Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

Google and Check Point nuke massive YouTube malware network

The campaign used over 3,000 videos to spread infostealing malware via fake and hijacked YouTube accounts, targeting credentials and crypto wallets, Check Point said.

  • Check Point reported over 3,000 malware-laced YouTube videos to Google on September 25th, leading to their removal after coordinated efforts.
  • Check Point found the network has been active since 2021 and surged in 2025, tripling malicious videos using uploaders, commenters, and link distributors with hijacked accounts.
  • Malicious uploads promised cracked software and game cheats; a Photoshop lure drew almost 300,000 views on a channel with 129,000 subscribers, while victims downloaded malware from Dropbox and Google Drive.
  • Check Point said the campaign compromised thousands of victims by stealing credentials, crypto wallets and system data, with Eli Smadja warning, `In today's threat landscape, a popular-looking video can be just as dangerous as a phishing email.`
  • Check Point warned the approach could be co-opted by nation-state groups, noting the network’s scale and modularity create a blueprint for weaponizing engagement tools; it shared its full report after reporting videos on September 25th.
Insights by Ground AI

12 Articles

Tech RadarTech Radar
Center

Thousands of YouTube videos disguised as cheat codes removed for spreading malware

The malware distribution network was disrupted - but viewers should still be cautious.

·United Kingdom
Read Full Article
PC MagPC Mag
Lean Left

YouTube Videos About Game Hacks Were Used to Spread Malware

Security firm Check Point warns about a 'YouTube Ghost Network' that circulated malware via 3,000+ videos that claimed to feature tips about game hacks and software bootlegging.

·United States
Read Full Article
ZDNetZDNet
Center

Don't be tempted by this scam on YouTube - how to protect yourself

Researchers say it is "one of the largest malware operations seen on YouTube."

·United States
Read Full Article
The RegisterThe Register
Center

Google and Check Point nuke massive YouTube malware network

: Check Point helps exorcise vast 'Ghost Network' that used fake tutorials to push infostealers

Read Full Article
Génération-NTGénération-NT

A Ghost Network on Youtube Has Distributed Malware via Thousands of Videos

More than 3,000 videos, disguised as software cracks or game tricks, have been the source of newstealers. A YouTube Ghost Network that relied on compromised accounts and fake comments. deleted by Google. The network used compromised accounts and false comments to install infotealers like Rhadamanthys and Lumma.

Read Full Article
Netzpalaver | #CloudComputing #Datacenter #Cybercrime #Telekommunkation #InfrastrukturNetzpalaver | #CloudComputing #Datacenter #Cybercrime #Telekommunkation #Infrastruktur

Youtube Ghost Network - How Check Point Research Helped to Remove 3000 Malicious Videos that Spread Malware

Check Point Software Technologies has revealed a large-scale cyber network hidden in one of the most trusted areas of the Internet: Youtube. What looked like harmless tutorials and software demos turned out to be a sophisticated network for the distribution of malware, known as the "YouTube Ghost Network." In summary: Check Point Research revealed the Youtube Ghost Network, a large-scale malware dissemination action, [...] The article Youtube Gh…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 75% of the sources are Center
75% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

The Register broke the news in on Thursday, October 23, 2025.
Sources are mostly out of (0)

Similar News Topics

YouTube icon

YouTube

Google icon

Google

Software icon

Software

Internet icon

Internet

News
For You
SearchBlindspotLocal