hack.
New Delhi: In an alarming trend, cybercriminals are now increasingly targeting popular YouTube creators by exploiting fake brand collaboration offers to distribute malware, a report showed on Monday.
The malware, disguised as legitimate documents like contracts or promotional materials, is often delivered through password-protected files hosted on platforms such as OneDrive to evade detection, claimed CloudSEK, a cybersecurity firm.
“Once downloaded, the malware can steal sensitive information, including login credentials and financial data, while also granting attackers remote access to the victim’s systems,” said security research Mayank Sahariya.
At the end of the email, the threat actor includes instructions and a OneDrive link to access a zip file containing the agreement and promotional materials, secured with the password. When the YouTube victim clicked the URL in the email, they were directed to a Drive page.
The adversary leverages malware and sophisticated techniques for targeted attacks. Their actions suggest a well-organised group with access to diverse tools and resources.
Key characteristics of the campaign include email payload where the malware is hidden within attachments such as Word documents, PDFs, or Excel files, often masquerading as promotional materials, contracts or business proposals.
The phishing emails are sent from spoofed or compromised email addresses, making them seem credible. Recipients are lured into downloading the attached files, believing they are legitimate business offers.
Once the attachment is opened, the malware installs itself on the victim’s system. This malware is typically designed to steal sensitive data, including login credentials, financial information, and intellectual property, or to provide remote access to the attacker.
Businesses and individuals in marketing, sales, and executive positions are the primary targets, given their propensity to engage in brand promotions and partnerships.
“With content creators and marketers as primary targets, this global campaign underscores the importance of verifying collaboration requests and adopting robust cybersecurity measures to protect against such threats,” Sahariya added.
IANS
86 pc Indian employees use AI, but ROI and governance lag: Report
New Delhi: While 86 per cent of employees in India use artificial intelligence at work, only 35 per cent say AI’s return on investment has met or exceeded expectations, higher...
Meta discontinues end‑to‑end encryption for Instagram
New Delhi: US tech giant Meta has officially switched off end-to-end encrypted direct messages on Instagram, discontinuing the privacy-focused feature for users globally. The tech company said users with...
WhatsApp announces AI upgrade for round-the-clock SME customer support in India
New Delhi: Meta-backed WhatsApp on Thursday announced the launch of ‘Business AI’ in India, bringing AI-powered customer support directly to the WhatsApp Business app to help small and medium enterprises...
Govt launches ‘Cell Broadcast Alert System’ for real-time disaster warnings
New Delhi: Union Minister for Communications and Development of North Eastern Region, Jyotiraditya Scindia, on Saturday launched the ‘Cell Broadcast Alert System’, developed with the support of the National Disaster...
Seamless tolling without halting vehicles: Gadkari on India’s first barrier-less plaza in Gujarat
Surat/New Delhi: Union Highways Minister Nitin Gadkari on Friday said India has launched its first Multi-Lane Free Flow (MLFF) barrier-less tolling system at the Choryasi toll plaza on the Surat-Bharuch...
Elon Musk accuses OpenAI, Sam Altman of betraying nonprofit roots in court trial
New Delhi: Tesla and xAI CEO Elon Musk has testified in a high-stakes trial against OpenAI, accusing the artificial intelligence firm and its CEO Sam Altman of abandoning the organisation’s...
CERT-In warns of rising AI-driven cyber threats amid ‘Mythos’ concerns
New Delhi: India’s nodal cybersecurity agency, the Indian Computer Emergency Response Team (CERT-In), has issued a high-severity alert warning that rapid advances in frontier artificial intelligence are fundamentally reshaping the...
NITI Aayog launches roadmap for next phase of India’s Digital Public Infrastructure journey
New Delhi: NITI Aayog has launched a strategic roadmap that charts the next phase of India’s Digital Public Infrastructure (DPI) journey as a driver of inclusive, non-linear, and productivity-led growth,...
Google to invest up to $40 billion in Anthropic amid global AI race
New Delhi: US tech giant Google plans to invest up to $40 billion in the artificial intelligence (AI) firm Anthropic, as global technology giants accelerate their push into advanced AI...
US administration to work with AI firms to counter Chinese-led ‘stealing’ of tech advancements
New Delhi: US administration said it will step up cooperation with US artificial intelligence companies to combat “industrial‑scale campaigns” by "foreign entities, principally based in China," to steal advancements in...
DigiHaat rolls out metro ticketing services across Delhi-NCR, Mumbai, Bengaluru
New Delhi: The government-backed DigiHaat has announced the launch of metro ticketing services across metropolitan areas such as Delhi-NCR, Mumbai and Bengaluru, a step forward in its push towards becoming...
OpenAI integrates ‘Images 2.0’ into ChatGPT with thinking, realism outputs
New Delhi: ChatGPT parent OpenAI has rolled out 'Images 2.0', its next-generation image generation model, aimed at delivering more precise, realistic and usable visuals with advanced reasoning capabilities. The new...
