Creator Alert

Hello Reader,

Why this Alert?

Be aware of the dangerous Lumma Stealer campaign that is currently being hosted on YouTube.

This is a 2-step attack:

Step 1: the hackers first find a vulnerable channel that isn’t secured and they take over the channel.

Step 2: the hackers upload a video that shows step-by-step how to get software for free that typically Creators use such as Adobe Premiere Pro or Sony Vegas.

In the video, you can see the exact steps required to get this popular software. There is a link in the description to the software so the viewer can follow along.

This video example was viewed over 3600 times. Even if only 5% followed through, that is 180 channels that could be hacked and 180 channels that can help spread this malware.

What is going on?

Should you install the software, you will be loading an info stealer malware onto your computer.

Did you notice how they explain in the video description that you should disable/ remove the antivirus?!?

The download link is typically a link-shortner such as Bit.ly or Tiny URL. I have also seen cases where the link shortener takes you to several other links before landing on the final websites.

The final website could be MediaFire or GitHub which are file-sharing repositories so they are not typically blocked but your computer’s anti-virus.

Why is this dangerous for Creators?

The malware is a well-known info stealer that steals sensitive information such as usernames and passwords, browser data, and of course authentication cookies which is how hackers can bypass 2-factor Authentication.

When someone is watching videos on YouTube, they are typically logged into their Google Account.

This means that if they fall for this, they will be handing over their information to the hackers. If you are a YouTube Creator, you WILL lose your channel. That seems to be their main target as the software is mainly “Creator” software.

What is also scary is just how many channels are being hacked just to spread this malware. Showing once again, how easy it is to hack YouTuber Channels…

What should you do?

Never disable your anti-virus for any reason.

If you want Adobe Premiere Pro, go to the Adobe website. Pay for your software and download it from the main website and never from a link.

Check your old videos for any new links that you didn’t add – if you see anything new, it means your channel has been compromised.

Want to know more about this malware?

If you want the technical bit of how this works, check out the deep dive here.

You never want to be the reason so many of your viewers get hacked!

Keep safe out there,

Liron Segev

Was this sent to you? Sign up here.

If you want to learn how to secure your YouTube channel Start here!