A new malware bundle uses victims' YouTube channels to upload malicious video tutorials advertising fake cheats for popular video games. The videos contain links to download the fake cracks and cheats which will actually install a collection of self-spreading malware.
The bundle contains RedLine Stealer, capable of stealing passwords, cookies, credit card details and cryptocurrency wallets. It also includes a cryptojacker, which uses the victim's machine to mine cryptocurrency for the attackers. The bundle also contains three malicious executables, used for self-propagation.
Recommendations:
- YouTube users are advised to scan their PC by using an up-to-date antivirus program.
- Turn on firewall at all times
- Disable the autofill settings on your web browser
- Make sure to clear all browsing data and cookies settings