We’ve seen malware and spyware hidden inside seemingly innocent Google Play Store apps. Trojans can now hide in a variety of places other than app stores, including captions or subtitles for YouTube movies.
Asec, a Korean security firm, released a new study detailing malware that aims to capture users’ passwords and links by posing as hacking and cheating movies.
Also Read: Google Launches Air Raid Alerts for Android Devices in Ukraine
RedLine is a data-stealing virus that targets popular online browsers including Chrome, Edge, and Opera, demonstrating why keeping passwords in browsers is a terrible idea. Since its discovery in March 2020, it has remained the most prominent cyber threat affecting consumers all around the world. It’s a low-cost information-stealer that can be purchased on cyber-crime forums for under $200 and quickly deployed without requiring much knowledge or effort.
As discovered download links for RedLine in the title of a YouTube video that appeared to give Valorant hacks. According to Bleeping Computer, malicious links of this nature are easy to get onto YouTube since threat actors can easily get over YouTube’s new content submission reviews or even create new accounts after being reported and barred.
Also Read: Xiaomi Unveils a Smart Curtain Companion
Passwords, credit card numbers, any information saved for AutoFill forms, bookmarks, and cookies are among the data that this spyware can acquire, according to Asec. Armory, AtomicWallet, BitcoinCore, Bytecoin, DashCore, Electrum, Ethereum, and Jaxx are just a few of the crypto wallets that RedLine may drain. RedLine, according to researchers, uses Discord to relay data back to the malware’s command and control system, which is a relatively new development strategy.
While sending malicious malware through YouTube material isn’t technically novel, researchers say it’s not as popular as phishing emails and SMS. According to the Infosec Institute’s investigation of RedLine, it appears that the malware intends to continue infecting more browsers and stealing otherwise classified information. So, what can you do to keep your data safe? It may seem self-evident, but random links appearing in YouTube captions or comments should be avoided at all costs.