Proofpoint, an IB company, has revealed that cybercriminals are distributing harmful programs through YouTube channels that promote hacked video games. According to Proofpoint’s report, hackers are including links in the descriptions of videos that lead to sites where Vidar, Stealc, and Lumma Stealer Infostilers are delivered.
The fraudsters are using compromised accounts of real users, and they have also created accounts that only last a few hours and are specifically made to spread malware. This deceptive tactic raises concerns at Proofpoint, as it could potentially affect children and adolescents who may not be able to recognize harmful content easily, especially those playing on home computers that have personal and confidential information.
YouTube has taken action by deleting more than 24 accounts and malicious videos. A YouTube representative mentioned that they have policies in place to prohibit users from posting content in descriptions that violate platform rules, including malicious programs.
The malicious software is primarily distributed through links to Mediafire file hosting, with some cases involving links to Discord channels that offer disguises for downloading malware.
One example cited in the report involves an account with 113,000 subscribers that was either compromised or sold to an attacker who used it for malicious purposes. The account, which was previously inactive for about a year after publishing Thai content, suddenly posted 12 new videos in English related to video games or hacking software within 24 hours.
Proofpoint was unable to identify the hackers behind the campaign or link it to any known group, stating that the activity seemed to be carried out by several distinct clusters.
These hackers are targeting video game players who may not have the same level of protection against attacks as corporate users. While the financial gains from these compromises may not be significant, players often have access to credit cards, cryptocurrencies, or other personal information that can be exploited or sold.