YouTube’s Ghost Network is distributing information-stealing malware through over 3,000 fake videos that promise free software, exploiting compromised accounts and deceptive engagement tactics.
YouTube has long been a go-to platform for entertainment, education, and tutorials, offering a video for nearly every interest. However, recent research from Check Point has unveiled a troubling aspect of the platform: a vast malware distribution network operating under the radar. This network, dubbed the Ghost Network, is using compromised accounts, fake engagement, and social engineering to spread information-stealing malware disguised as software cracks and game hacks.
Many victims fall prey to this scheme while searching for free or cracked software, cheat tools, or game hacks. This quest for “free” software serves as the entry point for the Ghost Network’s malicious traps.
According to Check Point Research, the Ghost Network has been active since 2021, with its operations surging threefold in 2025. The network employs a straightforward yet effective strategy that combines social manipulation with technical stealth. Its primary targets include individuals searching for “Game Hacks/Cheats” and “Software Cracks/Piracy.”
Researchers found that the videos associated with this network often feature positive comments, likes, and community posts from compromised or fake accounts. This orchestrated engagement creates a false sense of security for potential victims, leading them to believe the content is legitimate and widely trusted. Even when YouTube removes specific videos or channels, the network’s modular structure and the rapid replacement of banned accounts allow it to persist.
Once a user clicks on the provided links, they are typically directed to file-sharing services or phishing sites hosted on platforms like Google Sites, MediaFire, or Dropbox. The linked files are frequently password-protected archives, complicating antivirus scans. Victims are often prompted to disable Windows Defender before installation, effectively disarming their own protection before executing the malware.
Check Point’s investigation identified that the majority of these attacks deliver information-stealing malware such as Lumma Stealer, Rhadamanthys, StealC, and RedLine. These malicious programs are designed to harvest passwords, browser data, and other sensitive information, which is then sent back to the attackers’ command and control servers.
The resilience of the Ghost Network can be attributed to its role-based structure. Each compromised YouTube account serves a specific function: some upload malicious videos, others post download links, and a third group enhances credibility by engaging with the content through comments and likes. When an account is banned, it is quickly replaced, allowing the operation to continue largely uninterrupted.
Two significant campaigns were highlighted in Check Point’s findings. The first involved the Rhadamanthys infostealer, disseminated through a compromised YouTube channel named @Sound_Writer, which boasted nearly 10,000 subscribers. Attackers uploaded fake cryptocurrency-related videos and utilized phishing pages on Google Sites to distribute malicious archives. These pages instructed viewers to “turn off Windows Defender temporarily,” assuring them that any alerts were false. The archives contained executable files that silently installed the Rhadamanthys malware, which then connected to multiple control servers to exfiltrate stolen data.
The second campaign leveraged a larger channel, @Afonesio1, which had approximately 129,000 subscribers. Attackers uploaded videos claiming to offer cracked versions of popular software such as Adobe Photoshop, Premiere Pro, and FL Studio. One of these videos garnered over 291,000 views and featured numerous positive comments claiming the software functioned flawlessly. The malware was concealed within a password-protected archive linked through a community post. The installer employed HijackLoader to drop the Rhadamanthys payload, which connected to rotating control servers every few days to evade detection.
Even if users do not complete the installation, they may still be at risk. Simply visiting the phishing or file-hosting sites can expose them to malicious scripts or prompts for credential theft disguised as “verification” steps. Clicking the wrong link can compromise login data before any software is even installed.
The Ghost Network thrives on exploiting curiosity and trust. By disguising malware as “free software” or “game hacks,” it relies on users to act before thinking. To protect oneself, adopting habits that make it more difficult for attackers to succeed is crucial.
Most infections begin with individuals attempting to download pirated or modified programs. These files are often hosted on unregulated file-sharing websites where malicious content can easily be uploaded. Even if a YouTube video appears polished or is filled with positive comments, it does not guarantee safety. Official software developers and gaming studios never distribute downloads through YouTube links or third-party sites.
In addition to the dangers posed by malware, downloading cracked software also carries legal risks. Piracy violates copyright law and can lead to serious consequences, while simultaneously providing cybercriminals with an effective delivery channel for malware.
It is essential to have a trusted antivirus solution installed and running at all times. Real-time protection can detect suspicious downloads and block harmful files before they cause damage. Regular system scans and keeping antivirus software updated are vital to recognizing the latest threats.
To safeguard against malicious links that could install malware and potentially access private information, strong antivirus software should be installed on all devices. This protection can also alert users to phishing emails and ransomware scams, helping to keep personal information and digital assets secure.
If a tutorial or installer instructs users to disable their security software, it should raise immediate red flags. Malware creators often use this tactic to bypass detection. There is no legitimate reason to turn off protection, even temporarily; any file requesting such action should be deleted immediately.
