RedLine Spreads Through Ads for Cheats and Cracks on YouTube
A malicious bundle containing the RedLine stealer and a miner is being distributed on YouTube through cheats and cracks ads for popular games. RedLine is currently one of the most common Trojans used to steal passwords and credentials from browsers, FTP clients and desktop messengers. It is openly available on underground hacker forums for just a few hundred dollars, a relatively small price tag for malware.
The stealer can pinch usernames, passwords, cookies, bank card details and autofill data from Chromium- and Gecko-based browsers, data from cryptowallets, instant messengers and FTP/SSH/VPN clients, as well as files with particular extensions from devices. In addition, RedLine can download and run third-party programs, execute commands in cmd and open links in the default browser. The stealer spreads in various ways, including through malicious spam e-mails and third-party loaders.