
Attack Vector | Source: McAfee Labs
McAfee Labs has issued a warning about a new wave of malware targeting young gamers on YouTube.
The malware is being spread through videos that claim to offer cheats and hacks for popular games like Minecraft, Roblox, and Fortnite. These videos often feature popular YouTubers and have millions of views.
“Popular games like Minecraft, Roblox, Fortnite, Apex Legends, and Call of Duty are among those targeted by these scams. Gamers searching for cheats to gain an advantage – like seeing through walls, speeding up characters, or unlocking premium items – are being lured to malicious links.”
The attack starts when a gamer searches for free cheats, mods, or cracked software—such as a tool to unlock premium features in their favorite game. Often, they come across a YouTube video that claims to provide a working cheat, with a link in the description leading to GitHub or another file-sharing platform.
McAfee Labs explains: “The process starts when someone searches online for free cheats or cracked software—like tools to unlock premium features of Spotify or Adobe—and stumbles upon a GitHub repository or a YouTube video. These repositories often look convincing, with professional descriptions, screenshots, and even licenses designed to appear legitimate.”
The video descriptions may instruct users to disable their antivirus software to prevent it from blocking the download. Unfortunately, this step removes the last line of defense, allowing the malware to install without detection.
Instead of getting a working cheat, victims unknowingly install a dangerous malware variant such as Lumma Stealer. This malicious software silently harvests sensitive data and sends it to remote servers controlled by cybercriminals.
According to McAfee Labs, the malware:
- Steals sensitive data: Collects login credentials, cryptocurrency wallets, and saved passwords.
- Tracks activity: Monitors browser history and active accounts for valuable information.
- Connects to a remote server: Sends stolen data to cybercriminals, allowing them to exploit victims or sell the data on the dark web.
“Each week, new repositories and malware variants appear as older ones are detected and removed. This cycle makes it difficult for platforms like GitHub to completely eliminate the threat.”
McAfee Labs is urging parents to talk to their children about the dangers of downloading files from unverified sources. The company also recommends that parents install antivirus software on their children’s computers and keep it up to date.