"Famous YouTube Channels Hacked to Distribute Infostealers"
According to security researchers at AhnLab Security Intelligence Center (ASEC), threat actors increasingly utilize YouTube to distribute information stealer malware (infostealers) by appropriating legitimate channels as well as using their own video channels. Some of the infostealers seen include Vidar and LummaC2. In one of the cases, the targeted channel had more than 800,000 subscribers. Vidar is an infostealer that first appeared in 2018. It was recently used in the November 2023 social engineering campaign targeting Booking.com. The researchers noted that LummaC2 is a more recent infostealer, first discovered in 2022. Lumma typically targets two-factor authentication (2FA) and multifactor authentication (MFA) by stealing codes from apps like Authy. In November 2023, it was reported that Lumma evolved to integrate new anti-sandbox features. The researchers say that these malware strains collect and steal various user information saved inside infected systems and can also download and install additional malware.
Infosecurity Magazine reports: "Famous YouTube Channels Hacked to Distribute Infostealers"