New YouTube Bot Spotted Stealing Sensitive User Information
A new malicious YouTube bot was uncovered.
This YouTube bot can be leveraged to artificially boost content on YouTube by viewing, liking, and commenting on videos and subscribing to channels.
The bot is also capable of stealing victims' sensitive information such as cookies, AutoFill, Login data, and passwords.
The bot receives commands from the Command & Control (C2) server and can download and execute additional malicious files on the victim's machine. The bot uses Windows Scheduled Tasks to establish persistence on the victims' machine and uses a Mutex that starts with "sm" to ensure the malware is only running once.
Featured Resources
Subscribe to Our Blog
Subscribe now to get the latest insights, expert tips and updates on threat exposure validation.
Subscribe