Avid gamers on the lookout for cheats on YouTube are staying focused with hyperlinks to malicious password-protected archive information created to set up the RedLine Stealer malware and crypto miners on compromised devices.
“The films market cheats and cracks and supply guidance on hacking well known video games and computer software,” Kaspersky security researcher Oleg Kupreev mentioned in a new report posted right now.
Online games stated in the videos are APB Reloaded, CrossFire, DayZ, Farming Simulator, Farthest Frontier, FIFA 22, Ultimate Fantasy XIV, Forza, Lego Star Wars, Sniper Elite, and Spider-Guy, amongst other folks.
Downloading the self-extracting RAR archive potential customers to the execution of Redline Stealer, a coin miner, as effectively as a quantity of other binaries that enable the bundle’s self-propagation.
Exclusively, this is accomplished by signifies of an open up-source C#-primarily based password stealer which is capable of extracting cookies from browsers, which is then made use of by the operators to obtain unauthorized entry to the victim’s YouTube account and add a movie with a connection to the malicious archive.
The moment a movie is properly uploaded to YouTube, one of the executables in the archive transmits a information to Discord with a url to the uploaded video.
The results come as the whole quantity of customers who encountered gaming-related malware and unwelcome software package from July 1, 2021, as a result of June 30, 2022 touched approximately 385,000, with over 91,000 information distributed less than the guise of game titles these kinds of as Minecraft, Roblox, Will need for Speed, Grand Theft Car, and Get in touch with of Obligation.
“Cybercriminals actively hunt for gaming accounts and gaming personal computer methods,” Kupreev reported. “Stealer-style malware is often dispersed under the guise of video game hacks, cheats and cracks. All this is even further evidence, if any were being required, that unlawful software package really should be addressed with intense warning.”
Observed this report attention-grabbing? Stick to THN on Facebook, Twitter and LinkedIn to read far more distinctive content material we write-up.
Some parts of this article are sourced from:
thehackernews.com