YouTube is the worlds most popular website for video-based content with 2.6 billion monthly users which unfortunately has resulted in it becoming abused by cybercriminals. Two new ways that Cybercriminals are promoting scams on the platform have recently been gaining a lot of traction online.
Cryptocurrency scams have seen a significant rise in popularity on YouTube and they often come in the form of YouTube live streams. In these streams, fraudulent cryptocurrency websites are promoted in which victims are told that they can double their crypto investments by transferring funds to certain wallets or disclosing their seed phrase to their wallets. These streams also often steal video clips of popular crypto enthusiasts like Elon Musk, Brad Garlinghouse and others to appear more legitimate and to persuade victims to give up information.
Often these streams are hosted on YouTube accounts that have been hijacked from their original users or from channels that are bought/rented online on forum websites who then spilt their profits with the scammers. YouTube accounts are linked to google accounts so it’s possible that a YouTube account could be taken over following a takeover of a Gmail/Google account, as such it is vital that users use strong passwords and Two Step Verification (2SV) when handling online accounts. You can find the latest National Cyber Security Centre advice on Passwords and 2SV here: Cyber Aware - NCSC.GOV.UK
Another popular scam that has been gaining traction is the Redline Trojan. Redline is a type of Trojan Malware capable of not only stealing login credentials, session cookies, bank details, instant messages and crypto wallets but is also capable of installing a cryptominer in the background to quietly use the victim’s PC as a cryptocurrency miner. Gamers maybe targeted specifically for this as often gaming devices have powerful Graphics processing units that can be very useful for crypto mining. Redline can also run commands from cmd.exe and even click links in browsers making it a very versatile and difficult Trojan to deal with.
The Scammers create YouTube videos advertising Cheats and Cracks for the latest games and applications and advise users to click the link in the description to download the cheat software when in reality they are downloading Redline. They say in the video and the description to disable Windows Smartscreen in order to run the Cheat software however this is really done to allow Redline past the Smartscreen and into your device.
No Legitimate software would ever ask you to disable your antivirus software in order to enable a download and you should be very cautious when downloading apps and software from non-legitimate marketplaces, especially if these downloads are blocked by your antivirus. Keeping your devices and application updated on the latest version can also greatly protect yourself from malicious software like Redline. To find out more about antiviruses you can read the NCSC’s article here: What is an antivirus product? Do I need one? - NCSC.GOV.UK