[ad_1]
Researchers from Kaspersky have identified a collection of malicious programs distributed in the form of a single installation file, self-extracting archive or other file with an installer-type functionality aimed specifically at gamer on Youtube. Its main payload RedLine stealerone of the most common Trojans used to steal passwords and credentials from browsers.
Cybercriminals actively hunt for computer accounts and resources used for gaming. As Kaspersky experts noted in their recent overview of gaming-related cyber threats, stealer-type malware is often distributed under the guise of game hacks, cheats and cracks.
Furthermore, RedLine capable of steal usernames, passwords, cookies, bank card data and autofill data from browsers based on Chromium and Gecko, data from cryptowallet, instant messaging programs and FTP / SSH / VPN clients, as well as files with particular extensions.
Cyber criminals have entered infected bundles on victims’ YouTube channels with the excuse of offering game-related content, along with a link to a self-extracting RAR archive in the video description. The archive contains several malicious files, including the famous RedLine stealer.
In addition to the RedLine payload, the discovered bundle is relevant for its self-propagating capability. Several files, present in the bundle described, are responsible for it: they receive the videos and publish them on the YouTube channels of the affected users together with links that refer to a password-protected archive. The videos promote cheats and cracks, providing instructions on hacking popular games and software. Among the games involved there are APB Reloaded, CrossFire, DayZ, Dying Light 2, F1 22, Farming Simulator, Farthest Frontier, FIFA 22, Final Fantasy XIV, Forza, Lego Star Wars, Osu !, Point Blank, Project Zomboid, Rust, Sniper Elite, Spider-Man , Stray, Thymesia, VRChat and Walken.
Another element that attracted the attention of researchers logically a miner, since gamers, judging by the video, are the main target. Video cards have probably been installed that can be used for mining.
Gamers are one of the categories most targeted by cybercriminals. This time the attackers used gambling-related content as bait to steal victims’ credentials and to mine their computers. Our advice to choose the sources carefully to satisfy your desire to play and not to download suspicious archives from untrustworthy accountscommented Oleg Kupreev, Kaspersky Senior Security Researcher.
More information on Redline gaming attacks can be found at Securelist.
.
[ad_2]
Source link
