Cybercriminals are targeting YouTube creators, forcing them to spread harmful crypto-mining malware, according to findings from cybersecurity firm Kaspersky.
These hackers use blackmail tactics, such as filing false copyright claims, to pressure video creators into adding malicious links to their content. The links lead to malware-infected files instead of legitimate software.
Hackers Blackmail YouTubers to Spread Crypto-Mining Malware
These campaign has been growing, especially in Russia, where many users download Windows Packet Divert drivers to bypass geographic restrictions.
Kaspersky’s research shows that these drivers have been detected on 2.4 million devices in the past six months. Since September, the number of downloads has only increased.
How Hackers Are Tricking YouTubers?
Hackers take advantage of the increasing number of YouTube videos that explain how to install these drivers. They insert links to a crypto-mining malware called SilentCryptoMiner into video descriptions. Viewers who click on these links unknowingly download infected files.
One of the most common tactics is to submit a copyright strike against a YouTube video. The hackers then contact the creator, pretending to be the original developer of the software being discussed.
They claim the video violates their rights and offer to resolve the issue if the creator adds their “official” link. But instead of a genuine file, the link directs users to malware.
Targeting Popular YouTubers
According to Kaspersky, one YouTuber with 60,000 subscribers was targeted using this method. The hacker tricked them into placing a malicious link in a video that had over 400,000 views.
Instead of leading to a trusted platform like GitHub, the link directed viewers to a harmful archive. More than 40,000 people downloaded the infected file before it was flagged.
Also Read: Hackers Flood GitHub With Fake Projects To Spread Crypto-Stealing Malware
This type of malware steals computing power from infected devices to mine cryptocurrency. Victims often don’t notice it at first, but their computers slow down, overheat, and consume more electricity over time.
The Growing Threat of Phishing and Crypto-Mining Malware
Kaspersky also found that phishing attacks are on the rise, especially in countries like India. Their research recorded over 200,000 phishing attempts against Indian businesses last year. In these attacks, hackers create fake websites that look like real ones.
When people enter their login details, hackers steal sensitive data, including financial information.
Crypto-mining malware has been a problem for years, but this latest campaign is different. Leonid Bezvershenko, a security researcher at Kaspersky, says that using copyright complaints to pressure creators is a new and aggressive strategy.
The Center for Internet Security recently reported that CoinMiner was the second-most common malware of 2024. It ranked just behind SocGholish, a type of malware that installs harmful programs through fake software updates.
Cybercriminals are always thinking of new ways to trick people. The best defense is awareness and vigilance. If something seems suspicious, it’s best to stay away and report it immediately.
Also Read: Fake Job Posting Scam Uses GrassCall Malware To Steal Crypto Wallets, Report