<style>/*<link href='https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7909997287514869705&zx=5204ab2d-6425-412e-a925-be1a992b637a' media='none' onload='if(media!='all')media='all'' rel='stylesheet'/><noscript><link href='https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7909997287514869705&zx=5204ab2d-6425-412e-a925-be1a992b637a' rel='stylesheet'/></noscript>
<meta name='google-adsense-platform-account' content='ca-host-pub-1556223355139109'/>
<meta name='google-adsense-platform-domain' content='blogspot.com'/>

<script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3050103893098139&host=ca-host-pub-1556223355139109" crossorigin="anonymous"></script>

<!-- data-ad-client=ca-pub-3050103893098139 -->

</head><body>*/</style>

Malware jahat di temukan menyebar melalui saluran YouTube

techind

19 Sep, 2022

pexsel.com

Pakar keamanan siber Kapersky menemukan malware menyusup melalui saluran YouTube, yang dimasukkan ke dalam unduhan video. Virus ini fokus menyerang korbannya, idealnya para gamers yang menonton tutorial crack atau cheat di dalam game.

Pelaku memasukkan tautan malware ke dalam deskripsi video saat mereka melakukan tindakan, dan menggunakan cookie browser untuk mengakses kata sandi yang disimpan, detail kartu kredit, percakapan pesan instan, klien FTP, SSH, dan VPN ,hingga dompet cryptocurrency Anda.

Dari sana, malware dapat menyebar menggunakan mekanisme yang lebih kompleks. Malware akan mengunduh video ke mesin korban, mengiklankan cheat dan crack untuk banyak gim PC populer, kemudian mengunggahnya ke channel YouTube korban.

Malware berbahaya yang dapat dieksekusi ini memiliki ekstensi bernama MakiseKurisu.exe, Download.exe, dan Upload exe. Makise Kurisu adalah infostealer yang mengambil cookie browser dan menyimpannya secara lokal. Download.exe mengambil video crack palsu dari repositori GitHub dan mengirimkannya ke upload.exe untuk mengunggah video ke akun YouTube korban.

Saat Anda menemukan tautan ke kode cheat gratis atau link di deskripsi video YouTube, Anda harus lebih waspada dari sebelumnya. Bisa jadi itu berbahaya ,karena pelaku dengan sengaja memasukkan virus ke dalam deskripsi tautan. Jika metode distribusi ini menjadi lebih umum di masa mendatang, Anda harus waspada terhadap tautan mencurigakan di situs web.

