Cybercriminals have begun to lean on YouTube as a means of distributing potent malware(opens in new tab), security experts have discovered.
Researchers from Cyble Research Labs recently stumbled upon more than 80 videos, all with relatively few viewers, and all belonging to the same user. The videos seem to demonstrate how a piece of bitcoin mining software operates, in an attempt to persuade viewers to download it.
The download link is found in the video’s description, and comes in a password-protected archive, to convince victims of its legitimacy. To further add to the effect, the downloaded archive also comes with a link to VirusTotal, showing the file as “clean”, and a warning that some antivirus programs(opens in new tab) might trigger a false positive alert.