AI-generated YouTube videos spreading info-stealing malware, Here’s how
CloudSEK report claims that there has been a recent upsurge in videos on YouTube that contain harmful links to infostealers in their descriptions. These videos often use AI-generated personas to trick viewers into trusting them.
By The Feed | Updated:
Reuters
According to a report by cyber intelligence firm CloudSEK, YouTube has recently experienced a surge in videos that include harmful links to infostealers in their descriptions. Many of these videos make use of AI-generated personas to deceive viewers into trusting them.
Since November 2022, there has been a significant increase of 200-300% in content uploaded to the video hosting website that tricks viewers into installing well-known malware like Vidar, RedLine, and Raccoon. The videos claim to be tutorials on how to download illicit copies of popular paid-for design software such as Adobe Photoshop, Premiere Pro, Autodesk 3ds Max, and AutoCAD.
The tutorial videos have become increasingly sophisticated, evolving from simple screen recordings and audio walkthroughs to now utilizing AI to create a realistic portrayal of a person guiding the viewer through the process. The goal is to create a more trustworthy appearance and deceive viewers into downloading malware.
According to CloudSEK, the use of AI-generated videos is growing for legitimate purposes like education, recruitment, and promotion, but unfortunately, cybercriminals are also taking advantage of this technology for their malicious purposes.
Infostealers are a type of malware that infiltrate a user's system and steal personal and valuable information, including passwords and payment details. They are often spread through malicious downloads and links, such as those found in video descriptions in this case. The stolen data is then uploaded to the attacker's server.
CloudSEK has highlighted that YouTube, with its 2.5 billion monthly users, is a prime target for threat actors. To avoid detection by the platform's automated content review process, attackers employ various tactics to deceive the algorithm. These tactics include using region-specific tags, adding fake comments to make videos appear legitimate, and flooding the platform with multiple videos to compensate for any removed or banned content. CloudSEK discovered that as many as 5-10 of these malicious videos are uploaded every hour.
For SEO optimization, attackers also use hidden links and random keywords in different languages to manipulate YouTube's recommendation algorithm. To conceal the malicious nature of the links, link-shortening services like bit.ly and file hosting services such as MediaFire are frequently utilized.
According to CloudSEK, relying solely on traditional string-based rules will not be enough to detect malware that uses dynamically generated or encrypted strings. Instead, they recommend that organizations adopt a more manual approach to threat detection, where tactics and techniques of threat actors are closely monitored to correctly identify potential threats.
Moreover, CloudSEK suggests conducting awareness campaigns that share simple advice such as avoiding clicking on unknown links and using multi-factor authentication to secure accounts, preferably with an authenticator app.
FAQs
Since November 2022, there has been a significant increase of 200-300% in content uploaded to the video hosting website that tricks viewers into installing well-known malware like Vidar, RedLine, and Raccoon. The videos claim to be tutorials on how to download illicit copies of popular paid-for design software such as Adobe Photoshop, Premiere Pro, Autodesk 3ds Max, and AutoCAD.
The tutorial videos have become increasingly sophisticated, evolving from simple screen recordings and audio walkthroughs to now utilizing AI to create a realistic portrayal of a person guiding the viewer through the process. The goal is to create a more trustworthy appearance and deceive viewers into downloading malware.
According to CloudSEK, the use of AI-generated videos is growing for legitimate purposes like education, recruitment, and promotion, but unfortunately, cybercriminals are also taking advantage of this technology for their malicious purposes.
Infostealers are a type of malware that infiltrate a user's system and steal personal and valuable information, including passwords and payment details. They are often spread through malicious downloads and links, such as those found in video descriptions in this case. The stolen data is then uploaded to the attacker's server.
ADVERTISEMENT
CloudSEK has highlighted that YouTube, with its 2.5 billion monthly users, is a prime target for threat actors. To avoid detection by the platform's automated content review process, attackers employ various tactics to deceive the algorithm. These tactics include using region-specific tags, adding fake comments to make videos appear legitimate, and flooding the platform with multiple videos to compensate for any removed or banned content. CloudSEK discovered that as many as 5-10 of these malicious videos are uploaded every hour.
For SEO optimization, attackers also use hidden links and random keywords in different languages to manipulate YouTube's recommendation algorithm. To conceal the malicious nature of the links, link-shortening services like bit.ly and file hosting services such as MediaFire are frequently utilized.
According to CloudSEK, relying solely on traditional string-based rules will not be enough to detect malware that uses dynamically generated or encrypted strings. Instead, they recommend that organizations adopt a more manual approach to threat detection, where tactics and techniques of threat actors are closely monitored to correctly identify potential threats.
Moreover, CloudSEK suggests conducting awareness campaigns that share simple advice such as avoiding clicking on unknown links and using multi-factor authentication to secure accounts, preferably with an authenticator app.
ADVERTISEMENT
FAQs
- Who are the founders of YouTube?
Jawed Karim, Steve Chen, Chad Hurley - When was YouTube founded?
February 14, 2005
Download
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
Download
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
Related Articles
154 YouTube videos, 703 Insta reels linked to Badshah's song 'Tateeree' removed: Haryana Police2026-03-23T06:19:08Z- Farah Khan, maker of Main Hoon Na, says kids’ college fees forced her into making YouTube videos2025-11-06T09:42:48Z
- Daniel Naroditsky posted chilling YouTube video days before his unexpected death at 29. What was troubling US chess grandmaster?2025-10-21T10:27:11Z
ADVERTISEMENT