<style>/*
<script type="text/javascript" src="https://www.blogger.com/static/v1/widgets/2591855913-widgets.js"></script>
<script type='text/javascript'>
window['__wavt'] = 'AOuZoY4U9-DRaq7bohXuxy_OhS-L5O8x0A:1731092597931';_WidgetManager._Init('//www.blogger.com/rearrange?blogID\x3d7909997287514869705','//www.initechind.my.id/2022/09/malware-jahat-di-temukan-menyebar.html','7909997287514869705');
_WidgetManager._SetDataContext([{'name': 'blog', 'data': {'blogId': '7909997287514869705', 'title': 'initechind', 'url': 'https://www.initechind.my.id/2022/09/malware-jahat-di-temukan-menyebar.html', 'canonicalUrl': 'https://www.initechind.my.id/2022/09/malware-jahat-di-temukan-menyebar.html', 'homepageUrl': 'https://www.initechind.my.id/', 'searchUrl': 'https://www.initechind.my.id/search', 'canonicalHomepageUrl': 'https://www.initechind.my.id/', 'blogspotFaviconUrl': 'https://www.initechind.my.id/favicon.ico', 'bloggerUrl': 'https://www.blogger.com', 'hasCustomDomain': true, 'httpsEnabled': true, 'enabledCommentProfileImages': true, 'gPlusViewType': 'FILTERED_POSTMOD', 'adultContent': false, 'analyticsAccountNumber': '', 'encoding': 'UTF-8', 'locale': 'en', 'localeUnderscoreDelimited': 'en', 'languageDirection': 'ltr', 'isPrivate': false, 'isMobile': false, 'isMobileRequest': false, 'mobileClass': '', 'isPrivateBlog': false, 'isDynamicViewsAvailable': true, 'feedLinks': '\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22initechind - Atom\x22 href\x3d\x22https://www.initechind.my.id/feeds/posts/default\x22 /\x3e\n\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/rss+xml\x22 title\x3d\x22initechind - RSS\x22 href\x3d\x22https://www.initechind.my.id/feeds/posts/default?alt\x3drss\x22 /\x3e\n\x3clink rel\x3d\x22service.post\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22initechind - Atom\x22 href\x3d\x22https://www.blogger.com/feeds/7909997287514869705/posts/default\x22 /\x3e\n\n\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22initechind - Atom\x22 href\x3d\x22https://www.initechind.my.id/feeds/7542515714763618303/comments/default\x22 /\x3e\n', 'meTag': '', 'adsenseClientId': 'ca-pub-3050103893098139', 'adsenseHostId': 'ca-host-pub-1556223355139109', 'adsenseHasAds': true, 'adsenseAutoAds': true, 'boqCommentIframeForm': true, 'loginRedirectParam': '', 'view': '', 'dynamicViewsCommentsSrc': '//www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js', 'dynamicViewsScriptSrc': '//www.blogblog.com/dynamicviews/6eb7ce967db05cf0', 'plusOneApiSrc': 'https://apis.google.com/js/platform.js', 'disableGComments': true, 'interstitialAccepted': false, 'sharing': {'platforms': [{'name': 'Get link', 'key': 'link', 'shareMessage': 'Get link', 'target': ''}, {'name': 'Facebook', 'key': 'facebook', 'shareMessage': 'Share to Facebook', 'target': 'facebook'}, {'name': 'BlogThis!', 'key': 'blogThis', 'shareMessage': 'BlogThis!', 'target': 'blog'}, {'name': 'Twitter', 'key': 'twitter', 'shareMessage': 'Share to Twitter', 'target': 'twitter'}, {'name': 'Pinterest', 'key': 'pinterest', 'shareMessage': 'Share to Pinterest', 'target': 'pinterest'}, {'name': 'Email', 'key': 'email', 'shareMessage': 'Email', 'target': 'email'}], 'disableGooglePlus': true, 'googlePlusShareButtonWidth': 0, 'googlePlusBootstrap': '\x3cscript type\x3d\x22text/javascript\x22\x3ewindow.___gcfg \x3d {\x27lang\x27: \x27en\x27};\x3c/script\x3e'}, 'hasCustomJumpLinkMessage': false, 'jumpLinkMessage': 'Read more', 'pageType': 'item', 'postId': '7542515714763618303', 'postImageThumbnailUrl': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBtMTFS1DUDNLCc87bvZSvyCaY3NsKzs9RvfiJT6IY35Ic2ibKxGsRL0bE6AssgPGe6pZCCV9PkBVGaR8ACqwo-nGem-IYiYhZ1TdpsRAWKqQMbZGUx_xAqoizVG9UyJ0lh18ZLeV3EMJY9ly6e4b1_vdpbBqBQzJObQhlvh_eNbcMwPy1mt-1Q4c/s72-c/IMG_20220919_171451.jpg', 'postImageUrl': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBtMTFS1DUDNLCc87bvZSvyCaY3NsKzs9RvfiJT6IY35Ic2ibKxGsRL0bE6AssgPGe6pZCCV9PkBVGaR8ACqwo-nGem-IYiYhZ1TdpsRAWKqQMbZGUx_xAqoizVG9UyJ0lh18ZLeV3EMJY9ly6e4b1_vdpbBqBQzJObQhlvh_eNbcMwPy1mt-1Q4c/s400/IMG_20220919_171451.jpg', 'pageName': 'Malware jahat di temukan menyebar melalui saluran YouTube ', 'pageTitle': 'initechind: Malware jahat di temukan menyebar melalui saluran YouTube ', 'metaDescription': ''}}, {'name': 'features', 'data': {}}, {'name': 'messages', 'data': {'edit': 'Edit', 'linkCopiedToClipboard': 'Link copied to clipboard!', 'ok': 'Ok', 'postLink': 'Post Link'}}, {'name': 'template', 'data': {'name': 'custom', 'localizedName': 'Custom', 'isResponsive': true, 'isAlternateRendering': false, 'isCustom': true}}, {'name': 'view', 'data': {'classic': {'name': 'classic', 'url': '?view\x3dclassic'}, 'flipcard': {'name': 'flipcard', 'url': '?view\x3dflipcard'}, 'magazine': {'name': 'magazine', 'url': '?view\x3dmagazine'}, 'mosaic': {'name': 'mosaic', 'url': '?view\x3dmosaic'}, 'sidebar': {'name': 'sidebar', 'url': '?view\x3dsidebar'}, 'snapshot': {'name': 'snapshot', 'url': '?view\x3dsnapshot'}, 'timeslide': {'name': 'timeslide', 