YouTube Game Cheats: Unveiling Arcane, the New Stealer Malware Targeting Users in the Gaming Community
Newly Discovered Malware ‘Arcane’ Targets Gamers Through YouTube Cheat Videos
March 20, 2025 | Ravie Lakshmanan
In a striking revelation, cybersecurity giants have uncovered a new strain of malware dubbed "Arcane," reportedly infesting computers via YouTube videos promoting game cheats. Focusing largely on Russian-speaking users, this sophisticated malware is designed to extract a wealth of personal information, including login credentials and cryptocurrency wallet details, from its victims.
Kaspersky, a leading cybersecurity firm, highlighted Arcane’s extensive data-gathering capabilities. The malware covertly collects account information from popular VPNs and gaming platforms, as well as various network utilities. Its attack method is notably cunning—links to a password-protected archive are embedded within YouTube content. When these links are activated, users inadvertently launch a batch file that utilizes PowerShell to download additional malicious files.
Once installed, Arcane operates stealthily, disabling Windows SmartScreen protections to evade detection. Among its payload are two binaries: one serves as a cryptocurrency miner, while the other functions as a sophisticated stealer, previously known as VGS, but now replaced by Arcane for enhanced effectiveness.
Notably, Arcane can harvest data from a variety of applications—ranging from popular messaging services like Discord to email clients such as Microsoft Outlook. It not only steals passwords but can also take screenshots, enumerate running processes, and expose saved Wi-Fi network passwords.
The flexibility and adaptability of the cybercriminals behind Arcane highlight a troubling trend in malware distribution, showcasing their relentless innovation to bypass security measures. As this digital threat continues to evolve, users are urged to practice vigilance and security best practices, particularly when navigating online gaming and multimedia platforms.