From Cracks to Crooks: YouTube as a Vector for Malware Distribution

• URL: http://arxiv.org/abs/2507.16996v1
• Date: Tue, 22 Jul 2025 20:08:49 GMT
• Title: From Cracks to Crooks: YouTube as a Vector for Malware Distribution
• Authors: Iman Vakilinia,
• Abstract summary: This paper explores how cybercriminals exploit YouTube to disseminate malware.<n>It focuses on campaigns that promote free software or game cheats.<n>It presents a new evasion technique that abuses YouTube's multilingual metadata capabilities to circumvent automated detection systems.
• Score: 2.3931689873603603
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: With billions of users and an immense volume of daily uploads, YouTube has become an attractive target for cybercriminals aiming to leverage its vast audience. The platform's openness and trustworthiness provide an ideal environment for deceptive campaigns that can operate under the radar of conventional security tools. This paper explores how cybercriminals exploit YouTube to disseminate malware, focusing on campaigns that promote free software or game cheats. It discusses deceptive video demonstrations and the techniques behind malware delivery. Additionally, the paper presents a new evasion technique that abuses YouTube's multilingual metadata capabilities to circumvent automated detection systems. Findings indicate that this method is increasingly being used in recent malicious videos to avoid detection and removal.

Related papers

• MASKDROID: Robust Android Malware Detection with Masked Graph Representations [56.09270390096083]
  We propose MASKDROID, a powerful detector with a strong discriminative ability to identify malware. We introduce a masking mechanism into the Graph Neural Network based framework, forcing MASKDROID to recover the whole input graph. This strategy enables the model to understand the malicious semantics and learn more stable representations, enhancing its robustness against adversarial attacks.
  arXiv  Detail & Related papers  (2024-09-29T07:22:47Z)
• Obfuscated Memory Malware Detection [2.0618817976970103]
  We show how Artificial Intelligence and Machine learning can be used to detect and mitigate these cyber-attacks induced by malware in specific obfuscated malware. We propose a multi-class classification model to detect the three types of obfuscated malware with an accuracy of 89.07% using the Classic Random Forest algorithm.
  arXiv  Detail & Related papers  (2024-08-23T06:39:15Z)
• Users Feel Guilty: Measurement of Illegal Software Installation Guide Videos on YouTube for Malware Distribution [3.0664883500280986]
  This study introduces and examines a sophisticated malware distribution technique that exploits popular video sharing platforms. In this attack, threat actors distribute malware through deceptive content that promises free versions of premium software and game cheats. MalTube is particularly insidious because it exploits the guilt feelings of users for engaging in potentially illegal activity.
  arXiv  Detail & Related papers  (2024-07-23T02:32:52Z)
• Understanding crypter-as-a-service in a popular underground marketplace [51.328567400947435]
  Crypters are pieces of software whose main goal is to transform a target binary so it can avoid detection from Anti Viruses (AVs) applications. The crypter-as-a-service model has gained popularity, in response to the increased sophistication of detection mechanisms. This paper provides the first study on an online underground market dedicated to crypter-as-a-service.
  arXiv  Detail & Related papers  (2024-05-20T08:35:39Z)
• Malicious or Benign? Towards Effective Content Moderation for Children's Videos [1.0323063834827415]
  This paper introduces our toolkit Malicious or Benign for promoting research on automated content moderation of children's videos. We present 1) a customizable annotation tool for videos, 2) a new dataset with difficult to detect test cases of malicious content, and 3) a benchmark suite of state-of-the-art video classification models.
  arXiv  Detail & Related papers  (2023-05-24T20:33:38Z)
• DRSM: De-Randomized Smoothing on Malware Classifier Providing Certified Robustness [58.23214712926585]
  We develop a certified defense, DRSM (De-Randomized Smoothed MalConv), by redesigning the de-randomized smoothing technique for the domain of malware detection. Specifically, we propose a window ablation scheme to provably limit the impact of adversarial bytes while maximally preserving local structures of the executables. We are the first to offer certified robustness in the realm of static detection of malware executables.
  arXiv  Detail & Related papers  (2023-03-20T17:25:22Z)
• Look, Listen, and Attack: Backdoor Attacks Against Video Action Recognition [53.720010650445516]
  We show that poisoned-label image backdoor attacks could be extended temporally in two ways, statically and dynamically. In addition, we explore natural video backdoors to highlight the seriousness of this vulnerability in the video domain. And, for the first time, we study multi-modal (audiovisual) backdoor attacks against video action recognition models.
  arXiv  Detail & Related papers  (2023-01-03T07:40:28Z)
• Fighting Malicious Media Data: A Survey on Tampering Detection and Deepfake Detection [115.83992775004043]
  Recent advances in deep learning, particularly deep generative models, open the doors for producing perceptually convincing images and videos at a low cost. This paper provides a comprehensive review of the current media tampering detection approaches, and discusses the challenges and trends in this field for future research.
  arXiv  Detail & Related papers  (2022-12-12T02:54:08Z)
• Efficient video integrity analysis through container characterization [77.45740041478743]
  We introduce a container-based method to identify the software used to perform a video manipulation. The proposed method is both efficient and effective and can also provide a simple explanation for its decisions. It achieves an accuracy of 97.6% in distinguishing pristine from tampered videos and classifying the editing software.
  arXiv  Detail & Related papers  (2021-01-26T14:13:39Z)
• Being Single Has Benefits. Instance Poisoning to Deceive Malware Classifiers [47.828297621738265]
  We show how an attacker can launch a sophisticated and efficient poisoning attack targeting the dataset used to train a malware classifier. As opposed to other poisoning attacks in the malware detection domain, our attack does not focus on malware families but rather on specific malware instances that contain an implanted trigger. We propose a comprehensive detection approach that could serve as a future sophisticated defense against this newly discovered severe threat.
  arXiv  Detail & Related papers  (2020-10-30T15:27:44Z)
• Adversarial Deepfakes: Evaluating Vulnerability of Deepfake Detectors to Adversarial Examples [23.695497512694068]
  Recent advances in video manipulation techniques have made the generation of fake videos more accessible than ever before. Manipulated videos can fuel disinformation and reduce trust in media. Recent developed Deepfake detection methods rely on deep neural networks (DNNs) to distinguish AI-generated fake videos from real videos.
  arXiv  Detail & Related papers  (2020-02-09T07:10:58Z)
• Media Forensics and DeepFakes: an overview [12.333160116225445]
  The boundary between real and synthetic media has become very thin. Deepfakes can be used to manipulate public opinion during elections, commit fraud, discredit or blackmail people. There is an urgent need for automated tools capable of detecting false multimedia content.
  arXiv  Detail & Related papers  (2020-01-18T00:13:32Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.