Fake Valorant Cheats On YouTube Infect You With The RedLine Stealer

Fake Valorant Cheats On YouTube

Korean security analysts have detected a malware distribution campaign using Valorant cheat lures on YouTube to trick gamers into downloading RedLine, a powerful data stealer.

This type of abuse is quite common, as it is easy for threat actors to bypass YouTube’s new content submission reviews or create new accounts when reported and blocked.

The campaign detected by ASEC is aimed at the community of players of Valorant, a free-to-play first-person shooter for Windows, which offers a link to download an auto-aim bot in the description of the video.

These cheats are supposedly plugins installed in the game to help players target enemies with speed and accuracy, earning headshots without showing any skill.
Auto-aim bots are highly sought after for popular multiplayer games like Valorant because they allow for effortless rank progression.

Fake Valorant Cheats On YouTube

Drop The Red Line

Users who try to download the file in the video description will be taken to an archive page where they will get a RAR file containing an executable called “Cheat installer.exe”.

This file is actually a copy of RedLine stealer, one of the most widely deployed password stealing malware infections that snatches the following data from infected systems:

  • Basic information – computer name, username, IP address, Windows version, system information (CPU, GPU, RAM, etc.), and list of processes
  • Web Browsers: Passwords, Credit Card Numbers, AutoFill Forms, Chrome Bookmarks and Cookies, Chrome and Firefox Based Browsers
  • Cryptocurrency Wallets: Armory, AtomicWallet, BitcoinCore, Bytecoin, DashCore, Electrum, Ethereum, LitecoinCore, Monero, Exodus, Zcash, and Jaxx
  • VPN clients: ProtonVPN, OpenVPN and NordVPN
  • Other: FileZilla (host address, port number, username and passwords), Minecraft (account credentials, level, rating), Steam (client session), Discord (token information)

After collecting this information, RedLine neatly packages it into a ZIP file called “() .zip” and extracts the files via a WebHook API POST request to a Discord server.

Don’t trust YouTube video links

Aside from the fact that cheating in video games takes the fun out of playing and ruins the game for others, it’s always a potentially serious security risk.

None of these cheat tools are created by trusted entities, none are digitally signed (so AV warnings should be ignored), and many are, in fact, malware.

The ASEC report contains a recent example, but that’s just a drop in the sea of ​​malicious download links in YouTube videos promoting free software of various kinds.

Videos promoting these tools are often stolen from elsewhere and reposted by malicious users on newly created channels to act as decoys.

Even if the comments below these videos praise the uploader and claim that the tool works as promised, they should not be trusted as these can be easily spoofed.

Source: YouTube

What do you think?

Written by Vaibhav

Leave a Reply

Your email address will not be published.

GIPHY App Key not set. Please check settings

Oppo Pad Introduced New 8360 mAh, 11-inch 2K Screen, Flower 870, Four Speakers, And A Magnetic Stylus Charging $360.

Redmi Note 11T Pro Smartphones Have Been Officially Announced With A New Specifications