Check Point Research has identified a growing 'Ghost Network' on YouTube, distributing malware through fake software and game hacks since 2021. The network's activity has significantly increased in 2025. Cybercriminals use compromised and fake accounts to post polished videos offering cracked software or game cheats, leading to malware exposure.

Distribution Methods

Attackers share links to password-protected archives on file-sharing or phishing sites, including Google Sites and MediaFire. Users are instructed to disable Windows Defender before running installers, increasing their vulnerability.

  • Commonly distributed malware includes Lumma Stealer, Rhadamanthys, StealC, and RedLine.
  • Installers frequently utilize loaders such as HijackLoader.
  • Notable campaigns involve compromised channels spreading Rhadamanthys, targeting cryptocurrency enthusiasts with fake videos.

Security Measures

Experts recommend avoiding cracked software and game cheats. Users should maintain active and up-to-date antivirus protection and never disable Windows Defender or other security tools. Inspect links closely and avoid shortened or unfamiliar URLs. Employ password managers and enable two-factor authentication to enhance security. Keeping operating systems and applications updated and considering data removal services to minimize personal information exposure is advised.

This complex malware network poses a continuous challenge due to its frequent payload updates and dynamic control servers, complicating detection and takedown efforts. Experts emphasize understanding the cyber risks in utilizing unauthorized software solutions.

Redline wallpaper

Redline wallpaper download for free to PC or mobile

Download stunning wallpapers featuring iconic luxury cars and adrenaline-fueled visuals.

3
600 reviews
2213 downloads

News and reviews about Redline wallpaper

04 Nov 2025

Malware Surges on YouTube Through Cracked Software

Malware spreads on YouTube via fake software since 2021, impacting cybersecurity.

Read more