Hackers are increasingly targeting YouTube videos for financial gain by exploiting the platform’s large audience.
They hijack popular channels to distribute malicious links and scam content while impersonating original creators.
Recent research from Kaspersky Lab reveals that hackers have used YouTube to deploy sophisticated malware, particularly through a cryptocurrency mining campaign aimed at Russian-speaking users in 2022.
The attackers employed various methods, including SEO manipulation and compromised Telegram channels, to spread malware disguised as popular software like uTorrent and Microsoft Office.
The attack chain began with password-protected files containing VBScript, initiating a multi-stage sequence that escalated privileges to the system level.
Malware persistence was achieved through mechanisms such as registry modifications and remote access using open-source tools.
The final payload, known as SilentCryptoMiner, targets privacy-focused cryptocurrencies while employing stealth techniques to evade detection.