AI-Generated YouTube Videos Used by Cybercriminals to Spread Malware
- Cybercriminals are leveraging AI to trick people into downloading malware.
- There’s been a 200%-300% month-to-month increase in videos that contain malware.
- Hackers are also finding ways to take over popular YouTube channels to upload their videos.
If you’re searching for videos on YouTube, be on the lookout for tutorial-style videos. Cybercriminals are using them to trick viewers into downloading malware.
How Cybercriminals are Using AI-Generated YouTube Videos to Spread Malware
Specifically, you’ll want to watch out for tutorial-style videos that claim to teach you how to download cracked versions of paid software like Photoshop, Premiere Pro, AutoCAD, and other licensed products. This most recent form of social engineering — a malicious attempt to manipulate someone into performing an action — has seen a 200%-300% month-on-month increase, according to AI cybersecurity firm CloudSEK.
The YouTube videos in question use a screen recording or audio walkthrough describing the steps on how to download and install the cracked software. And to give it that extra bit of legitimacy, the threat actors use platforms like Synthesia and D-ID to create AI-generated avatars that have a face that people would feel is familiar and trustworthy.
These videos appear to contain links to infostealer malware like Vidar, RedLine, and Raccoon, located in the description. So if you accidentally click on the link in the description, you could end up downloading malware that steals your passwords, credit card information, bank account numbers, and other confidential data.
How Hackers are Taking Over Popular YouTube Channels to Spread Malware
In addition, you’ll want to be careful in general as these cybercriminals are also finding ways to take over popular YouTube channels. In order to reach as many people as possible, these hackers target channels with 100K subscribers or more to upload their videos. While the uploaded video usually gets taken down and original owners regain access to their channel within hours, that’s still enough time for someone to click on the link.
It’s important to be vigilant when watching tutorial-style videos on YouTube, especially those that claim to offer cracked versions of paid software. Cybercriminals are using AI-generated avatars to make their videos appear more legitimate and trustworthy, and are finding ways to take over popular YouTube channels to spread malware. Always be cautious when clicking on links in video descriptions, and make sure to keep your antivirus software up to date.