www.techradar.com
Open in
urlscan Pro
151.101.130.114
Public Scan
URL:
https://www.techradar.com/news/these-youtube-gaming-videos-are-spreading-malware
Submission: On September 18 via manual from US — Scanned from DE
Submission: On September 18 via manual from US — Scanned from DE
Form analysis 2 forms found in the DOM
GET https://www.techradar.com/search
<form class="search-box" action="https://www.techradar.com/search" method="GET" data-component-tracked="19">
<input tabindex="0" type="search" name="searchTerm" placeholder="Search TechRadar" class="search-input">
<button type="submit" class="search-submit">
<span class="icon icon-search">
<svg class="icon-svg" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1000 1000">
<path d="M720 124a422 422 0 1 0-73 654l221 222 132-131-222-222a422 422 0 0 0-58-523zm-92 504a291 291 0 1 1-412-412 291 291 0 0 1 412 411z"></path>
</svg> </span>
</button>
</form>POST https://newsletter-subscribe.futureplc.com/v2/submission/submit
<form class="emailform" method="POST" action="https://newsletter-subscribe.futureplc.com/v2/submission/submit" data-component-tracked="8">
<div class="input__wrapper">
<input type="text" class="name__input" name="NAME" value="">
<input type="email" class="mail__input" name="MAIL" value="" placeholder="Your Email Address" required="">
</div>
<div class="emailform__checkbox-rows">
<div class="emailform__checkbox-row" data-newsletter-consent-type="default-market" id="emailform__consent-news-and-offers">
<label class="emailform__checkbox-row__label">
<input type="checkbox" id="emailform__consent-news-and-offers-yes" class="emailform__checkbox-row__checkbox" value="1" name="CONTACT_OTHER_BRANDS"> Contact me with news and offers from other Future brands </label>
</div>
<div class="emailform__checkbox-row" data-newsletter-consent-type="default-market" id="emailform__consent-partners-and-sponsors">
<label class="emailform__checkbox-row__label">
<input type="checkbox" id="emailform__consent-partners-and-sponsors-yes" class="emailform__checkbox-row__checkbox" value="1" name="CONTACT_PARTNERS"> Receive email from us on behalf of our trusted partners or sponsors </label>
</div>
</div>
<div class="submit__wrapper">
<input class="submit__button" type="submit" value="Sign me up">
</div>
<input type="hidden" class="hidden__newsletter_code" name="NEWSLETTER_CODE" id="NEWSLETTER_CODE" value="XTP-X" data-newsletter-consent-type="default">
<input type="hidden" class="hidden__lang" name="LANG" id="LANG" value="EN" data-newsletter-consent-type="default">
<input type="hidden" class="hidden__source" name="SOURCE" id="SOURCE" value="2" data-newsletter-consent-type="default">
</form>Text Content
WE VALUE YOUR PRIVACY
We and our partners store and/or access information on a device, such as cookies
and process personal data, such as unique identifiers and standard information
sent by a device for personalised ads and content, ad and content measurement,
and audience insights, as well as to develop and improve products.
With your permission we and our partners may use precise geolocation data and
identification through device scanning. You may click to consent to our and our
partners’ processing as described above. Alternatively you may access more
detailed information and change your preferences before consenting or to refuse
consenting.
Please note that some processing of your personal data may not require your
consent, but you have a right to object to such processing. Your preferences
will apply to this website only. You can change your preferences at any time by
returning to this site or visit our privacy policy.
MORE OPTIONSAGREE
Skip to main content
Tech Radar
*
*
TechRadar IT Insights for Business
Search
Subscribe
RSS
(opens in new tab) (opens in new tab) (opens in new tab) (opens in new tab)
US Edition
Asia
India
Singapore
Middle East
Europe
Danmark
Suomi
Norge
Sverige
UK
Italia
Nederland
België (Nederlands)
France
Deutschland
España
North America
US (English)
Canada
US (Español)
Australasia
Australia
New Zealand
Technology Magazines
Why subscribe?
* The best tech tutorials and in-depth reviews
* Try a single issue or save on a subscription
* Issues delivered straight to your door or device
From€8
View
*
* News
* Reviews
* Website builders
* Features
* Web hosting
* Dell SB
* Perimeter 81
* Security
Trending
* Windows 11 for business
* Best hybrid working tech
* Microsoft Teams updates
* Latest Mobile news
* Office 2021
TechRadar is supported by its audience. When you purchase through links on our
site, we may earn an affiliate commission. Here’s why you can trust us.
1. Home
2. News
3. Computing
THESE YOUTUBE GAMING VIDEOS ARE SPREADING MALWARE
By Sead Fadilpašić
published 2 days ago
Self-seeding malware spreading through malicious YouTube videos
* (opens in new tab)
* (opens in new tab)
*
* (opens in new tab)
* (opens in new tab)
*
(Image credit: Shutterstock)
Audio player loading…
A newly discovered malicious campaign that distributes the RedLine Stealer
infostealer comes with a very interesting self-propagation mechanism,
researchers have found.
Cybersecurity experts from Kaspersky uncovered new malware (opens in new tab)
that logs into the YouTube accounts of compromised users and uploads a video to
their channel, which distributes RedLine Infostealer.