Always inspect links before clicking. Hover over them to verify the destination and avoid shortened or redirected URLs that may conceal their true targets. Downloads hosted on unfamiliar domains or file-sharing sites should be treated with caution. When seeking software, it is best to obtain it directly from the official website or trusted open-source communities.
Enabling two-factor authentication (2FA) for important accounts adds an extra layer of security, ensuring that even if someone obtains a password, they cannot access the account. Malware often aims to steal saved passwords and browser data. Using a password manager can help securely store and generate complex passwords, reducing the risk of password reuse.
Software updates not only introduce new features but also fix security vulnerabilities that malware can exploit. Enabling automatic updates for systems, browsers, and commonly used applications is one of the simplest ways to prevent infections.
Even after securing a system, personal information may still be circulating online due to past breaches. A reliable data removal service can continuously scan and request the deletion of personal data from people-search and broker sites, making it more challenging for cybercriminals to exploit exposed information.
Cybercriminals have advanced beyond traditional phishing and email scams. By leveraging a platform built on trust and engagement, they have created a scalable, self-sustaining system for malware distribution. Frequent file updates, password-protected payloads, and shifting control servers make these campaigns difficult for both YouTube and security vendors to detect and dismantle.
Do you believe YouTube is doing enough to combat malware distribution on its platform? Share your thoughts with us at CyberGuy.com.
Source: Original article
The participants eloquently and with anecdotes discussed in detail on the differencing policies and perspectives of the Democratic Party candidate Joe Biden and that of the Republican Party, President Trump on the Covid-19 Pandemic, Healthcare Policy and the Affordable care Act, the US Economy, US relationship with India and the rest of the world, with a particular focus on the UN and WHO, Immigration System, Work Visas, and the Indian Americans Awaiting for decades for Green Card approval, and the policies and programs by both the parties on Climate Change. Advocating strongly for the Biden –Harris Ticket, Sujata Gadkar-Wilcox argued that, “As a nation, we are more deeply divided in some ways than we have ever been. We are in need of a leader who will bring us together rather than increase polarization. The rising number of former Republican officials and leading Democrats who support Vice President Biden speaks for itself. Joe Biden is the right kind of unifying candidate–a centrist candidate with the experience to do the job, the ability to rebuild our relationships domestically and abroad, and the leadership to help the United States successfully emerge from the global pandemic.” 
Anil Bansal made a strong pitch for Joe Biden and Kamala Harris. Stating that Americans face an epic choice of this election, he said, “Our decency and democracy are at stake. When the president starts behaving like a king, fuels racism and division, and destroys science, we must wake up. Trump has clearly shown in the last four years that he is incompetent and selfish. Mr. Trump lies and cheats and mocks everyone who does not agree with him. Whereas Mr. Biden is a proven leader who is most decent, builds confidence and consensus, and believes in serving the country and its people.” He concluded his argument for the Democratic Party Ticket, Bansal argued that “We owe to our children and future generations to use the power given today and vote for stability, democracy, and bring back the soul of the nation.” 
In her passionate debate as to why Indian Americans should defeat Trump and support Biden & Harris Ticket in 2020, Dr. Hetal Gor said, “In the past four years, Trump’s policies, actions, and words have all been extremely divisive. He has openly supported White supremacist groups, increased racial divide, and wreaked havoc on the social fabric of the nation. His tax cuts have widened the deficit in turn crowding out productive investment and have increased income inequality within the nation. He is unequivocally against a woman’s right to choice. Internationally, Trump has made even our allies turn their back on us. Trump’s policies have revoked India’s special trade status and levied tariffs on India’s imports. He has restricted Visas to Indian immigrants, falsely claimed that India asked the US to intervene in Kashmir, and mediate dispute with China. He has used Prime Minister Modi for his own personal advantage without doing anything constructive for Indians.” 
In her argument for supporting Biden, Dr. Gor believes that “the Biden/Harris campaign will work together to restore core American values. They would make sure the US is seen as a country of a respect as they would cut down hate crime, protect houses of worship, restore the American Dream, secure our values as a nation that was built by immigrants by working to eliminate language barriers for all. Furthermore, they have and will continue to honor the contributions of Indians, and will create a safe environment for all children. They will preserve strong alliances with our allies, and strengthen US-India relationship, and supporting India’s membership in a reformed and expanded UN Security Council.” Advocating strongly to re-elect President Trump and the Republican Party candidates around the nation, Puneet Ahluwalia said, “This will ensure that our nation stays the course for unprecedented economic growth. Especially after the pandemic, we need strong committed leadership which fulfills its promises to the American people. Our nation’s economy needs a leader who is pro-business and understands the plight of hard working Americans. Biden will increase taxes and regulations which will further stifle the economy and run businesses and manufacturing out of our country. The Democratic Party leadership is purposely stalling the economy with draconian mandates to harm Republicans this election, which are playing with American lives.” On the international front, Ahluwalia argued that “Only President Trump can take on the threats of China, Iran and Russia along with other external threats around the globe. As proud Americans, we value growth, freedom and opportunity. It is for the very same reason, I have chosen to run for Lt. Governor of Virginia.” 
