YouTube videos promoting game cheats are being used to spread a new malware, dubbed Arcane, predominantly targeting Russian-speaking users. The malware collects account information from various network utilities and gaming clients. The attack process involves sharing links to a password-protected archive on YouTube videos, which then launches two executables that disable Windows SmartScreen protections.
Attackers Leverage Weaponized CAPTCHAs to Execute PowerShell and Deploy Malware
Cybercriminals are tricking users into executing malicious PowerShell commands and malware using fake CAPTCHA challenges, as highlighted in HP Wolf Security’s March 2025 report. The
