Security News > 2022 > September > New malware bundle self-spreads through YouTube gaming videos
A new malware bundle uses victims' YouTube channels to upload malicious video tutorials advertising fake cheats and cracks for popular video games to spread the malicious package further.
The self-spreading malware bundle has been promoted in YouTube videos targeting fans playing FIFA, Final Fantasy, Forza Horizon, Lego Star Wars, and Spider-Man.
These uploaded videos contain links to download the fake cracks and cheats, but in reality, they install the same self-spreading malware bundle that infected the uploader.
The second executable, "Download.exe", is used for downloading a video from YouTube, which is a copy of the videos promoting the malicious bundle.
The videos are downloaded from links fetched from a GitHub repository to avoid pointing to video URLs that were reported and removed from YouTube.
Finally, "Upload.exe" is used for uploading the malware-promoting videos to YouTube, using the stolen cookies to log in to the victim's YouTube account and spread the bundle via their channel.