According to Dr. Sampat Shivangi, historically US Presidents from the Democratic Party have contributed minimally to the cause of India. “It was Bush who signed the US-India civil nuclear treaty, which stands as a major foreign policy milestone of his presidency.” While Joe Biden has questioned the removal of Article 370 and CAA by Modi Government, President Trump has advanced the friendship between Indian and the US and has opposed the Chinese-Pakistani propaganda in the UN Security Council and proceedings against India on Article 370 and CAA. “It is a known fact that Trump and his Secretary of State went out of the way to support India,” he pointed out. “One has to remember Trump’s statement that India now has its best friend in the White House. It is good to have a friend of India in the White House than its adversary. Now, we the Indian Americans should support a friend of India in the November election as our gratitude towards our motherland.” 
Dr. Anand Tamhankar argued that “This is an once-in-a-lifetime opportunity to make an impact with our votes by helping re-elect President Trump. He has been the most ardent supporter of Modiji’s reforms and the Indian causes, which is in contrast to the open vocal opposition to India and the removal of article 370 and the Citizenship Amendment Act (CAA) by Biden-Harris.” According to him, “Trump is the clear choice if you believe in controlled, legal, merit-based immigration versus mass uncontrolled, vote bank politics-based immigration. A border-less America is unsustainable and a big challenge to the safety and security of citizens as can be seen in Europe and countries with extremely liberal immigration policies in the past. “Trump’s re-election means continued prosperity based on low taxation,responsible and free market capitalism vs Democrat’s socialist policies of unsustainable free handouts,” Dr. Anand Tamhankar argued. “Look beyond the political rhetoric and Covid politics, to his administration’s glowing achievements and results in 4 years despite democrat led distractions of Impeachment, Mueller probe and other impediments. Contrast that with 47+ years of Biden in public office with little to show for it. Trump’ re-election at this critical juncture means rule of law and order versus conditions that we see in many democratic controlled cities. Is that the future we want for our next generation in America?” 
In her closing remarks, Dr. Renee Mehrra, who is well known to the South Asian American community as one of the most prominent broadcast journalists in the tri-state area, said, “The candidate that is compassionate and can heal America, address inequities in education, health, boost the economy, keep our borders safe and secure, bring stability and trust, and where America is respected by the world.. Let that candidate win and be elected as the 46th President of US.”
Dr. Jonnalagadda was born in a family of Physicians. His dad was a Professor at a Medical College in India and his mother was a Teacher. He and his siblings aspired to be physicians and dedicate their lives for the greater good of humanity. “I am committed to serving the community and help the needy. That gives me the greatest satisfaction in life,” he said modesty. Ambitious and wanting to achieve greater things in life, Dr. Jonnalagadda has numerous achievements in life. He currently serves as the President of the Medical Staff at the Hospital. And now, “being elected as the President of AAPI is greatest achievement of my life,” As the President of AAPI, the dynamic physician from the state of Andhra Pradesh, wants to “develop a committee to work with children of AAPI members who are interested in medical school, to educate on choosing a school and gaining acceptance; Develop a committee to work with medical residents who are potential AAPI members, to educate on contract negotiation, patient communication, and practice management; Develop a committee to work with AAPI medical students, and to provide proctorship to improve their selection of medical residencies.” Dr. Jonnalagadda wants to emphasize the importance of Legislative Agenda both here in the US and overseas, benefitting the physicians and the people AAPI is committed to serve. According to him, “The growing clout of the physicians of Indian origin in the United States is seen everywhere as several physicians of Indian origin hold critical positions in the healthcare, academic, research and administration across the nation.” He is actively involved with the Indian community and member at large of the Asian Indian Alliance, which actively participates in a bipartisan way to support and fund electoral candidates. His vision for AAPI is to increase the awareness of APPI globally and help its voice heard in the corridors of power. “I would like to see us lobby the US Congress and create an AAPI PAC and advocate for an increase in the number of available Residency Positions and Green Cards to Indian American Physicians so as to