SHALOM OLALEYE
The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has warned those looking to acquire pirated software and resources that they risk becoming victims of cybercriminal gangs that are using AI-generated YouTube videos to distribute malware.
NCC-CSIRT further warned in its advisory that the consequences of falling victim can be significant for individuals and organizations, resulting in critical damage like data theft, financial loss, identity theft, system damage, and reputation damage.
According to the advisory,
“To stimulate the interest of potential victims, video tutorials on how to pirate sought-after software such as AutoCAD, Adobe Photoshop, Adobe Premiere Pro, and other similar paid-for software are created. These videos are created with AI and feature humans with facial features that research has shown other humans find trustworthy.
“The tutorials in these videos are frequently bogus and steer viewers to links in the description that led to information-stealing malware like Raccoon, Vidar, and RedLine,” the advisory revealed.”
It said unsuspecting victims who watch these AI-generated tutorial videos will be duped into clicking on one of the links in the video description, which usually results in the download of data-stealing malware The number of YouTube videos containing such links has increased by 200-300% months on month since November 2022.
Furthermore, NCC-CSIRT recommended installation of antivirus software with internet security, keeping it up to date and installing an endpoint detection and response (EDR) solution that is comprehensive, and thinking before clicking any link.