A newly discovered malware bundle has been spreading through YouTube gaming videos that offer downloads of fake cracks and cheats.
Online security experts have discovered a new malware bundle that victimizes YouTube channel owners by uploading malicious gaming videos on fake tutorials, cheats, and cracks for games such as FIFA, Final Fantasy, Forza Horizon, Lego Star Wars, and Spider-Man. Bad actors use these malicious YouTube gaming videos to encourage viewers to download fake cracks and cheats that contain a self-spreading malware bundle.
According to Bleeping Computer, Kaspersky revealed in a new report that researchers discovered a RAR archive with an array of malware including RedLine, a widely used information-stealing program that targets common web browsers such as Google Chrome, Microsoft Edge, and Opera.
Malware, which is short for malicious software, is a collective term used to describe intrusive software such as viruses, spyware, adware, and ransomware that is developed by cybercriminals to steal data, damage computer systems, and carry out other security violations, Cisco reported.
How Malware Spreads from Malicious YouTube Gaming Videos
Kaspersky cybersecurity experts found that the new malware bundle logs into a YouTube account of a compromised user and uses their channel to upload gaming videos, under the guise of teaching different cracks and cheats. These videos include a link to download the cracks and cheats, but in fact are the malware bundle that includes the RedLine information stealer, TechRadar reported.
Aside from the information stealer, the malware bundle in YouTube gaming videos also includes a cryptojacker that compromises crypto wallets and mines cryptocurrency, the report added. Bad actors usually target gamers for crypto mining as they have the necessary computing power required for such actions.
In addition, the report revealed that the malware bundle includes three malicious executables called "download.exe", "upload.exe," and "MakiseKurisu.exe," an information stealer that targets browsers to take its cookies to store locally. The "download.exe" executable is responsible for downloading the fake crack video from a GitHub repository, while "upload.exe" uploads it to the compromised YouTube channel after using cookies to log into the user's account.
Kaspersky said in the report that when the fake YouTube gaming videos are uploaded, "upload.exe" also sends a message to Discord with a link to the video for dissemination, increasing the likelihood that people click on the video and mistakenly download the malware bundle linked in it.
Read Also: Beware: Fake Pixelmon NFT Stuffs Malware to Victims - Here's How it's Stealing Passwords, Cryptos
Bad Actors Increasingly Target Gamers in Malware Attacks
Kaspersky research revealed that there has been a 13% increase in malicious software attacks in the last year compared to the first half of 2021. In fact, there were up to 384,000 users who fell victims to malware attacks between July 1, 2021 to June 30, 2022 alone, Venture Beat reported.
Moreover, the report added that Kaspersky said bad actors usually use fake game installers to spread malware. The cybersecurity firm cited the pandemic as the precursor for the growth of the gaming industry in the last few years, allowing for cybercriminals to target gamers and steal essential information such as credit card data.
Related Article: Can You Guess What Game Hackers Love to Use to Hide Malware?
