New: Threat Exposure Validation Impact Report 2025
Learn More
Join our Summer Webinar Series on Threat Exposure Validation
Register Now
Come meet us at Black Hat USA 2025 | Booth 1640
Book a Meeting

New YouTube Bot Spotted Stealing Sensitive User Information

January 5, 2023

A new malicious YouTube bot was uncovered. This YouTube bot can be leveraged to artificially boost content on YouTube by viewing, liking, and commenting on videos and subscribing to channels. The bot is also capable of stealing victims' sensitive information such as cookies, AutoFill, Login data, and passwords. The bot receives commands from the Command & Control (C2) server and can download and execute additional malicious files on the victim's machine. The bot uses Windows Scheduled Tasks to establish persistence on the victims' machine and uses a Mutex that starts with "sm" to ensure the malware is only running once.