EXPERTS have warned about hackers who are using YouTube to spread malicious malware.
Cybersecurity company Kaspersky uncovered a trojan dubbed RedLine frequenting YouTube.
The trojan steals personal and financial information from infected devices.
HOW DOES IT WORK?
Cybercriminals are distributing RedLine under the facade of game cheats.
Kaspersky described the attack in a blog post: “Attackers post videos on YouTube allegedly about how to use cheats in popular online games such as Rust, FIFA 22, DayZ, and a couple of dozen more.
“The videos look quite convincing and prompt actions that gamers who are no strangers to cheating are well accustomed to.”
In particular, this looks like following a link in the description to download an archive and then running it.
Should the download fails, the video creators direct users to disable Windows SmartScreen.
SmartScreen is a tool that protects Microsoft Edge users from phishing and malicious sites.
“For some reason, however, they unkindly fail to mention that this will result in a whole package of malware being installed on the user’s computer at once,” Kaspersky noted.
Most read in News Tech
Once the user unknowingly downloads RedLine, the trojan steals valuable information on the computer starting with browser-saved passwords.
What’s more, the trojan can execute commands on the computer and mine for cryptocurrency.
“RedLine comes with a cryptocurrency miner for deployment on the victim’s computer,” Kaspersky explained.
“Gaming computers are a logical target for cybercriminals in this regard since they usually have powerful GPUs, which are quite useful for cryptocurrency mining,” the company continued.
HOW TO STAY SAFE
“We really should start with the obvious: don’t download cheats,” Kaspersky said.
“Besides being unethical, it’s simply not safe. Cheats violate the user agreement with the game developer, which means they automatically occupy a gray zone,” the company added.
Moreover, cheats are never distributed through secure official channels.
As such, downloading something from unverified sources increase your chances of installing malware.
In addition, Kaspersky recommends turning on two-factor authentication.
Users should also never disable protection features, including browser filtering and a proper security solution.