A newly released report has revealed that cyber criminals are using YouTube to install cryptojacking Malware in unsuspecting users’ computers. This follows a research conducted by Eset, a Slovakian software security firm, establishing that the malware was being spread by notorious cyber criminals behind the Stantinko botnet. According to the report, these operators have been distributing a mining module for Monero (XMR), a privacy based cryptocurrency.
This latest discovery now adds to the list of nefarious activities undertaken by the criminal enterprise. Previously, it has been established that these cyber criminals are engaged in click fraud, ad injection, phishing, and social network fraud among other illegal activities.
The report established that the Stantinko botnet has been active since as early as 2012. The malware is reportedly spread through specific YouTube channels that then infects the CPUs of their viewers. Reportedly, the malware deploys cryptojacking codes that steal the CPUs processing resources. They remain hidden behind legitimate system processes enabling them to disguise illegal mining activities.
Eset also discovered that the cryptocurrency stealing malware had infected approximately half a million devices. Majority of the victims were located in Russia, Ukraine, Belarus and Kazakhstan.
The Stantinko botnet has been likened to Dexphot, a similarly malicious malware that was recently discovered by Microsoft having already infected over 80,000 computers.
Eset confirmed that they had informed YouTube about their findings and they reportedly responded by pulling down all channels that were found to have any traces of the Stantinko code.
This latest attack on Monero follows in the wake of another malware that was found to steal the cryptocurrency from unsuspecting hodlers. Monero’s core development team confirmed in November that the software available for download from their official site may have been compromised and used to steal coins. These reports were confirmed by a professional investigator affirming that the presence of the malware in the software after Monero’s servers were compromised.
These findings should serve as a wake-up call for users and cryptocurrency holders to heighten their security by avoiding unfamiliar websites and to regularly scan their computers for malware.