The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has issued a critical warning regarding the growing threat of cybercriminal gangs leveraging AI-generated YouTube videos to distribute malware. This threat specifically targets individuals and organizations seeking pirated software and resources, posing significant risks that could lead to severe consequences.

According to the NCC-CSIRT advisory, unaware viewers are lured by AI-generated educational videos, often disguised as tutorials for pirating popular and expensive software like AutoCAD, Adobe Photoshop, and Adobe Premiere Pro. These videos are meticulously crafted using artificial intelligence, featuring human figures with facial characteristics that are scientifically proven to evoke trust in viewers. The tutorials themselves are frequently bogus, designed to steer viewers towards malicious links embedded in the video descriptions.

Clicking these deceptive links typically initiates the download of various information-stealing malware, including notorious strains such as Raccoon, Vidar, and RedLine. The NCC-CSIRT has noted an alarming trend, with a reported 200–300% month-over-month increase in the number of YouTube videos containing these malicious links since November 2022.

The potential repercussions for victims are substantial, encompassing critical damage such as data theft, significant financial loss, identity theft, irreparable system damage, and severe reputation damage for both individuals and organizations. Beyond the distribution of pirated software, malicious actors employ AI-generated videos in several other ways to compromise devices and data.

These methods include creating seemingly harmless or entertaining videos that contain hidden or disguised malicious code, which can infect a viewer’s device upon download or playback. Cybercriminals also craft AI videos that impersonate legitimate software updates or security patches, tricking viewers into downloading malware. Furthermore, they utilize AI-generated videos for sophisticated phishing scams, designing videos that appear to originate from credible companies or organizations, prompting viewers to click on links and divulge sensitive login credentials or personal information on fake websites. Another alarming tactic involves distributing ransomware through innocent-looking videos, where clicking an associated link or downloading a file infects the device, locking files and demanding payment for access.

To mitigate these pervasive threats, the NCC-CSIRT strongly advises telecom consumers to refrain from downloading pirated software, emphasizing its inherent harm and illegality. Essential preventive measures include installing and consistently updating antivirus software equipped with internet security features, deploying a comprehensive Endpoint Detection and Response (EDR) solution, and exercising extreme caution by thoroughly thinking before clicking any suspicious link.