Attackers have been propagating a Lumma Stealer variant via YouTube channels that post videos about cracking into popular applications. They prevent detection by Web filters by spreading the malware over open source platforms like MediaFire and GitHub rather than proprietary malicious servers.
The effort, according to FortiGuard researchers, is reminiscent of an attack that was uncovered in March of last year and employed artificial intelligence (AI) to disseminate step-by-step installation manuals for programmes like Photoshop, Autodesk 3ds Max, AutoCAD, and others without a licence.
“These YouTube videos typically feature content related to cracked applications, presenting users with similar installation guides and incorporating malicious URLs often shortened using services like TinyURL and Cuttly,” Cara Lin, Fortinet senior analyst, wrote in a blog post.
Modus operandi
The attack begins with a hacker infiltrating a YouTube account and publishing videos pretending to offer cracked software tips, along with video descriptions carrying malicious URLs. The descriptions also lure users to download a.ZIP file containing malicious content.
The videos identified by Fortinet were uploaded earlier this year; however, the files
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: