Cybercriminals have launched a new malicious bundle targeting gamers using RedLine Trojan stealer. As per reports, individuals looking for cheats on YouTube are lured with malicious links in the descriptions on the channel.
The malware launches on the victim’s system to steal information and infect other devices when downloaded. The hackers advertise cheat codes for games such as Final Fantasy XIV, APB Reloaded, Spider-Man, FIFA 22, Farming Simulator, and Walken, among others.
How the attack works
Attackers upload YouTube videos with malicious links in their description boxes. Users looking for gaming cheats on the video-sharing platform are lured by compelling content infected with malicious links under the guise of gaming tricks and hacks. When a user attempts to download the hacks using the given link, a 35 MB self-extracting RAR archive with several other malicious files built to perform specific tasks is downloaded to the victim’s device.
The attack is programmed so that after it infects a device, the user’s YouTube channel is used to make further posts of videos that other seekers may access. Upon using the links in the first user’s YouTube channel, it infects a new user’s device and continues to further the malware attack. Computers in which antivirus and other security software like Windows SmartScreen are installed are prompted to disable the same. Following this, the attack takes effect.
What the malware does
RedLine Trojan stealer can steal and send away data to the hacker, execute any command as programmed, install other programs if one fails, and infect other systems. Redline stealer comes with a crypto miner and can access GPUs for cryptocurrency mining. Other effects include slowing down the computer, overuse of GPU, and increased power consumption.
Findings so far
Redline, one of the most commonly used data-stealing trojans, was discovered in March 2020. Over 385,000 users have complained about gaming-related malware attacks from July 1, 2021, to June 30, 2022. Above 91,000 malicious files have been found online as gaming links related to Call of Duty, Minecraft, Need for Speed, Grand Theft Auto, and Roblox.
With over 3.2 billion game users globally, it is essential to avoid using unethical means for free versions of games, illegal gaming hacks, or software. It could result in not only the loss of data and money but also bring criminal charges upon the user because official or legitimate companies do not host such hacks and free software.