Begin typing your search...

Hackers Target YouTube Creators, Send Fake Brand Offers With Malware

At the end of the email, the threat actor includes instructions and a OneDrive link to access a zip file containing the agreement and promotional materials, secured with the password

Hackers Target YouTube Creators, Send Fake Brand Offers With Malware

Hackers Target YouTube Creators, Send Fake Brand Offers With Malware
X

17 Dec 2024 8:10 AM IST

New Delhi: In an alarming trend, cybercriminals are now increasingly targeting popular YouTube creators by exploiting fake brand collaboration offers to distribute malware, a report showed on Monday.

The malware, disguised as legitimate documents like contracts or promotional materials, is often delivered through password-protected files hosted on platforms such as OneDrive to evade detection, claimed CloudSEK, a cybersecurity firm.

“Once downloaded, the malware can steal sensitive information, including login credentials and financial data, while also granting attackers remote access to the victim’s systems,” said security research Mayank Sahariya.

At the end of the email, the threat actor includes instructions and a OneDrive link to access a zip file containing the agreement and promotional materials, secured with the password. When the YouTube victim clicked the URL in the email, they were directed to a Drive page. The adversary leverages malware and sophisticated techniques for targeted attacks.

Their actions suggest a well-organised group with access to diverse tools and resources. Key characteristics of the campaign include email payload where the malware is hidden within attachments such as Word documents, PDFs, or Excel files, often masquerading as promotional materials, contracts or business proposals.

cybersecurity threats YouTube creators targeted fake brand collaborations malware disguised as documents sensitive data theft 
Next Story
Share it