- YouTube has eliminated 3,000 malicious movies disguised as 'Cracked software program'
- These have been used to unfold malware and infostealers like Lumma
- The community used faux optimistic engagement to garner belief
Google has eliminated a 3,000 sturdy community of malicious YouTube movies used to unfold malware.
Test Level Analysis says it found the ‘YouTube Ghost Community’ – a ‘refined and coordinated’ marketing campaign of movies which took benefit of YouTube's options to advertise its personal dangerous content material.
The movies have been primarily disguised as ‘Recreation Hack/Cheat’ and ‘Software program Cracks/Piracy’ – areas with a big viewership that usually inspired the viewers to obtain software program. Such ‘cracked’ software program is prohibited, and these downloads typically include malware.
Get Keeper's Personal Password Manager plan for just $1.67/month
Keeper is a password supervisor with top-notch safety. It's quick, full-featured, and affords a strong internet interface. The Private Plan will get you limitless password storage throughout all of your gadgets, auto-login & autofill to avoid wasting time, safe password sharing with trusted contacts, biometric login & 2FA for added safety.
Malware and infostealers
The Ghost Community distributed malware by way of these software program downloads – particularly by way of notorious Rhadamanthys, Lumma stealer, and RedLine infostealers and malware strains.
This tactic of utilizing malicious social media posts to trick customers into downloading dangerous software program is much from unprecedented, with Reddit pages and WeTransfer pages additionally found earlier in 2025 spreading Lumma malware in an analogous marketing campaign.
"The community seems to be energetic at the very least since 2021, sustaining a gradual output of malicious content material annually,” Test Level wrote in its report. “Notably, in 2025, the creation of such movies has tripled, highlighting each the scalability and growing effectiveness of this malware distribution marketing campaign.”
Signal as much as the TechRadar Professional publication to get all the highest information, opinion, options and steering what you are promoting must succeed!
One of many causes this marketing campaign specifically was so potent is the community of optimistic interactions it cultivated – disarming viewers and constructing a excessive stage of belief. One set of accounts have been noticed importing movies, whereas one other set would love/remark/subscribe to the accounts, and one other group would publish optimistic updates and messages.
In years passed by, excessive viewership and optimistic interactions indicated a protected or reliable service, however now with experiences suggesting that as much as 50% of all web visitors comes from bots – viewers are compelled to be extra cautious than ever.
➡️ Read our full guide to the best antivirus
1. Greatest total:
Bitdefender Whole Safety
2. Greatest for households:
Norton 360 with LifeLock
3. Greatest for cellular:
McAfee Cellular Safety