Saturday, September 17, 2022

There is a new malware going around that is stealing people’s data using a program called Redline

A lot of gamers who play any games like GTA or Minecraft, often use cheat codes that let them change the game as they wish, but what if we told you that, the cheat code videos that are attached with your gameplay video are just decoys that download a malware that includes a password stealing program called Redline.

Yes, what you read above is true as security researchers have found out that there is a new malware attack going around that is specifically designed to hack into a Windows PC and spread malevolent links by using the victim's YouTube account.

This attack lets out several malicious file bundles that are promoted through YouTube videos, as said by the antivirus program company Kaspersky. The videos claim that those bundles have many new and interesting ways to hack and cheat at games like DayZ, Forza Horizon 5, etc., concealed in themselves. But in reality, those files are nothing but malware that is made so that your device can be hacked, and the creators benefit from it.

To get their hands on the cheat, all the users have to do is download the file listed in the video's description box. While in reality, they are only downloading malware generally hosted by the telegram.ph domain or on mediafire.com, which is a self-extracting RAR archive that is also hosted by a password-stealing Program called Redline.

What makes this specific malware so dangerous is that it cannot only steal usernames and passwords but can also take away cookies, Bank-card details, and all autofill data that has been stored on Chromium and Gecko-based browsers. Moreover, icons also enable the hackers to take over a PC and install any other programs and carry out commands on a browser of any kind whether it be Internet Explorer, Microsoft Edge, Firefox, Chrome, you name it. All of these are probable dangers listed by the researchers at Kaspersky’s.

But there is one feature that almost makes it stand out and that is the program’s ability to do its propaganda itself. Some files in this malware have been designed so that it re-posts the videos on the victim's account thus, leading to its spreading and in turn harming more people.

According to Kaspersky, a program in the malevolent jumble of programs called MakiseKurisu.exe has been specifically made so that it extracts cookies from the unfortunate user’s browser so that it can access their YouTube account. From then on, a group of other programs will be set to work about re-posting the video on the YouTube account.


Read next: A numbers of firms went through a massive data breach last year
by Arooj Ahmed via Digital Information World

No comments:

Post a Comment