YouTube videos were being used in a scam to deliver an information-stealing Trojan called Predator the Thief (detected by Trend Micro as TrojanSpy.MSIL.PREDATOR.AA). Discovered by security researcher Frost, the threat actors use the videos to promote a supposed tool that can generate a bitcoin address’ private key. However, the videos are simply used to bait users into downloading Predator the Thief, a trojan that steals information and passwords from infected systems.
How the scam operates
The threat actors behind this scam upload YouTube videos that promise users a private key generator for bitcoin addresses, which can allow them to steal bitcoins stored in the said addresses. Some videos that were uploaded by a user that goes by the name Crypto World have had several hundred views.
The descriptions for the said videos show Yandex, Google Drive, and MediaFire links where the trojan-ridden tool can be downloaded. The file Crypto World.zip is stored in the said links, and extracts a setup.exe file. The latter includes a password-protected ZIP file containing the Predator the Thief executable.
Per Bleeping Computer’s analysis , the setup.exe program will unzip a file to the .\language\templates\temp folder as license.exe. Subsequently, the license.exe file will be executed and the Predator the Thief will be installed and executed on the victim computer. Predator the Thief then communicates with its C&C server to download other components and malware variants. It will also send collected information back to threat actors.
Apart from passwords, Predator the Thief is capable of stealing files from the victim computer (e.g., a copy of its clipboard) and recording videos using the computer’s webcam.
Security recommendations
To stay safe from info-stealing threats such as Predator the Thief, users should only download software and applications from official websites and trusted app stores. If already infected with the threat, users are advised to change all passwords for their financial accounts, websites, chat services, and gaming services.
Like it? Add this infographic to your site:1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
In the first half of this year, cybersecurity strongholds were surrounded by cybercriminals waiting to pounce at the sight of even the slightest crack in defenses to ravage valuable assets. View the report
The upheavals of 2020 challenged the limits of organizations and users, and provided openings for malicious actors. A robust cybersecurity posture can help equip enterprises and individuals amid a continuously changing threat landscape. View the 2020 Annual Cybersecurity Report
legit dumps dumps for sale cvv