Topic: YouTube channels hacked and rebranded for live-streaming crypto scams - page 2. (Read 210 times)
October 24, 2021, 11:30:24 PM
I saw for the second time the other day one where Saylor appeared and they promised a giveaway where in order to get a certain amount of Bitcoin, you had to send Bitcoin first to a certain address. I guess, as with all scams, they just need a small percentage of people to fall for it to be profitable.
October 24, 2021, 10:55:54 PM
and there is actually people that sell youtube channel and live streaming scam usually only comes in matter of hour i know some of it that elon give free bitcoin or doubled amount that you invested 
as long the email of account owner safe they can recover it
as long the email of account owner safe they can recover it October 24, 2021, 10:33:11 PM
This is alarming but good thing that since YouTube is a centralized platform the stolen accounts will eventually be returned to the rightful owners. What is noticeable here is that hackers now have the technology to override passwords and I am assuming that these famous YouTube accounts are not using too simplistic passwords. That same technology can also be used to hack on emails of people whom the hackers thinks can give them some benefits. Another lesson here is to be careful what you see, read and view on YouTube as you never know that the channel is already taken over by somebody else. Well, such is the risk when we are involved with cryptocurrency and an online platform like YouTube which can also be said on any social media platforms.
October 24, 2021, 07:50:55 PM
According to Google's article, the malwares were able to steal cookies and passwords : Phishing campaign targets YouTube creators with cookie theft malware
Fortunetly, 99% of the hijacked channels were recovered.
Fortunetly, 99% of the hijacked channels were recovered.
October 24, 2021, 05:28:24 PM
Google’s Threat Analysis Group (TAG) attributes the attacks to a group of hackers recruited in a Russian-speaking forum that sells the hacked YouTube channels to the highest bidder.
A new report shared by Google’s Threat Analysis Group (TAG) highlights an ongoing phishing campaign against YouTube creators, typically resulting in the compromise and sale of channels for broadcasting cryptocurrency scams.
The TAG attributes the attacks to a group of hackers recruited in a Russian-speaking forum that hacks the creator’s channel by offering fake collaboration opportunities. Once hijacked, the YouTube channels are either sold to the highest bidder or used to broadcast cryptocurrency scams:
“A large number of hijacked channels were rebranded for cryptocurrency scam live-streaming. On account-trading markets, hijacked channels ranged from $3 USD to $4,000 USD depending on the number of subscribers.”
The YouTube accounts are reportedly being hacked using cookie theft malware, a fake software configured to run on a victim’s computer without being detected. TAG also reported that the hackers also changed the names, profile pictures and content of the YouTube channels to impersonate large tech or cryptocurrency exchange firms.
According to Google, “the attacker live-streamed videos promising cryptocurrency giveaways in exchange for an initial contribution.” The company invested in tools to detect and block phishing and social engineering emails, cookie theft hijacking and crypto-scam live streams as a countermeasure.
Given the ongoing efforts, Google has managed to decrease the volume of Gmail phishing emails by 99.6% since May 2021. “With increased detection efforts, we’ve observed attackers shifting away from Gmail to other email providers (mostly email.cz, seznam.cz, post.cz and aol.com),” the company added.
Google has shared the above findings with the Federal Bureau of Investigation (FBI) of the United States for further investigation.
Over 3.1 million (3,117,548) user email addresses were reportedly leaked from a crypto price-tracking website called CoinMarketCap.
According to a Cointelegraph report, Have I Been Pwned, a website dedicated to tracking online hacks found the hacked email addresses being traded and sold online on various hacking forums.
CoinMarketCap acknowledged the correlation of the leaked data with their userbase but maintains that no evidence of a hack has been found on their internal servers:
"As no passwords are included in the data we have seen, we believe that it is most likely sourced from another platform where users may have reused passwords across multiple sites."
Source: https://cointelegraph.com/news/youtube-channels-hacked-and-rebranded-for-live-streaming-crypto-scams
A new report shared by Google’s Threat Analysis Group (TAG) highlights an ongoing phishing campaign against YouTube creators, typically resulting in the compromise and sale of channels for broadcasting cryptocurrency scams.
The TAG attributes the attacks to a group of hackers recruited in a Russian-speaking forum that hacks the creator’s channel by offering fake collaboration opportunities. Once hijacked, the YouTube channels are either sold to the highest bidder or used to broadcast cryptocurrency scams:
“A large number of hijacked channels were rebranded for cryptocurrency scam live-streaming. On account-trading markets, hijacked channels ranged from $3 USD to $4,000 USD depending on the number of subscribers.”
The YouTube accounts are reportedly being hacked using cookie theft malware, a fake software configured to run on a victim’s computer without being detected. TAG also reported that the hackers also changed the names, profile pictures and content of the YouTube channels to impersonate large tech or cryptocurrency exchange firms.
According to Google, “the attacker live-streamed videos promising cryptocurrency giveaways in exchange for an initial contribution.” The company invested in tools to detect and block phishing and social engineering emails, cookie theft hijacking and crypto-scam live streams as a countermeasure.
Given the ongoing efforts, Google has managed to decrease the volume of Gmail phishing emails by 99.6% since May 2021. “With increased detection efforts, we’ve observed attackers shifting away from Gmail to other email providers (mostly email.cz, seznam.cz, post.cz and aol.com),” the company added.
Google has shared the above findings with the Federal Bureau of Investigation (FBI) of the United States for further investigation.
Over 3.1 million (3,117,548) user email addresses were reportedly leaked from a crypto price-tracking website called CoinMarketCap.
According to a Cointelegraph report, Have I Been Pwned, a website dedicated to tracking online hacks found the hacked email addresses being traded and sold online on various hacking forums.
CoinMarketCap acknowledged the correlation of the leaked data with their userbase but maintains that no evidence of a hack has been found on their internal servers:
"As no passwords are included in the data we have seen, we believe that it is most likely sourced from another platform where users may have reused passwords across multiple sites."
Source: https://cointelegraph.com/news/youtube-channels-hacked-and-rebranded-for-live-streaming-crypto-scams
Jump to: