.png)
Research has found that hackers have been frequently using the YouTube platform to spread malware, mainly by hijacking popular channels and disguising themselves as popular applications (such as uTorrent, Microsoft Office and Minecraft) to carry out attacks. The attack chain begins with "password-protected MSI files" that contain VBScript that triggers a multi-stage attack.
Hacker attack methods:
1. Use VBScript to elevate system permissions and hide the AutoIt script inside the legal DLL file.
2. Maintain malware persistence through WMI event filters and registry modifications
3. Deploy SilentCryptoMiner to mine Monero and Zephyr cryptocurrencies
These attacks have continued to affect different countries, including Russia, Belarus, India, etc. Hackers often use the Telegram bot API to transfer system data, and some variants even perform clipboard hijacking, specifically targeting cryptocurrency wallet addresses.
Tips:
1. Don’t download unverified apps
2. Update protection software regularly to ensure system security
SecurePro recommends:
In order to strengthen your network security, SecurePro provides professional protection solutions, monitors the system around the clock, and blocks malware and hacker threats in real time. Choose SecurePro to ensure your devices enjoy powerful and reliable protection!
Enquiry hotline: 2682 0089