Cybercriminals blackmailing YouTube creators to spread malware
Cybercriminals are targeting popular YouTube creators with fake copyright claims, forcing them to distribute cryptocurrency mining malware disguised as internet restriction bypass tools to thousands of viewers.
Kaspersky Global Research and Analysis Team (GReAT) researchers have uncovered a sophisticated malicious campaign where threat actors blackmail YouTube content creators into distributing malicious software. The attackers file two fraudulent copyright complaints against creators, then threaten a third strike – which would delete their YouTube channels. To avoid this, creators unknowingly promote malicious links, believing them legitimate to save their channels.
Kaspersky's telemetry confirmed over 2,000 end users infected with the malware after downloading the tool, though the actual number of affected users is likely much higher. One compromised YouTube channel with 60,000 subscribers published several videos containing malicious links that garnered more than 400,000 views. The infected archive hosted on a fraudulent website recorded over 40,000 downloads.
The malware, dubbed as SilentCryptoMiner, exploits the growing demand for internet restriction bypass tools. Kaspersky's telemetry shows a significant increase in the use of legitimate Windows Packet Divert drivers—a technology commonly used in bypass utilities—with detections rising from approximately 280,000 in August to nearly 500,000 in January, totaling more than 2.4 million detections over six months.
The attackers specifically targeted users seeking these bypass tools by modifying a legitimate Deep Packet Inspection (DPI) circumvention utility originally published on GitHub. Their malicious version maintains the original functionality to avoid suspicion but secretly installs SilentCryptoMiner, which harvests computing resources to mine cryptocurrency without users' knowledge or consent, significantly degrading device performance and increasing electricity costs.
"This campaign demonstrates a concerning evolution in malware distribution tactics," said Leonid Bezvershenko, security researcher at Kaspersky's GReAT. "While initially targeting Russian-speaking users, this approach could easily spread to other regions as internet fragmentation increases globally. The scheme effectively leverages trusted content creators as unwitting accomplices, which works in any market where users seek tools to circumvent online restrictions."
When security solutions detect and remove the malicious components, the modified installer encourages users to disable their antivirus protection with messages like "File not found, turn off all antiviruses and re-download the file, it will help!" — further compromising system security.
Kaspersky GReAT identified several indicators of compromise, including connections to domains like swapme[.]fun and canvas[.]pet, along with specific file hashes. The attackers demonstrate persistence, rapidly creating new distribution channels when previous ones are blocked.
To avoid falling victim to such threats, never disable your security solution when prompted by installation files, as this is a common tactic to facilitate malware deployment.
Pay attention to unusual device behavior, such as overheating, battery drain, or performance degradation, which may indicate miner activity.
Use a reliable security solution such as Kaspersky Premium that can detect crypto-mining malware even when it attempts to hide its activity.
Don't forget to update your operating system and all software regularly. Many safety issues can be solved by installing updated versions of software.
Verify the reputation of developers before installing new applications by checking independent reviews and researching their background.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Times of Oman
23-03-2025
- Times of Oman
If India stays on path of 2047 plan, will benefit country, world: Bill Gates
New Delhi: Microsoft co-founder and philanthropist Bill Gates has praised India's role in global innovation, emphasising the country's contributions in vaccines, artificial intelligence (AI), and digital infrastructure. In an interview with Times Now, Gates highlighted the innovation taking place in India's digital public infrastructure (DPI) and its global influence. "Well even in my Microsoft days I got to see the depth of talent here. Now Microsoft has so many great people from India including Satya Nadella who's doing a fantastic job and so you know when I started the foundation, I knew that in terms of improving children's lives India would be a place we'd want to be active in partnership with the government and that innovative spirit and it spread way beyond. Everybody knows DPI which is amazing and it is being taken to many countries everybody knows the vaccines but now it's going way beyond that in agriculture, artificial intelligence, diagnostics. Particularly since the pandemic I would say there has been an acceleration," he said. "The financing for entrepreneurs here has been very strong. Some of them are building on that DPI infrastructure. The ones that are successful are setting a good example of starting their philanthropy at a pretty young age and so it's exciting to come here and see not only effective innovations but that are done in such a clever way that the cost can be very low," he added. Gates also highlighted his foundation's partnerships in India, particularly in vaccine development and healthcare innovations. "The partnerships we built here both in delivering things like new vaccines but also inventing things. The majority of all the world's low-cost vaccines are made by key foundation partners who we've worked with, and you know that's not only saved millions of lives in India, it saved millions of lives in other countries as well," he said. Addressing concerns about India being a "laboratory" for vaccine testing, Gates clarified, "Well it is all about innovation. There is nobody who is more careful about making sure these vaccines are super safe, and the Indian government has a great regulator that helps guide us on all these things." Speaking about the role of AI, Bill Gates outlined three major applications in India: agriculture, healthcare, and