silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,148
YouTube scams are promoting software that pretends to allow users to get free Bitcoins, but instead installs the njRAT remote access trojan and password stealer.
These YouTube videos pretend to be hack scripts, giveaways, or games that allow you to win free cryptocurrency such as bitcoins. These videos tend to have the "FREEBITCO IN" string in the title or description, which makes it easy to find the videos that are part of this campaign.
YouTube Bitcoin Scam
According to security researcher Frost who discovered this campaign, we should expect to see more of these scam videos as the prices of Bitcoin continue to rise above $10,000.
Included in the description for these videos is a hxxp://bit.ly link that leads to a landing page that offers a "Freebitcoins 2019 Update Script" that you need to download and run in order to generate your free Bitcoin.
Clicking on the download button brings you to a free file sharing service, such as SecuFiles below, where you can download the script. In this particular example the script is named "SCRIPT UPDATE WIN BTC.VBS".
Scam Landing Page
Downloading Script
As a general word of warning, never download files that end with VBS, JS, or BAT from any file sharing site. There is very high chance that these will be used to install an infection on to your computer.
