One of my old classmates got their YouTube channel HACKED

Malware
, ,
1

Associated YouTube channel - Kaiser DGod - YouTube

The channel used to belong to an old classmate of mine, Axel, before getting compromised earlier today. His old videos remain, but is now paired with those promoting malware.

TROJAN 1 - Download Youtube BOT.rar from Sendspace.com - send big files the easy way

VirusTotal - VirusTotal - URL - 88be1b0e8b32e989febddb396ccc3f93f36f1f0ab53c30782c284af0f64a695a

image
image980×86 4.81 KB

Any.run - [https://fs13n1.sendspace.com/dl/cd354207f1c28d2a2d821cd036ee95d9/61e5c9516fa0b1c0/45a2kd/Youtube%20BOT.rar] - Interactive analysis - ANY.RUN](Analysis https://fs13n1.sendspace.com/dl/cd354207f1c28d2a2d821cd036ee95d9/61e5c9516fa0b1c0/45a2kd/Youtube%20BOT.rar] Malicious activity - Interactive analysis ANY.RUN)

TROJAN 2 - Download Iobit Uninstaller Pro.rar from Sendspace.com - send big files the easy way

VirusTotal - VirusTotal - URL - 2592ecffa461d2618ee7dac19cf448f69bf399fc6c0fb3ab9393125ee026a9a0

Any.Run - https://fs03n1.sendspace.com/dl/74d12e7ed87967ef095c676942f3ce9d/61e5c97324367191/tdo330/Iobit%20Uninstaller%20Pro.rar - Interactive analysis - ANY.RUN

TROJAN 3 - Download IDM.rar from Sendspace.com - send big files the easy way

VirusTotal - VirusTotal - URL - 7af22f4f278b582aaa7b701a2c2c99906b7658cf6470bf24e701c4d3488f52ce

Any.run - https://fs13n3.sendspace.com/dl/22d8b5a44729a819228e2b4ae58b6056/61e5ca2d4b9ba051/9dwntc/IDM.rar - Interactive analysis - ANY.RUN

Basically, each program contains the RedLine tracker and drop s & downloads executable files from the IP address 91.243.59.17

image
image861×686 71.4 KB

3

i will decompiler it and see if answers in redline YARA signature

4

What’s the password?

5

Password: 1234

6

I found connection from russian server : 91.243.32.101 which also has Log2Shell RCE

8

NEW IP - 185.250.204.162

image
image853×671 63.5 KB

Fucker’s now doing a fake Nitro generator - FREE Discord Nitro Generator + Checker 3 UPDATED DOWNLOAD 2022 - YouTube

9

I’m doing my best to report what I can.

image
image1124×535 65.7 KB

1 Like