The hacking and cracking business just started a marketing push with intensive YouTube video distribution. Several bogus accounts have been created recently, with thousands of videos providing instructions on various cracking/hacking tools and luring users to click on potentially dangerous short links. To make things look perfectly secure, fake antivirus check lists are posted in the video descriptions.
The flurry of poisonous How Tos hit the video-sharing platform packed with short links leading to a file sharing site. When trying to download the promised content, users are met with a list of surveys or app download suggestions, and are redirected to various mobile games or other filesharing sites. This method is popular on underground forums as it allows cyber-crooks to make up to $3,000 a day easily.
Cracks and hacks are the elephant in the room nobody wants to talk about. Like them or not, fight them or not, they are there to stay and to be used by countless users of various applications looking for a quick way to fame or gain within their online community. Promotion is key to the success of these tools. What better way to show up first in users’ searches than to create a YouTube demo that is bound to get a very high ranking from the search engine?
Xbox, Facebook, Counter Strike, you name it, they have the tool for it. And English-speaking users aren’t the only ones targeted! The playful French are tempted with a Tropico 4 download they should €© ©charge€ immediately.
The recent date listed in the title makes the content even more attractive. Plus, each video is accompanied by a note advising users to read its description, which adds to its reliability.
The description works its social engineering magic by means of a list of antivirus solutions which supposedly scanned the link to the crack-hosting site and found it to be safe.
A set of instructions there guides the user through the process, which includes, as expected, downloading an .exe file onto your computer.
By clicking the provided link, users end up on a file sharing site where they are supposed to select a “Regular Download,” as per the instructions. This will prompt a list of surveys to pop up, something users have already been warned they would have to go through in order to “confirm that [they] are not bot[s]”.
In other cases, users have to pay to get to the cracking goodies, but they actually end up completing the same eternal survey.
The scam mechanism doesn’t involve advanced computer skills: scammers upload videos on YouTube, some of the most popular ones being accompanied by simple TXT files with a title that combines the word “password” and the latest game versions. Cyber-crooks make $1 to $20 for every download from the file-sharing sites that later use the survey information for targeted spam or lure users into paying to get their horoscope or love compatibility.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.
This article is based on the technical information provided courtesy of Octavian Minea, Bitdefender Malware Researcher. Special thanks to Bianca Dima.