CloudSEK researchers observe new technique uses AI-generated human personas for the tried-and-true tactic of spreading malware via phishing campaigns.
“The use of AI to include digitally generated humans is an interesting touch, especially if they are generating them based on the generally accepted symmetry which makes people find them ‘attractive,’ and thus ‘soothing’ or ‘trusting,’” said Fulmer. The threat actors use previous data leaks, phishing techniques and stealer logs to take over existing YouTube accounts. The threat actors target the online video-sharing platform because of YouTube's roughly 2.5 billion active monthly users.
Cybersecurity researchers have observed a 200–300% month-on-month increase in YouTube videos containing links to information stealer (infostealer) malware ...
A growing number of these were generated using artificial intelligence (AI) programs such as Synthesia and D-ID. “String-based rules will prove ineffective against malware that dynamically generates strings and/or uses encrypted strings. Infostealers observed to be delivered via these videos included Vidar, RedLine and Raccoon. “[For instance], a Hogwarts [Legacy] crack download video generated using d-id.com was uploaded to a YouTube channel with 184,000 subscribers. [Read more on Raccoon here: Credential Stealer Malware Raccoon Updated to Obtain Passwords More Efficiently](https://www.infosecurity-magazine.com/news/credential-stealer-malware-raccoon/) Encryption and encoding methods differ from sample to sample (e.g., new versions of Vidar, Raccoon, etc.),” Karthick explained.
According to cybersecurity firm CloudSEK, these videos, which have increased by 200-300 percent month-on-month since November 2022, often pose as tutorials ...
[Market Coverage](https://www.cnbctv18.com/market/), [Business News](https://www.cnbctv18.com/business/)& get real-time [Stock Market](https://www.cnbctv18.com/market-live/)Updates on CNBC-TV18. Users should also enable multi-factor authentication, refrain from clicking on unknown links and emails, and avoid using pirated software. In a concerning trend, these threat actors are now utilising AI-generated videos to amplify their reach, and YouTube has become a convenient platform for their distribution. CloudSEK said it has observed a 2-3 times month-on-month increase in the number of videos spreading stealer malware on the platform. To spread this malware, threat actors seem to be employing various tactics, including screen recordings and audio walkthroughs. YouTube is the most popular platform for watching videos and has over 122 million daily active users, according to Global Media Insight.
AI-generated videos pose as tutorials on how to get cracked versions of Photoshop, Premiere Pro, and more.
"Hence, there has been a recent trend of videos featuring AI-generated personas, across languages and platforms (Twitter, Youtube, Instagram), providing recruitment details, educational training, promotional material, etc. [infostealer malware.](https://www.darkreading.com/threat-intelligence/infostealer-malware-market-booms-mfa-fatigue) Artificial Intelligence is being used to generate videos pretending to be step-by-step tutorials on how to access programs like Photoshop, Premiere Pro, Autodesk 3ds Max, AutoCAD, and others without a license.
The videos spotted by researchers are masked as tutorials on ways to download free versions of software like Adobe Photoshop, Premiere Pro, Autodesk 3ds Max ...
[research ](https://cloudsek.com/blog/threat-actors-abuse-ai-generated-youtube-videos-to-spread-stealer-malware)found that 5-10 crack software download videos with malicious links are uploaded to YouTube every hour. According to CloudSEK, threat actors use certain methods to evade YouTube's algorithm and review process, such as using region-specific tags, writing fake comments to add legitimacy, and continuously uploading videos to keep up with take downs. Let us know in the comments below. Infostealers can steal information like passwords, credit card information, bank account numbers, and more from users if they mistakenly end up clicking on a malicious link that downloads a file. Your best bet is to never install files from unverified sources. [YouTube](https://www.indiatimes.com/technology/news/womens-day-youtube-creators-making-waves-595271.html) videos that contain links to stealer [malware,](https://www.indiatimes.com/technology/news/hackers-using-james-webb-space-telescopes-images-to-spread-malware-578516.html) a Trojan that gathers information like usernames and passwords from unsuspecting users.
According to a report, hackers are using AI-generated YouTube videos to spread malware and steal sensitive user information. Know the details.
