Hot topics close

Malware Distribution via YouTube Videos Up 300% Spiceworks

AI-Generated YouTube videos contain links to information-stealing malware such as Vidar, RedLine, and Raccoon. Learn more about the problem.

Cybersecurity researchers at Cloudsek discovered that the number of AI-generated YouTube videos infected with and distributing malware has surged by 200-300% month-on-month.

Cloudsek assumed November 2022 as the base month of reference, post which AI-generated videos from Synthesia and D-ID that pretend to serve as a walkthrough for downloading and installing cracked software versions, including but not limited to Photoshop, Premiere Pro, Autodesk 3ds Max, AutoCAD, have exploded.

However, these videos contain links to information-stealing malware, also known as infostealers, such as Vidar, RedLine, and Raccoon. Links are obfuscated using URL shorteners (, and being the most prominent), being linked to legitimate file hosting platforms such as, and through the use of links that directly download the malicious zip file.

“It is well known that videos featuring humans, especially those with certain facial features, appear more familiar and trustworthy,” Cloudsek researchers noted. “Hence, there has been a recent trend of videos featuring AI-generated personas, across languages and platforms (Twitter, Youtube, Instagram), providing recruitment details, educational training, promotional material, etc. And threat actors have also now adopted this tactic.”

YouTube, being one of the most popular social media platforms and the most popular video-sharing platform (2.6 billion+ monthly active users), can be a bountiful avenue for threat actors to find victims. Cloudsek noted that since YouTube regularly reviews those affected by videos, it is difficult for threat actors to have long-term active accounts, given they are banned.

Cloudsek researchers added that cybercriminals usually target YouTube accounts with 100K+ subscribers to borrow their credibility and use it to target the subscribers through malicious videos. Before the video is flagged as a risk, hundreds of users can potentially fall prey to malware.

Targeted YouTube Accounts With Infostealers

Targeted YouTube Accounts With Infostealers

Targeted YouTube Accounts With Infostealers | Source: CloudsekOpens a new window

See More: Pirated Final Cut Pro Trojanized With Stealth Malware to Target Apple macOS

Additionally, five to ten crack software download video tutorials with links to infostealers are uploaded every hour. The idea is that even if YouTube identifies and takes down previous videos, there should be an unreported video ready to serve the malicious purpose of threat actors.

As an extra step, the hackers are also commenting through fake accounts of the contents of the video (and the malicious links) working for them.

Moreover, the hackers are also leveraging search engine optimization (SEO) to show their videos in top results. “Threat actors add an exhaustive list of tags that will deceive the YouTube algorithm to recommend the video and ensure it appears as one of the top results. While the tags include keywords relevant to the software, it also includes random keywords in different languages,” Cloudsek said.

A simple mitigation measure could be refraining from downloading pirated software. Users can also leverage multi-factor authentication and avoid navigating to unknown links.

Let us know if you enjoyed reading this news on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!

Image source: Shutterstock

Similar shots
News Archive
  • Tom Brady
    Tom Brady
    How Will the Tampa Bay Buccaneers Replace Tom Brady?
    1 Feb 2023
  • The Bachelorette NZ
    The Bachelorette NZ
    The Bachelorette: NZ's first Bachelorette is everything you wanted
    27 Jan 2020
  • Christchurch. Fire
    Christchurch. Fire
    'Insane' fire at scrap metal yard near boutique shopping mall in Christchurch
    17 Aug 2022
  • UK News
    UK News
    UK car sales fall to lowest level since 1992
    5 Jan 2021
  • Open Water
    Open Water
    Men's Swimming & Diving: Adlianitski, Stark to participate in CSCAA Collegiate Open Water National Championship - Norwich University
    10 Dec 2022
This week's most popular shots