education. "There'll be three big ways it'll get used. One is for farmers. I think with the kind of weather prediction that AI can provide and you know taking all the pricing information, the soil information, you know presenting the various government credit programs. Even a farmer with a very small piece of land should be able to get fantastic advice and so that they will be far more productive even areas like avoiding pests. A year ago, I saw in Odisha an early system that was already providing benefits there. So, using AI to help that farmer," Gates said. "Next is AI for health care delivery. If a pregnant woman has any questions about what the doctor told them or what best practices are, they should be able to talk to the AI in their local dialect either typing or voice. And then finally AI for the student, like the world's best tutor that is always motivating them and available 24 hours a day. So those are the three that we are going to try and advance quickly with partners here," he added. Gates also acknowledged India's ambitious vision for 2047 and its economic growth and said the vision was very impressive "The vision of getting India to be a fully developed country by 2047 is very impressive, and the fact that not only at the federal level but at the state level... they're each looking at how do they drive that economic growth," he noted. The Microsoft co-founder expressed concern over the impact of wars in Ukraine and the Middle East on global aid efforts. "We've got unrest in the Middle East. We have got the war in Ukraine, and sadly that's diverting a lot of resources that should be going into the health issues to help Africa. It's diverting huge resources away from the aid or debt relief that I'd like to see," he said. However, he remained optimistic about progress, stating, "Despite that, because of the innovation all over the world, I'm still very optimistic," he said.
Times of Oman
21-03-2025
- Times of Oman
"Exciting to see effective innovation done in a clever way": Bill Gates praises India's growth story
New Delhi: Microsoft co-founder and philanthropist Bill Gates has praised India's role in global innovation, emphasising the country's contributions in vaccines, artificial intelligence (AI), and digital infrastructure. In an interview with Times Now, Gates highlighted the innovation taking place in India's digital public infrastructure (DPI) and its global influence. "Well even in my Microsoft days I got to see the depth of talent here. Now Microsoft has so many great people from India including Satya Nadella who's doing a fantastic job and so you know when I started the foundation, I knew that in terms of improving children's lives India would be a place we'd want to be active in partnership with the government and that innovative spirit and it spread way beyond. Everybody knows DPI which is amazing and it is being taken to many countries everybody knows the vaccines but now it's going way beyond that in agriculture, artificial intelligence, diagnostics. Particularly since the pandemic I would say there has been an acceleration," he said. "The financing for entrepreneurs here has been very strong. Some of them are building on that DPI infrastructure. The ones that are successful are setting a good example of starting their philanthropy at a pretty young age and so it's exciting to come here and see not only effective innovations but that are done in such a clever way that the cost can be very low," he added. Gates also highlighted his foundation's partnerships in India, particularly in vaccine development and healthcare innovations. "The partnerships we built here both in delivering things like new vaccines but also inventing things. The majority of all the world's low-cost vaccines are made by key foundation partners who we've worked with, and you know that's not only saved millions of lives in India, it saved millions of lives in other countries as well," he said. Addressing concerns about India being a "laboratory" for vaccine testing, Gates clarified, "Well it is all about innovation. There is nobody who is more careful about making sure these vaccines are super safe, and the Indian government has a great regulator that helps guide us on all these things." Speaking about the role of AI, Bill Gates outlined three major applications in India: agriculture, healthcare, and education. "There'll be three big ways it'll get used. One is for farmers. I think with the kind of weather prediction that AI can provide and you know taking all the pricing information, the soil information, you know presenting the various government credit programs. Even a farmer with a very small piece of land should be able to get fantastic advice and so that they will be far more productive even areas like avoiding pests. A year ago, I saw in Odisha an early system that was already providing benefits there. So, using AI to help that farmer," Gates said. "Next is AI for health care delivery. If a pregnant woman has any questions about what the doctor told them or what best practices are, they should be able to talk to the AI in their local dialect either typing or voice. And then finally AI for the student, like the world's best tutor that is always motivating them and available 24 hours a day. So those are the three that we are going to try and advance quickly with partners here," he added. Gates also acknowledged India's ambitious vision for 2047 and its economic growth and said the vision was very impressive "The vision of getting India to be a fully developed country by 2047 is very impressive, and the fact that not only at the federal level but at the state level... they're each looking at how do they drive that economic growth," he noted. The Microsoft co-founder expressed concern over the impact of wars in Ukraine and the Middle East on global aid efforts. "We've got unrest in the Middle East. We have got the war in Ukraine, and sadly that's diverting a lot of resources that should be going into the health issues to help Africa. It's diverting huge resources away from the aid or debt relief that I'd like to see," he said. However, he remained optimistic about progress, stating, "Despite that, because of the innovation all over the world, I'm still very optimistic," he said.
