Quick News Bit

Explained: How hackers are using YouTube videos to trick people into installing malware – Times of India

0
banner img
The malware that is being spread using the Youtube videos is called PennyWise which is capable of stealing all kinds of user data including — system information, login credentials, cookies, encryption keys and master passwords.

Security researchers have recently discovered that cybercriminals are misusing YouTube to spread a potent malware that is capable of stealing all kinds of information from your device. According to a report by TechRadar, researchers from Cyble Research Labs have come across more than 80 videos where all of them have “relatively few viewers” and also belong to the same user.
How do these Youtube videos try to trick victims?
As per the report, these YouTube videos demonstrate how to operate a particular bitcoin mining software in an attempt to convince viewers to download them. The report mentions that the download links can be found in the video’s description which comes in “a password-protected archive, to convince victims of its legitimacy.” Moreover, to make it look more real, the downloaded archive also includes a link to VirusTotal which shows the file as “clean” and also warns users that “some antivirus programs might trigger a false positive alert,” the report claims.
What is PennyWise and how does it affect its victims
The malware that is being spread using the Youtube videos is called PennyWise which is capable of stealing all kinds of user data including — system information, login credentials, cookies, encryption keys and master passwords. The report also states that this malware can also steal Discord tokens and Telegram sessions while taking screenshots along the way.
Apart from these, PennyWise can also scan the device for “potential cryptocurrency wallets, cold storage wallet data and crypto-related browser add-ons.” The malware collects all the above-mentioned data, compresses it into a single file and sends it over to a server under the attackers’ control before it self-destructs, the report suggests.
How PennyWise tries to hide from users
The report has also warned users that PennyWise is capable of analysing and being aware of its surroundings to ensure that it’s not “operating in a defended environment.” When the malware discovers that it’s in a sandbox or an analysis tool is running on the device, it immediately stops all actions it has deployed, the report claims.
Moreover, the researchers have also discovered that the malware tends to completely stop all its operations when it finds out that the victim’s endpoint is located in either Russia, Ukraine, Belarus, or Kazakhstan. The report also mentions that this behaviour offers some clue as to the affiliation of the operators.

FOLLOW US ON SOCIAL MEDIA

FacebookTwitterInstagramKOO APPYOUTUBE

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! NewsBit.us is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Leave a comment