There has been a 200% to 300% month-over-month increase in YouTube videos containing links to Vidar, RedLine and other stealer malware dating back to November 2022, according to research from threat identification, analysis and alerting company CloudSEK.
These videos mimic tutorials on how to download cracked versions of Adobe Photoshop and other licensed products available only to paid users.
In addition, cybercriminals are increasingly using artificial intelligence to generate videos that they can use in their stealer malware attacks, CloudSEK indicated. These videos feature humans who appear familiar and trustworthy. They also feature AI-generated personas and can be used across languages and social media platforms.
A Closer Look at the Evolving Information Stealer Ecosystem
The increase in stealer malware links in YouTube video descriptions highlights the rising use of infostealers in cyberattacks.
Infostealers refer to malicious software used to steal sensitive information from computers, CloudSEK noted. Cybercriminals can use infostealers to capture passwords, credit card information, bank account numbers and other confidential data.
Cybercriminals can spread infostealers through YouTube tutorials, fake websites and other sources, CloudSEK indicated. Once a victim downloads an infostealer, a cybercriminals can steal information from the user's device and upload it to a command-and-control server.
Furthermore, Infostealer developers may be in high demand among cybercriminals globally. These developers create and update malware code that can evade antivirus and other endpoint detection systems and add new browsers, wallets and other applications to expand an infostealer's reach, CloudSEK pointed out. Meanwhile, infostealer developers recruit or partner with traffers, threat actors that identify potential victims and spread malicious software.
Tips to Protect Against Infostealers
Organizations need real-time adaptive threat monitoring to guard against infostealers, CloudSEK stated. These organizations must be able to monitor threat actors' tactics, techniques and procedures (TTPs) around the clock. They also should conduct awareness campaigns and teach their employees how to identify and protect against infostealers.
Also, organizations should require multi-factor authentication (MFA) for users to access their devices, CloudSEK said. They should encourage their employees to avoid downloading or using pirated software as well.