The NCC-CSIRT in a statement signed by its director of
public affairs, Reuben Muoka warned that users that open up such sites risk
becoming victims of cybercriminal gangs that make use of AI-generated YouTube
videos to distribute malware to the unsuspecting site visitors.
According to the advisory by the NCC-CSIRT, victims that
fall victim to malware attacks may experience critical damage to their personal
files data theft, financial loss, identity theft, system damage, and reputation
damage.
On how the attack works, when the unsuspecting victims gain
access to the websites that have been infiltrated by these hackers, they will
be tricked into watching some AI-generated tutorial videos and from there, a
dubious link will be shared and the visitor will be tricked into clicking.
One-click by the unsuspecting visitor will open up diverse
means for the hackers to attach data-stealing malware to the victim’s files.
The NCC-CSIRT also noted that the number of YouTube videos
that contain such dubious links has increased by 200-300% month on month since
November 2022.
According to the advisory, “To stimulate the interest of
potential victims, video tutorials on how to pirate sought-after software such
as AutoCAD, Adobe Photoshop, Adobe Premiere Pro, and other similar paid-for
software are created. These videos are created with AI and feature humans with
facial features that research has shown other humans find trustworthy.
“The tutorials in these videos are frequently bogus and
steer viewers to links in the description that led to information-stealing
malware like Raccoon, Vidar, and RedLine,” the advisory revealed.
The NCC-CSIRT further advised Nigerians to avoid downloading
software with a suspicious source and mainly, any pirated copies as they are
generally harmful and illegal.
0 comments:
Post a Comment