Players on the lookout for cheats on YouTube are being focused with hyperlinks to malicious password-protected archive information designed to put in the RedLine Stealer malware and crypto miners on compromised machines.
“The movies promote cheats and cracks and supply directions on hacking well-liked video games and software program,” Kaspersky safety researcher Oleg Kupreev mentioned in a brand new report revealed at present.
Video games talked about within the movies are APB Reloaded, CrossFire, DayZ, Farming Simulator, Farthest Frontier, FIFA 22, Last Fantasy XIV, Forza, Lego Star Wars, Sniper Elite, and Spider-Man, amongst others.
Downloading the self-extracting RAR archive results in the execution of Redline Stealer, a coin miner, in addition to numerous different binaries that allow the bundle’s self-propagation.
Particularly, that is achieved by the use of an open-source C#-based password stealer that is able to extracting cookies from browsers, which is then utilized by the operators to achieve unauthorized entry to the sufferer’s YouTube account and add a video with a hyperlink to the malicious archive.
As soon as a video is efficiently uploaded to YouTube, one of many executables within the archive transmits a message to Discord with a hyperlink to the uploaded video.
The findings come as the full variety of customers who encountered gaming-related malware and undesirable software program from July 1, 2021, by June 30, 2022 touched practically 385,000, with over 91,000 information distributed beneath the guise of video games akin to Minecraft, Roblox, Want for Velocity, Grand Theft Auto, and Name of Obligation.
“Cybercriminals actively hunt for gaming accounts and gaming laptop sources,” Kupreev mentioned. “Stealer-type malware is usually distributed beneath the guise of recreation hacks, cheats and cracks. All that is additional proof, if any have been wanted, that unlawful software program needs to be handled with excessive warning.”