help alleviate the shortage of Doctors in the US.” . A Board-Certified Gastroenterologist/Transplant Hepatologist, working in Douglas, GA, Dr. Jonnalagadda is a former Assistant Professor at the Medical College of Georgia. He was the President of Coffee Regional Medical Staff 2018, and had served as the Director of Medical Association of Georgia Board from 2016 onwards. He had served as the President of Georgia Association of Physicians of Indian Heritage 2007-2008, and was the past Chair of Board of Trustees, GAPI. He was the Chairman of the Medical Association of Georgia, IMG Section, and was a Graduate, Georgia Physicians Leadership Academy (advocacy training). “AAPI and the Charitable Foundation has several programs in India. Under my leadership, we will be able to initiate several more program benefitting our motherland, India,” Dr. Jonnalagadda said. The solemn Award Ceremony by IAPC was led by Padma Shri Dr. Sudhir Parikh, Chairman of Parikh Media and an active leader of AAPI. The virtual ceremony was organized, among others, by Dr. Joseph Chalil, IAPC Chairman; Korason Varghese, Award Committee Chair; & Dr. P.V. Baiju, IAPC Board Member. Dr. Vinod K. Shah, Managing Director of MedStar Shah Medical Group, CEO of Health Prime, and former President of AAPI, was conferred with the prestigious Karma Shrestha Award. WHEELS Global Foundation, a charitable initiative by the Indian Institute of Technology alumni, was conferred The Sathkarma Award. Ranjani Saigal, Executive Director of Ekal Vidyalaya, and Dean Nitin Nohria, Dean of Harvard Business School, were given The SathKarma Award. Ambassador Pradeep Kapur, the author of the book Beyond Covid-19 Pandemic and former Ambassador of India to Chile and Cambodia, received the Excellence in Literature Award. Chancellor of the University of California San Diego, Pradeep Khosla, was awarded the Excellence in Technology & Education Award. The Humanitarian Award was given to Dr. Sunil D. Kumar, Broward Health Medical Center, and former President of AKMG. Satish Korpe, the past President of the Indian American Forum for Political Education, and Madhavan B. Nair, former President of FOKANA, received the Community Service Award. Lalit K. Jha, Chief US Correspondent for Press Trust of India (PTI), was given the IAPC Media Excellence Award. The Indo-American Press Club (IAPC), a 501 (c) 3 Non-Profit Organization headquartered in New York, was formed in 2013 with the ideals of providing a common platform to journalists of Indian-origin living in the United States and Canada committed to professionalism and well-being of the larger society. IAPC is also committed to recognize and honor the outstanding entities and individuals in the community that creates a social impact and excel in their field of profession, culture, service, and business.
In his Presidential Address, Dr. Lal highlighted the importance of journalists and the need to coordinate and bring together journalists under one umbrella. “And it is the commitment and sacrifice of the leaders and members of this organization that has helped us build collaborations between the journalists and writers of the US and India,” Dr. Lal said.
Facilitation speeches were delivered by Ginsmon P Zacharia, IAPC Founder Chairman; Parveen Chopra, Editor, South Asian Times & IAPC Director; Anitha Naveen, IAPC Vancouver Chapter; Joseph John, President, IAPC Alberta Chapter; Bince Mandapam, President, IAPC, Toronto Chapter; Milly Philip, President, IAPC, Philadelphia Chapter; Sabu Kurian, President, IAPC, Atlanta Chapter; Meena Chittilapally, President, IAPC, Dallas Chapter; and, Dr. Mathew Vyramon, Secretary, IAPC, Houston Chapter. Mini Nair, a Member of BOD, introduced Dr. Lal. A vote of thanks was proposed by Annie Anuvelil, IAPC Secretary
The Grand Finale, the solemn Award Ceremony, was led by Padma Shri Dr. Sudhir Parikh; Dr. Joseph Chalil, IAPC Chairman; Korason Varghese, Award Committee Chair; & Dr. P.V. Baiju, IAPC Board Member. WHEELS Global Foundation, a charitable initiative by the Indian Institute of Technology alumni, was conferred The Sathkarma Award. Dr. Vinod K. Shah, Managing Director of MedStar Shah Medical Group, CEO of Health Prime, and former President of AAPI, was conferred with the prestigious Karma Shrestha Award.
Physician Wellness: Stress and Burnout will be the topic addressed by Dr. Lucky Jain, Professor and Chair at Emory University School of Medicine, Department of Pediatrics& Chief Academic Officer, Children’s Healthcare of Atlanta; and, Dr. Rohit Kumar Vasa, an Attending Neonatologist at Ann and Robert H. Lurie Children’s Hospital, Chicago, Chair of Pediatrics and Neonatology Site Leader, Mercy Hospital and Medical Center, Chicago.
“Leading media personalities from around the world have been collaborating with IAPC” said Mathewkutty Easo, Secretary, Board of Directors. “IAPC is committed to connecting, training and encouraging emerging media professionals through innovative IT windows and platforms.”
