Threat actors are disseminating a new YouTube bot malware that can improve videos’ rankings on the website artificially and collect sensitive data from visitors. From the C2 server, the bot receives instructions for performing additional destructive actions.
A 32-bit executable file created using the.NET compiler was discovered to be the distribution method for the YouTube bot malware, according to Cyble researchers. Run-time requirements for the executable file include four parameter strings: the video ID, duration, like, and remark.