PANews reported on March 12 that according to Decrypt, cybersecurity company Kaspersky discovered that hackers used copyright complaints to threaten YouTube content creators, forcing them to add the crypto mining Trojan SilentCryptoMiner to the video description. The malware is based on XMRig and is used to mine cryptocurrencies such as Ethereum, Ethereum Classic, Monero, Ravencoin, and control botnets through the Bitcoin blockchain.
The hackers' main target is YouTubers who provide Windows Packet Divert driver installation tutorials. They first file a false copyright complaint against the video, then contact the creators claiming to be the developers of the driver and ask them to add malicious links. It is known that a YouTuber with 60,000 followers has been victimized, causing more than 40,000 people to download infected files. Kaspersky estimates that at least 2,000 devices have been infected.
Kaspersky security researcher Leonid Bezvershenko warned that hackers are taking advantage of the trust between YouTubers and their audiences, and such threats may spread to platforms such as Telegram. He advised users not to trust tutorials that require them to turn off antivirus software, and to verify the source before downloading any files to prevent infection with crypto mining Trojans.
