Latest


Hackers target YouTube creators, send fake brand collaboration offers with malware

  •   Mon, Dec 16 2024 02:46:04 PM

New Delhi, Dec 16 (IANS): In an alarming trend, cybercriminals are now increasingly targeting popular YouTube creators by exploiting fake brand collaboration offers to distribute malware, a report showed on Monday.

The malware, disguised as legitimate documents like contracts or promotional materials, is often delivered through password-protected files hosted on platforms such as OneDrive to evade detection, claimed CloudSEK, a cybersecurity firm.

“Once downloaded, the malware can steal sensitive information, including login credentials and financial data, while also granting attackers remote access to the victim’s systems,” said security research Mayank Sahariya.

At the end of the email, the threat actor includes instructions and a OneDrive link to access a zip file containing the agreement and promotional materials, secured with the password. When the YouTube victim clicked the URL in the email, they were directed to a Drive page.

The adversary leverages malware and sophisticated techniques for targeted attacks. Their actions suggest a well-organised group with access to diverse tools and resources.

Key characteristics of the campaign include email payload where the malware is hidden within attachments such as Word documents, PDFs, or Excel files, often masquerading as promotional materials, contracts or business proposals.

The phishing emails are sent from spoofed or compromised email addresses, making them seem credible. Recipients are lured into downloading the attached files, believing they are legitimate business offers.

Once the attachment is opened, the malware installs itself on the victim's system. This malware is typically designed to steal sensitive data, including login credentials, financial information, and intellectual property, or to provide remote access to the attacker.

Businesses and individuals in marketing, sales, and executive positions are the primary targets, given their propensity to engage in brand promotions and partnerships.

“With content creators and marketers as primary targets, this global campaign underscores the importance of verifying collaboration requests and adopting robust cybersecurity measures to protect against such threats,” Sahariya added.

 
  

Top Stories

Featherlite unveils experience centre for office, education range of furniture

  •   21 hours ago    1

Leave a Comment

Title: Hackers target YouTube creators, send fake brand collaboration offers with malware



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.

You might also like