Experts have discovered an advanced malware campaign that exploits the rising popularity of Windows Packet Divert drivers to escape internet checks.
Malware targets YouTubers
Hackers are spreading SilentCryptominer malware hidden as genuine software. It has impacted over 2000 victims in Russia alone. The attack vector involves tricking YouTubers with a large follower base into spreading malicious links.
“Such software is often distributed in the form of archives with text installation instructions, in which the developers recommend disabling security solutions, citing false positives,” reports Secure List. This helps threat actors by “allowing them to persist in an unprotected system without the risk of detection.
Innocent YouTubers Turned into victims
Most active of all have been schemes for distributing popular stealers, remote access tools (RATs), Trojans that provide hidden remote access, and miners that harness computing power to mine cryptocurrency.” Few commonly found malware in the distribution scheme are: Phemedrone, DCRat NJRat, and XWorm.
In one incident, a YouTuber with 60k subscribers had put videos containing malicious links to infected archives, gaining over 400k views. The malicious
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.