A victim, ideally a PC gamer, finds a YouTube video on cracks, or cheats, for
one of their favorite games: either FIFA, Final Fantasy, Forza Horizon, Lego
Star Wars, or Spider-Man. In the video’s description are links that claim to
hold those cracks and cheats which, in fact, host multiple malware bundled
together.
CRYPTOJACKERS, INFOSTEALERS
In the bundle is RedLine Stealer, one of the most popular infostealers nowadays,
capable of stealing (opens in new tab) passwords stored in people’s browsers,
cookies, credit card details, instant messaging conversations, and
cryptocurrency wallets.
RECOMMENDED VIDEOS FOR YOU...
The bundle also holds a cryptojacker, essentially a cryptocurrency miner which
uses the computing power of the compromised endpoint to mine certain
cryptocurrency for the attackers. Cryptocurrency mining usually requires
significant GPU power, something most gamers usually have.
But perhaps most interestingly, the bundle has three malicious executables, used
for self-propagation. These are called “MakiseKurisu.exe”, “download.exe”, and
“upload.exe”. MakiseKurisu is an infostealer that grabs browser cookies and
stores them locally.
Read more
> A nasty new infostealer malware is landing in email inboxes
> Here's another good reason not to download pirated software
> Protect against DDoS attacks with these solutions (opens in new tab)
Then, download.exe would grab the fake crack video from a GitHub repository, and
hand it over to upload.exe, which would upload it to the victim’s YouTube
account, after using cookies to log in.
If the victim isn’t an avid YouTube user, or has notifications turned off, there
is a good chance the malicious video could sit on their YouTube channel for a
long time, before being taken down.
“When the video is successfully uploaded to YouTube, upload.exe sends a message
to Discord with a link to the uploaded video,” Kaspersky explains.
* Here's our rundown of the best firewalls (opens in new tab) available now
Via: BleepingComputer (opens in new tab)
Sead Fadilpašić
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and
Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity
(ransomware, data breaches, laws and regulations). In his career, spanning more
than a decade, he’s written for numerous media outlets, including Al Jazeera
Balkans. He’s also held several modules on content writing for Represent
Communications.
See more Computing news
More about...
Forget the RTX 4090 - the RTX 4070 is the graphics card I want
Nvidia RTX 3070 Ti graphics card could soon get a big upgrade
Latest
How to watch Real Girlfriends in Paris online - don't miss RGIP wherever you are
See more latest
Most Popular
Best small business routers of 2022: top routers for work
By Desire Athowabout 13 hours ago
Read more
Best business keyboards of 2022: work faster and safer
By Matt Hansonabout 15 hours ago
Read more
Dell's glorious UltraSharp 8K monitor gets a massive double discount
By Collin Probst1 day ago
Read more
The material inside your pencil could unlock the next generation of advanced
processors
By Joel Khalili1 day ago
Read more
AMD Ryzen 9 7900X leak suggests an impressive 12-core CPU
By Darren Allan1 day ago
Read more
How to convert your video into different formats using Free Video Converter
By Sofia Wyciślik-Wilson1 day ago
Read more
Employees are now taking the lead in the future of work
By Magnus Falk1 day ago
Read more
Nvidia might be losing one of its biggest GPU manufacturers
By Allisa James1 day ago
Read more
Discord brings back old-school message boards to help organize messy channels
By Cesar Cadenas1 day ago
Read more
RTX 3090 vs RTX 4090: battle of the titans
By Muskaan Saxena1 day ago
Read more
Are you a pro? Subscribe to our newsletter
Sign up to theTechRadar Pro newsletter to get all the top news, opinion,
features and guidance your business needs to succeed!
Contact me with news and offers from other Future brands
Receive email from us on behalf of our trusted partners or sponsors
Thank you for signing up to TechRadar. You will receive a verification email
shortly.
There was a problem. Please refresh the page and try again.
By submitting your information you agree to the Terms & Conditions (opens in new
tab) and Privacy Policy (opens in new tab) and are aged 16 or over.
MOST POPULARMOST SHARED
1. 1
Margot Robbie wants to fight a snake in a wild and lust-filled first Babylon
trailer
2. 2
iPhone 14 Pro Max review
3. 3
Leaked Google Assistant update spells the end for “Hey Google”
4. 4
Employees are losing hundreds of hours to old-school ways of working
5. 5
Over 280,000 WordPress sites may have been hijacked by zero-day hiding in
popular plugin
1. 1
iOS 16's battery update won’t come to smaller iPhones
2. 2
In Warhammer 40,000 RPG Rogue Trader, you’re 'less of an adventurer' and
more 'like a god'
3. 3
Intel CEO warns of more tough times ahead
4. 4
DuckDuckGo, Proton, Mozilla throw weight behind bill targeting Big Tech
‘surveillance’
5. 5
Leaked Nvidia RTX 4090 price practically confirms our worst fears
Technology Magazines
* ●
* The best tech tutorials and in-depth reviews
From€8
View
TechRadar is part of Future US Inc, an international media group and leading
digital publisher. Visit our corporate site (opens in new tab).
* About Us (opens in new tab)
* Contact Us (opens in new tab)
* Terms and conditions (opens in new tab)
* Privacy policy (opens in new tab)
* Cookies policy (opens in new tab)
* Advertise with us (opens in new tab)
* Web notifications (opens in new tab)
* Accessibility Statement
* Careers (opens in new tab)
© Future US, Inc. Full 7th Floor, 130 West 42nd Street, New York, NY 10036.