Crypto Malware that Promises Free Bitcoin Found on YouTube - Coindoo
youtube malware

Crypto Malware that Promises Free Bitcoin Found on YouTube

Editorial Team Avatar
May 30, 2019
2 min reading time

It was reported that a malware campaign running on YouTube was promoting itself as a free “bitcoin generator” that gave users free BTC when it actually installed itself on the users’ computers to steal their private data.

The malware was found by a security researcher Frost, which had been monitoring the progress of the campaign over the last two weeks and discovered other cryptocurrency-based malware activating on YouTube.

Frost noticed that each time a ‘free bitcoin’ video was taken down by YouTube, the video would be reuploaded again by its creators under a newly created account.

The purpose of the scammers is to convince people to download the ‘bitcoin generator’ from the link in the video description, which is listed alongside a popular bitcoin faucet. But after the file is downloaded and installed, the users actually get the Qulab Trojan installed on their computer.

The malware then tries to take any personal data found in the computer it infected, such as browser history, saved browser passwords, etc. The malware also looks into .txt and .wallet files, probably looking to get the private keys and seed phrases of crypto wallets.

It has also been reported that the Qulab Trojan also monitors Windows’ clipboards to steal their contents. This allows the hackers to replace the bitcoin address which the user copied in order to send a payment with their own address.

As a wallet address is a long line of random numbers, most people just copy and paste them without checking and they may end up unknowingly sending coins to the malware creators. According to an analysis performed by Fumko, the malware is able to identify addresses from nay crypto wallets, such as BTC, BCH, ETH, NEO, XMR, ADA, LTC, DOGE, and many others.

YouTube was also used in the past to promote an illicit version of the popular Electrum wallet, which was actually a BTC phishing scheme.

Featured Image: MakeUseOf

* The information in this article and the links provided are for general information purposes only and should not constitute any financial or investment advice. We advise you to do your own research or consult a professional before making financial decisions. Please acknowledge that we are not responsible for any loss caused by any information present on this website.
Press Releases