/en/63980/
https://otx.alienvault.com/pulse/663e25897a4e4f8b078a92a1