Kaspersky Lab experts spoke about a new malicious campaign discovered on YouTube. Attackers offer to download the bundle, passing it off as cheats and pirated copies of popular games; in fact, the password-protected archive contains the RedLine infostealer and a cryptominer.
In addition to the named payload, several other executables are included; three of them were of particular interest to researchers. As it turned out, these executables allow you to automate the distribution of malicious advertising on YouTube: they receive and place videos on behalf of the victim with a link to the bundle (given in the description).
The authors of the cyber campaign use the names of the games as bait; among these names are the following:
APB Reloaded, crossfire, dayz, Dying Light 2, F1® 22, Farming Simulator, farthest Frontier, fifa 22, Final Fantasy XIV, forza, Lego Star Wars, osu!, Pointblank, project Zomboid, Rust, Sniper Elite, spiderman, Stray, thymesia, VR Chat, Walken.