Summary: Cybercriminals are exploiting YouTube creators, using bogus copyright claims to coerce them into promoting trojanized versions of Windows Packet Divert (WPD) tools that serve as malware. These tools, disguised as legitimate programs, include cryptominers that infiltrate users’ systems while threatening creators with channel bans for non-compliance. A significant number of YouTube users fall victim to this campaign, particularly in Russia, leading to a widespread distribution of the malicious software.
Affected: YouTube creators, Russian users
Keypoints :
- Cybercriminals pose as copyright holders to deceive YouTubers into promoting malware-laden software.
- The WPD tools are disguised, with creators facing threats of channel bans if they refuse the demands.
- The campaign has affected over 2,000 victims, primarily in Russia, and demonstrates the potential for wider malicious operations.