Cyberattackers are reportedly using Google and YouTube search results to target people seeking pirated/cracked software.
Scammers are posing as “guides” on YouTube, claiming to offer software installation tutorials, DarkReading reported Monday (Jan. 13), citing research from Trend Micro. These cyber criminals direct their victims to video descriptions or comment sections, whether they’ve included links to fake software downloads that lead to malware.
And on Google, the attackers seed search results for pirated and cracked software with links to what appear to be legitimate downloaders, but which actually include information-stealing malware, the researchers said.
In addition, the scammers “often use reputable file hosting services like Mediafire and Mega.nz to conceal the origin of their malware, and make detection and removal more difficult,” Trend Micro researchers Ryan Maglaque, Jay Nebre and Allixon Kristoffer Francisco wrote in a blog post.
The DarkReading report notes this campaign seems to resemble one that arose roughly a year ago, spreading Lumma Stealer — malware typically used to steal sensitive information such as passwords and cryptocurrency-wallet data — using weaponized YouTube channels.
The news follows a year in which companies were plagued by several high-profile cyberattacks, as PYMNTS wrote last month. As 2025 begins, the top themes shaping the cyberthreat landscape include the rise of ransomware, artificial intelligence (AI)-driven threats, zero-day exploits and supply chain attacks.
“It is essentially an adversarial game; criminals are out to make money and the [business] community needs to curtail that activity. What’s different now is that both sides are armed with some really impressive technology,” Michael Shearer, chief solutions officer at Hawk, said in an interview with PYMNTS.
The rise of ransomware platforms lowered the barrier to entry for cyberattackers, enabling even low-skilled actors to carry out sophisticated attacks. Put that together with the ability of AI to automate phishing campaigns, identify vulnerabilities and evade detection systems, and the threat landscape was able to expand during 2024.
“At the same time, the prevalence of zero-day vulnerabilities highlighted the need for rapid detection and response capabilities, while third-party software and hardware continued to be a significant vector for attacks, requiring businesses to adopt stricter supply chain risk management practices,” PYMNTS wrote.
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More