ICT

NCC-CSIRT Sounds the Alarm over Pirated YouTube Software, Others

By Hillary Asemota

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has warned those looking to acquire pirated software and resources that they risk becoming victims of cybercriminal gangs that are using AI-generated YouTube videos to distribute malware. 

NCC-CSIRT further warned in its advisory that the consequences of falling victim can be significant for individuals and organizations, resulting in critical damage like data theft, financial loss, identity theft, system damage, and reputation damage.

It said unsuspecting victims who watch these AI-generated tutorial videos will be duped into clicking on one of the links in the video description, which usually results in the download of data-stealing malware.

NCC Ad

The number of YouTube videos containing such links has increased by 200-300% months on month since November 2022.

 According to the advisory, “To stimulate the interest of potential victims, video tutorials on how to pirate sought-after software such as AutoCAD, Adobe Photoshop, Adobe Premiere Pro, and other similar paid-for softwares are created. These videos are created with AI and feature humans with facial features that research has shown other humans find trustworthy.

“The tutorials in these videos are frequently bogus and steer viewers to links in the description that led to information-stealing malware like Raccoon, Vidar, and RedLine,” the advisory revealed.

 Malicious actors can create AI-generated videos that include hidden or disguised malware. These videos may appear to be harmless or even entertaining, but they can contain malicious code that can infect a viewer’s device when the video is downloaded or played.

Cybercriminal actors can also use AI-generated videos to trick viewers into downloading malware. For example, they can create a video that appears to be a legitimate software update or security patch, but it contains malware that infects the viewer’s device.

They equally use AI-generated videos to distribute phishing scams. They can create a video that appears to be from a legitimate company or organization and prompts viewers to click on a link to enter their login credentials or personal information. Once the viewer clicks on the link, they are directed to a fake website that steals their information.

Additionally, malicious actors can use AI-generated videos to distribute ransomware. They can create a video that appears to be harmless, but when the viewer clicks on a link or downloads a file associated with the video, their device becomes infected with ransomware that locks them out of their files and demands payment to regain access.

NCC-CSIRT, said that to avoid becoming a victim, telecom consumers should avoid downloading pirated software because they are generally harmful and illegal.

Furthermore, the advisory recommends installation of antivirus software with internet security and keeping it up to date, installing an endpoint detection and response (EDR) solution that is comprehensive, and thinking before clicking any link.

Related Posts

2022 Boot Camp: NITDA Announces Top 30 Start-ups of the Bridge to MassChallenge Programme

Extraordinaire News

Spectrum Auction: NCC Unaware of APC Leader’s Link to Mafab Communications, Says Adinde

Extraordinaire News

Forbes Technology Appoints Olatunji, Nigeria’s Data Bureau Boss into Its Council

Extraordinaire News

NITDA, e-VILLAGE COLLABORATE ON SUSTAINABILITY OF NIGERIA’S ENTREPRENEURSHIP ECOSYSTEM

Extraordinaire News

FG Directs NCC to Rollout 5G Implementation Plan

Extraordinaire News

NITDA, TIKTOK SEEK ALLIANCE, SAFE CYBERSPACE, OTHERS

Extraordinaire News

Controversy on University Transparency and Accountability Solution:

Extraordinaire News

DBN LECTURE: NITDA BOSS CANVASSES FUNDING WINDOW FOR START-UPS, DIGITISATION

Extraordinaire News

5G: NCC Tasks Telcos on Network Security, Safety Concerns

Extraordinaire News

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.