According to PANews, cybersecurity firm Kaspersky has identified a scheme where hackers are targeting YouTube content creators with copyright complaint threats to insert the SilentCryptoMiner malware into video descriptions. This malicious software, based on XMRig, is used for mining cryptocurrencies such as Ethereum, Ethereum Classic, Monero, and Ravencoin, and it controls a botnet via the Bitcoin blockchain.
The hackers primarily target YouTubers who provide tutorials on installing the Windows Packet Divert driver. They initiate false copyright claims against videos and then contact the creators, posing as the driver developers, to demand the addition of malicious links. One known victim, a YouTuber with 60,000 subscribers, has resulted in over 40,000 downloads of the infected file, with Kaspersky estimating that at least 2,000 devices have been compromised.
Kaspersky security researcher Leonid Bezvershenko warns that hackers are exploiting the trust between YouTubers and their audiences, and this threat could potentially spread to platforms like Telegram. He advises users to be cautious of tutorials that suggest disabling antivirus software and to verify the source before downloading any files to avoid infection by crypto-mining malware.