'url': '?view\x3dtimeslide'}, 'isMobile': false, 'title': 'Malware jahat di temukan menyebar melalui saluran YouTube ', 'description': 'Teknologi dan Knowledge', 'featuredImage': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBtMTFS1DUDNLCc87bvZSvyCaY3NsKzs9RvfiJT6IY35Ic2ibKxGsRL0bE6AssgPGe6pZCCV9PkBVGaR8ACqwo-nGem-IYiYhZ1TdpsRAWKqQMbZGUx_xAqoizVG9UyJ0lh18ZLeV3EMJY9ly6e4b1_vdpbBqBQzJObQhlvh_eNbcMwPy1mt-1Q4c/s400/IMG_20220919_171451.jpg', 'url': 'https://www.initechind.my.id/2022/09/malware-jahat-di-temukan-menyebar.html', 'type': 'item', 'isSingleItem': true, 'isMultipleItems': false, 'isError': false, 'isPage': false, 'isPost': true, 'isHomepage': false, 'isArchive': false, 'isLabelSearch': false, 'postId': 7542515714763618303}}, {'name': 'widgets', 'data': [{'title': 'Icons, Dark, Search', 'type': 'LinkList', 'sectionId': 'header-main', 'id': 'LinkList10'}, {'title': 'Menu', 'type': 'LinkList', 'sectionId': 'header-main', 'id': 'LinkList11'}, {'title': 'Featured Post', 'type': 'FeaturedPost', 'sectionId': 'before-blog', 'id': 'FeaturedPost1', 'postId': '8768051930551903728'}, {'title': 'Blog Posts', 'type': 'Blog', 'sectionId': 'blog-post', 'id': 'Blog1', 'posts': [{'id': '7542515714763618303', 'title': 'Malware jahat di temukan menyebar melalui saluran YouTube ', 'featuredImage': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBtMTFS1DUDNLCc87bvZSvyCaY3NsKzs9RvfiJT6IY35Ic2ibKxGsRL0bE6AssgPGe6pZCCV9PkBVGaR8ACqwo-nGem-IYiYhZ1TdpsRAWKqQMbZGUx_xAqoizVG9UyJ0lh18ZLeV3EMJY9ly6e4b1_vdpbBqBQzJObQhlvh_eNbcMwPy1mt-1Q4c/s400/IMG_20220919_171451.jpg', 'showInlineAds': false}], 'headerByline': {'regionName': 'header1', 'items': [{'name': 'share', 'label': ''}, {'name': 'author', 'label': 'by'}, {'name': 'timestamp', 'label': 'd MMM, yyyy'}]}, 'footerBylines': [{'regionName': 'footer1', 'items': [{'name': 'comments', 'label': 'Comment'}, {'name': 'icons', 'label': ''}]}, {'regionName': 'footer2', 'items': [{'name': 'labels', 'label': 'Tags:'}]}], 'allBylineItems': [{'name': 'share', 'label': ''}, {'name': 'author', 'label': 'by'}, {'name': 'timestamp', 'label': 'd MMM, yyyy'}, {'name': 'comments', 'label': 'Comment'}, {'name': 'icons', 'label': ''}, {'name': 'labels', 'label': 'Tags:'}]}, {'title': '#Mungkin Anda Suka', 'type': 'HTML', 'sectionId': 'ads-post', 'id': 'HTML15'}, {'title': 'Popular Posts', 'type': 'PopularPosts', 'sectionId': 'sidebar-static', 'id': 'PopularPosts10', 'posts': [{'title': 'Manchester united kalah Mason Mount tidak berguna', 'id': 4298532135540688472}, {'title': 'Hati-hati Timnas Garuda U-23 Bisa Tersingkir', 'id': 8896602070841176723}]}, {'title': 'Hashtag', 'type': 'Label', 'sectionId': 'sidebar-static', 'id': 'Label11'}, {'title': '#Recent Post', 'type': 'HTML', 'sectionId': 'sidebar-static', 'id': 'HTML19'}, {'title': 'About Us', 'type': 'HTML', 'sectionId': 'footer-widget', 'id': 'HTML21'}, {'title': 'Follow Us', 'type': 'LinkList', 'sectionId': 'footer-widget', 'id': 'LinkList14'}, {'title': 'Copyright', 'type': 'HTML', 'sectionId': 'copyright', 'id': 'HTML23'}, {'title': 'SVG Icons', 'type': 'HTML', 'sectionId': 'jet-options', 'id': 'HTML24'}]}]);
_WidgetManager._RegisterWidget('_LinkListView', new _WidgetInfo('LinkList10', 'header-main', document.getElementById('LinkList10'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_LinkListView', new _WidgetInfo('LinkList11', 'header-main', document.getElementById('LinkList11'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_FeaturedPostView', new _WidgetInfo('FeaturedPost1', 'before-blog', document.getElementById('FeaturedPost1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_BlogView', new _WidgetInfo('Blog1', 'blog-post', document.getElementById('Blog1'), {'cmtInteractionsEnabled': false, 'lightboxEnabled': true, 'lightboxModuleUrl': 'https://www.blogger.com/static/v1/jsbin/3386964323-lbx.js', 'lightboxCssUrl': 'https://www.blogger.com/static/v1/v-css/13464135-lightbox_bundle.css'}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML15', 'ads-post', document.getElementById('HTML15'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_PopularPostsView', new _WidgetInfo('PopularPosts10', 'sidebar-static', document.getElementById('PopularPosts10'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_LabelView', new _WidgetInfo('Label11', 'sidebar-static', document.getElementById('Label11'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML19', 'sidebar-static', document.getElementById('HTML19'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML21', 'footer-widget', document.getElementById('HTML21'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_LinkListView', new _WidgetInfo('LinkList14', 'footer-widget', document.getElementById('LinkList14'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML23', 'copyright', document.getElementById('HTML23'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML24', 'jet-options', document.getElementById('HTML24'), {}, 'displayModeFull'));
</script>
</body>*/</style>