Who needs free photoshop? Infostyler as a gift!

A new trend has recently been observed on the world-famous video hosting YouTube. Attackers use artificial intelligence technologies to create short videos and upload them to the public.

In the videos, an artificially generated avatar with a robotic voice tells how to hack popular software. For example, Photoshop, Premiere Pro, Autodesk 3ds Max, AutoCAD and other products. In the description of the “video lesson”, cybercriminals leave a link leading to the download of malicious software. These are mainly infostealers such as Raccoon, RedLine and Vidar.

Interestingly, YouTube does not block such videos, or does it extremely slowly. At the time of publication of this news, we managed to find two videos on hacking Adobe Photoshop, dated March 8 and 9.

Generated YouTube videos with malicious links

Malicious links are often “obfuscated” by URL shortening services such as Bitly and Cuttly, or alternatively hosted on MediaFire, Google Drive, Discord, GitHub or Telegram.

Company CloudSEK watching an increase in such fraudulent activity by 200-300% compared to the previous month. In some cases, attackers use data leaks and social engineering techniques to hijack legitimate YouTube accounts in order to spread malware even faster.

“Uploading to accounts with a lot of followers also gives the video legitimacy. Of course, these YouTubers usually tell YouTube immediately that their account has been hacked and get back access to it within a few hours. But during this time, hundreds of users can become victims, ”the CloudSEK specialist explained.

Moreover, such videos are uploaded to the popular video platform literally every hour. At the same time, attackers use methods of poisoning search engine optimization (SEO poisoning) to make videos appear at the top of search results. It has also been observed that attackers add fake comments to uploaded videos in order to further mislead users into downloading the malware.

To reduce the risks associated with malware that can steal user data, it is recommended to enable multi-factor authentication, refrain from clicking on unknown links, and avoid downloading or using pirated software, especially distributed in such a dubious way.