YouTube Users Beware: After many cases of fraud on WhatsApp, new cases have come to the fore on YouTube. They steal passwords, Telegram messages and even screenshots. Get alerted if you’re scrolling through YouTube.
We use YouTube the most to watch videos. But you need to be careful now. The more popular the apps are, the more dangerous they are. Because hackers find new ways to rob them. After several cases of malware fraud on WhatsApp and Google Play Store, new cases have come to the fore on YouTube. They steal passwords, Telegram messages and even screenshots. Get alerted if you’re scrolling through YouTube. Some videos can hack your device. Hackers have found a new way to rob you. Let’s know about it…
Hackers are using YouTube as a carrier to spread new piracy malware called Pennywise to know all about you. Pennywise malware has been discovered by cyber researchers at Cyble Research Labs, who have uncovered more than 80 videos on YouTube that have the potential to put you at risk. The malware focuses on stealing sensitive browser data and cryptocurrency wallets from the victim’s device.
This is how users are being cheated
Cyber security researchers have found many videos on YouTube that are trying to rob you. Most of these videos explain how bitcoin mining software works. Users get a download link in the details of the video, which is quite dangerous. This file comes with a password-protection and a link to VirusTotal, which verifies the file as “clean” and safe to proceed.
Pennywise malware threat
Once a user downloads this file, he/she injects Pennywise malware into the system. According to cyber security experts, malware is capable of stealing almost every kind of data. Pennywise malware can obtain paths for many different browsers, including more than 30 Chrome-based browsers, 5 Mozilla-based browsers, Opera and Microsoft Edge.
This malware is capable of stealing information ranging from system details to login credentials. Even cookies, encryption keys, master passwords, Discord tokens and Telegram sessions. Furthermore, it is capable of taking screenshots while scanning the device for potential cryptocurrency wallets or any crypto-related browser add-ons. Once, hackers collect all the data, it can then be compressed into a single file.
Interestingly, the malware tries to identify the country of the victim, and if the country belongs to Russia, Ukraine, Belarus, and Kazakhstan, it completely blocks all operations. Reports suggest that this may be possible because hackers are trying to evade investigations by law enforcement agencies in these particular countries, which are not yet clear.