This helps to hide the real landing page from casual observers, adds another layer of familiarity (“Oh, it’s Bit.ly”), and may also give the malware authors detailed clickthrough statistics. There may well be an advert or survey to click through on those sites too, which means potential extra revenue.įinally, many scams of this nature use URL shortening services. Although the example from the article leads to a sharing site called “Anonfiles”, a lot of the time more well-known file sharing portals are used. As a result, top-tier cheat tools which try and bypass the detection on offer can fetch a pretty price.Īn aim-bot or other cheat tool offered up for free on YouTube sounds too good to be true, and that’s precisely because it is indeedtoo good to be true. Online titles frequently include several forms of anti-cheat to detect hacks and (potentially) contribute toward a ban. They may include wall-hacks, rapid fire, radar interference, the sky’s the limit. Why spend hours practising the game to meet your cheat-laden objectives if you can just cheat some more? Aim-bots have been a plague in the shooter landscape for many years, and there's no shortage of fakes alongside the genuine articles.Īt the most basic level, aim-bots will help you target other players more easily.
What is the bait being used?Ĭheats will cheat for many reasons in a video game, especially if it’s competitive. We note that some of the above techniques are being used in the malware distribution campaign referenced. This is the basis of a basic YouTube scam. Then they ruthlessly delete all the other replies posting warnings. They then disable the comments to avoid awkward questions, or leave them on and fill with scammer-controlled spam saying how good the file is. How do they convince people to run the infection file? They tell people to download a file and run it with security software switched off. It’s a quick, easy way to try and make malicious off-site links go viral.
When history repeats itselfĪs mentioned by Bleeping Computer, using YouTube in this way is not a new tactic. It then zips the stolen data and sends it via a Discord webhook (a method for sending updates to Discord channels). The campaign distributes a file known for password theft, and hunts for those passwords in browsers, cookies, a variety of cryptocurrency wallets, VPN clients, and many more besides. It’s reported that a malware distribution campaign is leveraging YouTube to push infection files. Valorant, the popular free-to-play team based shooter, is attracting the attention of scammers.
0 kommentar(er)
