Avid gamers on the lookout for cheats on YouTube are being focused with hyperlinks to malicious password-protected archive recordsdata designed to put in the RedLine Stealer malware and crypto miners on compromised machines.
“The movies promote cheats and cracks and supply directions on hacking in style video games and software program,” Kaspersky safety researcher Oleg Kupreev mentioned in a brand new report revealed at the moment.
Video games talked about within the movies are APB Reloaded, CrossFire, DayZ, Farming Simulator, Farthest Frontier, FIFA 22, Last Fantasy XIV, Forza, Lego Star Wars, Sniper Elite, and Spider-Man, amongst others.
Downloading the self-extracting RAR archive results in the execution of Redline Stealer, a coin miner, in addition to various different binaries that allow the bundle’s self-propagation.
Particularly, that is achieved via an open-source C#-based password stealer that is able to extracting cookies from browsers, which is then utilized by the operators to realize unauthorized entry to the sufferer’s YouTube account and add a video with a hyperlink to the malicious archive.
As soon as a video is efficiently uploaded to YouTube, one of many executables within the archive transmits a message to Discord with a hyperlink to the uploaded video.
The findings come as the full variety of customers who encountered gaming-related malware and undesirable software program from July 1, 2021, by June 30, 2022 touched almost 385,000, with over 91,000 recordsdata distributed below the guise of video games equivalent to Minecraft, Roblox, Want for Pace, Grand Theft Auto, and Name of Obligation.
“Cybercriminals actively hunt for gaming accounts and gaming laptop assets,” Kupreev mentioned. “Stealer-type malware is usually distributed below the guise of sport hacks, cheats and cracks. All that is additional proof, if any had been wanted, that unlawful software program must be handled with excessive warning.”