Know how](/how-to/ios-16-tip-read-deleted-messages-on-your-iphone-know-how-71678620640523.html) [ How to check iPhone battery health and when to replace it](/how-to/how-to-check-iphone-battery-health-and-when-to-replace-it-71678010896052.html) [cyber crime](/tags/cyber-crime) [youtube](/tags/youtube) [Tips & Tricks](/how-to) [ iPhone frozen? [ 5 Smartwatches to gift on Women’s Day: NoiseFit Halo, Gizmore Cloud, Fitshot Aster and more](/wearables/news/5-smartwatches-to-gift-on-women-s-day-noisefit-halo-gizmore-cloud-fitshot-aster-and-more-71678178280005.html) [ GTA V Cheats: List of all GTA V Cheat Codes for PS4](/gaming/news/gta-v-cheats-list-of-all-gta-v-cheat-codes-for-ps4-71678075784171.html) [ Best water-resistant phones to buy on Holi: iPhone 14 Pro Max, Samsung Galaxy S23 Ultra, more](/mobile/news/best-water-resistant-phones-to-buy-on-holi-iphone-14-pro-max-samsung-galaxy-s23-ultra-more-71677845045893.html) [ Amazon Prime Gaming Free Games March 2023: Baldur's Gate, Book of Demons and more](/gaming/news/amazon-prime-gaming-free-games-march-2023-baldur-s-gate-book-of-demons-and-more-71677843956980.html) [ How the iPhone changed my biases after years of Android use](/mobile/news/how-the-iphone-changed-my-biases-after-years-of-android-use-71677831783346.html) [Gaming](/gaming) [ PS5 update! Delays ‘Suicide Squad’ Game Again After Fan Backlash](/gaming/news/warner-bros-delays-suicide-squad-game-again-after-fan-backlash-71678390889908.html) [ Call of Duty Warzone Mobile to launch soon; Could mean BAD NEWS for CoD: Mobile](/gaming/news/call-of-duty-warzone-mobile-to-launch-soon-could-mean-bad-news-for-cod-mobile-71678372329258.html) [ GTA V Cheats for PS5: List of all GTA V Cheat Codes; get stunning booster shot](/gaming/news/gta-v-cheats-for-ps5-list-of-all-gta-v-cheat-codes-get-stunning-booster-shot-71678188274976.html) [ GTA V Cheats: List of all GTA V Cheat Codes for PS4](/gaming/news/gta-v-cheats-list-of-all-gta-v-cheat-codes-for-ps4-71678075784171.html) [report](https://tech.hindustantimes.com/tags/report) claims, there is an increased usage of AI-generated videos. These videos, while found primarily on [YouTube](https://tech.hindustantimes.com/tags/youtube), can also be seen on Facebook, Instagram and Twitter. [report](https://cloudsek.com/blog/threat-actors-abuse-ai-generated-youtube-videos-to-spread-stealer-malware) comes from the IT security intelligence company CloudSEK, which revealed that there is a massive increase in YouTube videos which contain dangerous stealer malware such as Vidar, RedLine, and Raccoon in their descriptions. Alternatively, you can also take it to an expert to get the malware removed. The videos would urge viewers to download a free app which would be linked in the description. It is the part of the URL written between https and dotcom. These hackers upload YouTube videos which are made entirely by AI (artificial intelligence) and they urge users to download useful apps and software which, in actuality, is malware in disguise. Earlier, to protect their identity, these hackers would simply use a screen recording and use written text as steps for their
AI-Generated YouTube videos contain links to information-stealing malware such as Vidar, RedLine, and Raccoon. Learn more about the problem.
The idea is that even if YouTube identifies and takes down previous videos, there should be an unreported video ready to serve the malicious purpose of threat actors. Moreover, the hackers are also leveraging search engine optimization (SEO) to show their videos in top results. Before the video is flagged as a risk, hundreds of users can potentially fall prey to malware. However, these videos contain links to information-stealing malware, also known as infostealers, such as Vidar, RedLine, and Raccoon. Cloudsek noted that since YouTube regularly reviews those affected by videos, it is difficult for threat actors to have long-term active accounts, given they are banned. “Hence, there has been a recent trend of videos featuring AI-generated personas, across languages and platforms (Twitter, Youtube, Instagram), providing recruitment details, educational training, promotional material, etc.