AhnLab has identified a case of "malware distribution" targeting users attempting to download videos uploaded on YouTube and has issued a warning to users to exercise caution.
Malware is installed after entering a link and clicking 'Download'
On August 7, AhnLab announced that it had recently discovered a phishing page disguised as a "YouTube video download site." The main screen of this page features the phrase 'YouTube to MP4 Converter' and provides a window to enter a YouTube video link (URL). When a user enters a video link, a "Download Now" button appears, and clicking it leads to a secondary phishing page that contains hidden malware.
If the user clicks the download button again on this page, "proxyware" malware disguised as a file named "Setup.exe" is installed. Proxyware is a type of malware that enables attackers to illicitly share the network resources of an infected PC with external parties for financial gain. It can cause system performance degradation and information leakage, among other damages.
Easy access due to top search rankings... Heightened caution needed
AhnLab stated, "This phishing site appears at the top of search results when searching for keywords such as 'YouTube video download' and 'video extraction' on portal sites," adding, "Users may inadvertently access it, so extra caution is required." Currently, AhnLab's V3 product line supports detection and blocking of access to the phishing site. To prevent damage, it is best to download content only through official channels.
Additionally, users should refrain from using websites and file-sharing sites of unknown origin, and follow security best practices such as applying the latest security patches to PCs, operating systems (OS), software (SW), and internet browsers, as well as enabling real-time monitoring features of antivirus programs like V3. Jaejin Lee, Senior Researcher of the Analysis Team at AhnLab, emphasized, "Cases where malware is distributed through websites appearing in portal search results continue to be identified," and warned, "Users should be aware that similar sites offering file conversion or download functions may also conceal malware."
-
Reporter Bang Jeil zeilism@asiae.co.kr
-
Edit Hong Jayeon hongzaa@asiae.co.kr
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
!['WHO Declares International Public Health Emergency' Why the Untreatable 'Variant Ebola' Is More Deadly Than COVID-19 [Reading Science]](https://cwcontent.asiae.co.kr/asiaresize/323/2026052110164072055_1779326201.png)
!["Please Help Us": How Much Do Those Bowing 90 Degrees These Days Actually Earn? [Data Pick]](https://cwcontent.asiae.co.kr/asiaresize/323/2026052010120870131_1779239528.png)
