Self-propagating malware attacks gamers, steals credentials via YouTube: Kaspersky

China Accuses NSA of Hacking its Aeronautics, Space Research University: Report

The self-propagating malware is said to be attacking gamers through YouTube videos. According to Kaspersky’s report, this is caused by an unusual malicious bundle, which includes malicious programs distributed in the form of a single installation file, self-extracting archive or other file with installer-type functionality. Its main payload is the widespread Redline Stealer — one of the most common Trojans used to steal passwords and credentials from browsers. The report also states that the bundle is available on the Underground Hacker Forum for a small price tag.

According to Kaspersky Report, the malicious bundle is only a few hundred dollars, which is a small price for malware. RedLine Stealer can steal usernames, passwords, cookies, bank card details, and autofill data from Chromium- and Gecko-based browsers, cryptowallets, instant messengers, and FTP/SSH/VPN clients. In addition, Redline can download and run third-party programs, execute commands, and open links in the default browser.

Along with the stealer, the bundle contains other files that facilitate the self-propagation of malware. In the process, YouTube channels are hacked and videos with malware are posted. “These videos advertise cheats and cracks and provide instructions for hacking popular games and software,” the report said.

Games for which cheats and cracks are mentioned in the video include APB Reloaded, Crossfire, DayZ, Dying Light 2, F1 22, Farming Simulator, Forest Frontier, FIFA 22, Final Fantasy XIV, Forza, Lego Star Wars, Osu!, Point . Blank, Project Zomboid, Rust, Sniper Elite, Spider-Man, Stray, Thymesia, VRChat and Walken. The report cited Google as saying that the hacked channel was quickly shut down for violating the company’s community guidelines.

Once accessed, the malicious bundle unpacks and executes three executable files. The first is a redline stealer and the second is a miner. The report states that the main target audience is gamers who are likely to have a video card installed in their system. These cards can be used for mining. A third executable file ensures automatic startup and runs the first of the batch files. These batch files run three other malicious files, which are responsible for the auto-distribution of the bundle.


Buying an affordable 5G smartphone today usually means you have to pay the “5G tax”. What does this mean for those looking to get access to 5G networks as soon as they launch? Find out in this week’s episode. Available on Orbital Spotify, the song, JioSaavn, Google Podcasts, The Apple Podcast, Amazon Music And where you can find your podcast.

LEAVE A REPLY

Please enter your comment!
Please enter your name here