How hackers are hijacking YouTube accounts to run ads for cryptocurrency scams

Google’s Threat Analysis Group shared details of a long-running phishing attack on YouTubers. The campaign, apparently being carried out by hackers recruited in a Russian-speaking forum, uses “fake collaboration opportunities” to attract YouTubers, then hijacks their channel using a “pass-the-cookie attack,” with the goal of either selling it off or using it to broadcast–of course–cryptocurrency scams.

A phishing email offers a promotional collaboration. After the deal has been reached, the YouTuber will be sent a link to a malware webpage disguised as a download URL. Here’s where the real action begins. When the target runs the malware, it pulls the cookies from their computers and uploads them onto “command and control” servers operated by hackers.

According to Google, these cookies “enable access to user accounts with session cookie stored in the browser.” Hackers don’t have to worry about getting YouTubers login credentials stolen because remote sites will think that they are already logged into.

“Cookie theft” refers to an old technique for digital hijacking that is gaining popularity among unscrupulous actors. This may be due to the widespread adoption security precautions that make it more difficult to hack newer techniques. For example, two-factor authentication is a popular security feature on major websites, but it is not effective against cookie theft. It should be used wherever possible.

Ars Technica was told by Jason Polakis, a computer scientist at the University of Illinois Chicago. “Additional security mechanisms such as two-factor authentication could present considerable obstacles for attackers.” Browser cookies are an invaluable resource to them because they can bypass the security checks and defenses that may be triggered during login.

This is how a “large number” channel hijacked by this method are rebranded to pretend to be large technology companies or cryptocurrency exchanges. Then they start running streams promising cryptocurrency giveaways for an up-front fee. They can fetch as much as $3000 to $4000 depending on how many subscribers they have.

Google claimed that it has reduced the number of phishing emails associated with these attacks by 99.6%, blocked approximately 1.6 million emails, and sent 2,400 files to targets. Attackers are now moving to non-Gmail services, including and The human factor is still the biggest challenge in cybersecurity. Phishing emails can be quite deceitful (I have fallen for at least one of these scams, and I know this stuff), and it can be difficult to stop once that happens.

It’s tempting to promise “something for nothing,” too. The 2020 big Twitter hack (which started with a “phone spearphishing attack”) stole more than $100,000 from victims. The hackers promised to “give back to the community” by promising to double victims’ Bitcoin contributions.–impact-honkai-2022/c/GgsLPBmaevo–impact-honkai-2022/c/TsRh5-iRmbs–impact-honkai-2022/c/GnN40yjJXIA–impact-honkai-2022/c/-Oix_xxggl0–impact-honkai-2022/c/q2b421COX1U–impact-honkai-2022/c/znfcLTTzFjY–impact-honkai-2022/c/nDDzQqaPXS0–impact-honkai-2022/c/nDDzQqaPXS0–impact-honkai-2022/c/OpreZNIOOFw–impact-honkai-2022/c/YHo_fpd5HA8–impact-honkai-2022/c/HbbIVlF_TA4

You May Also Like


About the Author: TheDailyNewsGlobal

Leave a Reply

Your email address will not be published. Required fields are marked *