Observer
13-03-2025
- Observer
Cybercriminals blackmailing YouTube creators to spread malware
Cybercriminals are targeting popular YouTube creators with fake copyright claims, forcing them to distribute cryptocurrency mining malware disguised as internet restriction bypass tools to thousands of viewers. Kaspersky Global Research and Analysis Team (GReAT) researchers have uncovered a sophisticated malicious campaign where threat actors blackmail YouTube content creators into distributing malicious software. The attackers file two fraudulent copyright complaints against creators, then threaten a third strike – which would delete their YouTube channels. To avoid this, creators unknowingly promote malicious links, believing them legitimate to save their channels. Kaspersky's telemetry confirmed over 2,000 end users infected with the malware after downloading the tool, though the actual number of affected users is likely much higher. One compromised YouTube channel with 60,000 subscribers published several videos containing malicious links that garnered more than 400,000 views. The infected archive hosted on a fraudulent website recorded over 40,000 downloads. The malware, dubbed as SilentCryptoMiner, exploits the growing demand for internet restriction bypass tools. Kaspersky's telemetry shows a significant increase in the use of legitimate Windows Packet Divert drivers—a technology commonly used in bypass utilities—with detections rising from approximately 280,000 in August to nearly 500,000 in January, totaling more than 2.4 million detections over six months. The attackers specifically targeted users seeking these bypass tools by modifying a legitimate Deep Packet Inspection (DPI) circumvention utility originally published on GitHub. Their malicious version maintains the original functionality to avoid suspicion but secretly installs SilentCryptoMiner, which harvests computing resources to mine cryptocurrency without users' knowledge or consent, significantly degrading device performance and increasing electricity costs. "This campaign demonstrates a concerning evolution in malware distribution tactics," said Leonid Bezvershenko, security researcher at Kaspersky's GReAT. "While initially targeting Russian-speaking users, this approach could easily spread to other regions as internet fragmentation increases globally. The scheme effectively leverages trusted content creators as unwitting accomplices, which works in any market where users seek tools to circumvent online restrictions." When security solutions detect and remove the malicious components, the modified installer encourages users to disable their antivirus protection with messages like "File not found, turn off all antiviruses and re-download the file, it will help!" — further compromising system security. Kaspersky GReAT identified several indicators of compromise, including connections to domains like swapme[.]fun and canvas[.]pet, along with specific file hashes. The attackers demonstrate persistence, rapidly creating new distribution channels when previous ones are blocked. To avoid falling victim to such threats, never disable your security solution when prompted by installation files, as this is a common tactic to facilitate malware deployment. Pay attention to unusual device behavior, such as overheating, battery drain, or performance degradation, which may indicate miner activity. Use a reliable security solution such as Kaspersky Premium that can detect crypto-mining malware even when it attempts to hide its activity. Don't forget to update your operating system and all software regularly. Many safety issues can be solved by installing updated versions of software. Verify the reputation of developers before installing new applications by checking independent reviews and researching their background.
