SharpCovertTube is a program created to control Windows systems remotely by uploading videos to Youtube.
The program monitors a Youtube channel until a video is uploaded, decodes the QR code from the thumbnail of the uploaded video and executes a command.
The QR codes in the videos can use cleartext or AES-encrypted values.
It has two versions, binary and service binary, and it includes a Python script to generate the malicious videos. Its purpose is to serve as a persistence method using only web requests to the Google API.
Run the listener in your Windows system:
It will check the Youtube channel every a specific amount of time (10 minutes by default) until a new video is uploaded. In this case, we upload “whoami.avi” from the folder example-videos:
After finding there is a new video in the channel, it decodes the QR code from the video thumbnail, executes the command and the response is base64-encoded and exfiltrated using DNS:
For more information click here
If you want to Install Python on Ubuntu systems for development, automation, or scripting, Ubuntu…
Managing virtual mail users manually can quickly become difficult on a busy mail server. That’s…
Managing administrative access properly is essential for every Linux system. When you Add User Sudoers…
Installing Google Chrome on Ubuntu systems is a simple process that gives users access to…
Setting up a LAMP Stack Ubuntu server is one of the fastest ways to host…
Keeping your system credentials updated is one of the simplest ways to improve Linux security.…