Cybercriminals are increasingly using phony brand partnership offers to spread malware, targeting well-known YouTube producers in a concerning trend, according to a research released on Monday.
In order to avoid detection, the virus, which poses as authentic papers like contracts or promotional materials, is frequently distributed through password-protected files stored on platforms like OneDrive, according to cybersecurity company CloudSEK.
“Once downloaded, the malware can steal sensitive information, including login credentials and financial data, while also granting attackers remote access to the victim’s systems,” said security research Mayank Sahariya.
Instructions and a OneDrive link to a zip file with the agreement and promotional materials, password-protected, are included by the threat actor at the conclusion of the email.
The YouTube victim was sent to a Drive page after clicking the URL in the email. For focused attacks, the opponent uses malware and advanced tactics. Their behavior points to a well-coordinated team with a variety of resources and tools at their disposal. One of the campaign’s main features is the email payload, which conceals the malware inside Word, PDF, or Excel attachments and frequently poses as contracts, business proposals, or promotional materials.
Phishing emails appear legitimate because they are sent from fictitious or hacked email accounts. Because they think the linked files are genuine business offerings, recipients are tricked into downloading them.
The virus infects the victim’s computer when they open the attachment. Usually, the purpose of this virus is to provide the attacker remote access or to steal confidential information, such as financial data, login passwords, and intellectual property.
Given their inclination to participate in brand alliances and promotions, the main targets are companies and persons in executive, sales, and marketing roles.
“With content creators and marketers as primary targets, this global campaign underscores the importance of verifying collaboration requests and adopting robust cybersecurity measures to protect against such threats,” Sahariya added.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter
About us:
The Mainstream formerly known as CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, The Mainstream formerly known as CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, The Mainstream formerly known as CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK
