The cybersecurity company, Kaspersky, revealed a cryptobic Youtube malware blackmail where the attackers exploit the copyright strike system of the platform to force influencers in adding malicious ties to their video descriptions.
These actions have led without mistrust to downloads infected by Malware as the creators of YouTube content gave in to blackmail.
Kaspersky reveals SilentCryPtominner
Kaspersky’s report reveals that pirates exploit the confidence that YouTube influencers have built with their audience, which makes this campaign particularly dangerous. He cites a malware campaign where cybercriminals distribute malware disguised as tools to bypass digital restrictions.
More specifically, the pirates exploit copyright complaints, threatening and singing the creators of YouTube content to promote the Scrypryptominer Silent. Silentcryptominant is a sophisticated Trojan of Crypto-exploitation based on the Open Popular Open Source XMRIG.
According to the report, the malware cryptocurrency mines such as Ethereum (ETH), Ethereum Classic (etc.), Monero (XMR) and Ravencoin (RVN). He also uses the Bitcoin blockchain to maintain control of the botnets.
In the past six months, Kaspersky has detected more than 2.4 million Windows Packet Dirt Driver instances. It seems that cybercriminals take advantage of it to manipulate network traffic. They have many tools such as legitimate software solutions but contain hidden malicious useful loads.
Once installed, the malicious software persists on the system of a victim, bypassing security measures and changing critical system files.
In the report, Kaspersky highlights a case in which a youtuber with 60,000 subscribers helped distribute malware. The creator initially published videos demonstrating how to circumvent certain online restrictions and included a link to a supposed restriction bypass tool.
However, the file was infected with SilentCryptominer. Later, they edited the description of the infected video to delete the link, replacing it with a warning indicating that the program “does not work”.
“Then the attackers threatened the creators of content on the pretext of a copyright violation, demanding that they publish videos with malicious ties or risks of closing their YouTube channels. In this way, the crooks were able to manipulate the reputation of popular youtubers to force them to publish links to infected files, “read an extract in the report.
Use of copyright blows to force youtubers
In a more insidious decision, the pirates also filed false copyright complaints against YouTubers who refuse to cooperate. By threatening content creators with canal withdrawals, cybercriminals have forced them to distribute malware.
Cybersecurity experts warn that YouTube and other social media platforms may not be the only targets of these blackmail programs. Bad players could soon deploy similar tactics on Telegram and other messaging platforms where influencers are committed to their communities.
Therefore, users must remain cautious when downloading software from unconcetic sources. What seems to be apparently useful tools can serve as a gateway for malicious activities. Meanwhile, this discovery occurs only a month after Kaspersky has explained another major threat of cybersecurity.
“Our experts have discovered a new data flight horse, Sparkcat, active in the App Store and Google Play since at least March 2024. Sparkcat has been operating automatic learning to scan image galleries, theft of recovery sentences from the cryptocurrency portfolio, passwords and other sensitive data hidden in screen counters.”
This highlights the growing risks to which cryptocurrency investors face. While YouTube influencers become privileged targets for cybercriminals, the Arkham Blockchain Intelligence platform began to follow their wallets.
The new feature, nicknamed “Leader Key Opinion Leader (KOL)”, follows influencers’ portfolios with more than 100,000 subscribers on X. This means that investors can monitor if influencers really support tokens that they promote or if their approvals are only advertising. This underlines how the role of influencers extends beyond social media.
Non-liability clause
In membership of the Trust project guidelines, Beincrypto has embarked on transparent impartial reports. This press article aims to provide precise and timely information. However, readers are invited to check the facts independently and consult a professional before making decisions according to this content. Please note that our terms and conditions, our privacy policy and our non-responsibility clauses have been updated.
