Gamers on YouTube are attacked by a self-propelled tandem – an infostealer and a miner

Kaspersky Lab experts spoke about a new malicious campaign discovered on YouTube. Attackers offer to download the bundle, passing it off as cheats and pirated copies of popular games; in fact, the password-protected archive contains the RedLine infostealer and a cryptominer.

In addition to the named payload, several other executables are included; three of them were of particular interest to researchers. As it turned out, these executables allow you to automate the distribution of malicious advertising on YouTube: they receive and place videos on behalf of the victim with a link to the bundle (given in the description).

The authors of the cyber campaign use the names of the games as bait; among these names are the following:

APB Reloaded, crossfire, dayz, Dying Light 2, F1® 22, Farming Simulator, farthest Frontier, fifa 22, Final Fantasy XIV, forza, Lego Star Wars, osu!, Pointblank, project Zomboid, Rust, Sniper Elite, spiderman, Stray, thymesia, VR Chat, Walken.

Gamers on YouTube are attacked by a self-propelled tandem – an infostealer and a miner

Gamers on YouTube are attacked by a self-propelled tandem – an infostealer and a miner

In all

Read more

Explore the site

More from the blog

Latest News