""This operation took advantage of trust signals, including views, likes, and comments, to make malicious content seem safe," Eli Smadja, security research group manager at Check Point, said. "What looks like a helpful tutorial can actually be a polished cyber trap. The scale, modularity, and sophistication of this network make it a blueprint for how threat actors now weaponize engagement tools to spread malware.""
"It has been codenamed the YouTube Ghost Network by Check Point. Google has since stepped in to remove a majority of these videos. The campaign leverages hacked accounts and replaces their content with "malicious" videos that are centred around pirated software and Roblox game cheats to infect unsuspecting users searching for them with stealer malware. Some of these videos have racked up hundreds of thousands of views, ranging from 147,000 to 293,000."
A malicious network has published over 3,000 malware-laden YouTube videos since 2021, with volume tripling this year. The network, codenamed the YouTube Ghost Network, used hacked accounts and replaced their content with videos promoting pirated software and Roblox cheats that link to stealer malware. Some videos accumulated 147,000–293,000 views. The operation exploited trust signals — views, likes, comments — to present polished tutorial-style traps. Google removed a majority of the videos. Similar campaigns have long hijacked channels or created tutorial-style uploads, and attackers also repurpose ad networks, search engines, and platforms like GitHub as delivery mechanisms.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]