According to a report released by cybersecurity firm CloudSEK, since November 2022, hackers have been posting fake videos generated using platforms like Synthesia and D-ID on YouTube to trick viewers into downloading cracked versions of paid software such as Photoshop, Premiere Pro, Autodesk 3ds Max, AutoCAD, and others, in order to spread malware.
The malware includes notorious information-stealing software such as Vidar, RedLine, and Raccoon. The malware steals passwords, credit card information, bank account information, and other confidential data. The stolen information is uploaded to the hacker’s command and control (C&C) servers.
It is reported that these types of YouTube videos have increased by 200-300% month-over-month.
For internet users, it is wise to avoid downloading applications from unknown sources and not to open email attachments indiscriminately. It is also recommended to update anti-virus software regularly.