AI-Created YouTube Videos Spread Around Malware
Artificial Intelligence is being used to generate videos pretending to be step-by-step tutorials on how to access programs like Photoshop, Premiere Pro, Autodesk 3ds Max, AutoCAD, and others without a license. Instead, the videos are loaded with infostealer malware that scrapes the viewer's sensitive personal data stored on the device.
Researchers with CloudSEK measured a month-over-month increase of 200% to 300% since November 2022 of AI-created YouTube videos with links to infostealer malware, including Vidar, RedLine, and Raccoon.
Making the video lures more compelling to its targets, the CloudSEK security team added, AI video tools such as Synthesia and D-ID are being used to generate personas intended to exude trustworthiness across multiple languages and social media platforms, supercharging threat actors' ability to deliver infostealer malware.
"It is well known that videos featuring humans, especially those certain facial features, appear more familiar and trustworthy," the CloudSEK report explained. "Hence, there has been a recent trend of videos featuring AI-generated personas, across languages and platforms (Twitter, Youtube, Instagram), providing recruitment details, educational training, promotional material, etc. And threat actors have also now adopted this tactic."
