Illegal content on YouTube? Beware spammed-out malware attack

Internet users are being warned about a malware attack that has been spammed out widely, posing as a communication from YouTube about copyrighted video content.

The emails, which have the subject line “Your video may have illegal content”, pretend to come from Google’s YouTube team.

Here’s an example:

Subject: Your video may have illegal content
Attached file: Content_ID755658_Matches.zip

Message body:
Your video may have content that is owned or licensed by Music Publishing Rights Collecting Society.

No action is required on your part; however, if you are interested in learning how this affects your video, please open attached file with Content ID Matches section of your account for more information.

Sincerely,
- The YouTube Team

The attached ZIP file, however, contains the Troj/Agent-XXC Trojan horse.

Sophos anti-virus products have been capable of detecting the malware since September 25th – but users of products from other vendors may not be as well protected.

Always be suspicious of unsolicited emails – and don’t rush to click on unexpected attachments.

Found this article interesting? Follow Graham Cluley on LinkedIn, Bluesky, or Mastodon to read more of the exclusive content we post.

---