Hackers employ AI to generate YouTube videos with links to stealer malware

These malicious videos are passed off as tutorials on how to download hacked versions of software.

YouTube has become the latest platform where AI-generated content is being used to trick users into downloading malware that can steal personal information. However, the research firm CloudSEK has observed a 200% to 300% increase in the number of videos on YouTube that contain links to popular malware sources like Vidar, RedLine, and Raccoon since November 2022.

These videos are created as tutorials for downloading cracked versions of software that typically require a paid license, such as Photoshop, Premiere Pro, Autodesk 3ds Max, and AutoCAD.

Hackers behind this scheme benefit from creating AI-generated videos on platforms such as Synthesia and D-ID, featuring humans with familiar and trustworthy features. This popular trend has been used in recruitment, education, and promotional material, but it is now being used to create videos that contain malware.

The combination of these methods makes it easy for users to be tricked into clicking malicious links and downloading the malware infostealer, which can steal sensitive information such as passwords, credit card details, bank account numbers, and more.

Information stealer developers recruit and collaborate with traffers, who can find and share information on potential victims through underground marketplaces, and forums. They then use fake websites, phishing emails, YouTube tutorials, or social media posts to distribute their malware.

In case of YouTube, hackers gain of control over accounts and upload several videos in a row to attract the attention of the original creator's followers. If viewers identify the video as suspicious, they should report in order to block it and prevent further spread.