xrp crypto news

YouTube channels hacked and rebranded for livestreaming crypto scams

YouTube channels hacked and rebranded for livestreaming crypto scams
Written by publisher team

A new report shared by Google’s Threat Analysis Group (TAG) highlights an ongoing phishing campaign against YouTube content creators, typically resulting in compromise and selling channels to broadcast crypto-related scams.

TAG attributed the attacks to a group of hackers recruited into a Russian-speaking forum who infiltrated the creator’s channel by offering fake collaboration opportunities. Once hijacked, YouTube channels are either sold to the highest bidder or used to broadcast cryptocurrency scams:

“A large number of hacked channels have been renamed for live crypto scams. In the account trading markets, the hacked channels ranged from $3 to $4000 depending on the number of subscribers.”

YouTube accounts are reportedly hacked using a cookie-stealing malware, a fake program configured to run on the victim’s computer undetected. TAG also reported that the hackers also altered the names, profile pictures, and content of YouTube channels to impersonate big tech companies or cryptocurrency exchanges.

According to Google, “The attacker’s live videos promise crypto donations in exchange for an initial contribution.” The company has invested in tools to detect and block phishing and social engineering messages, cookie theft hijacking, and live streams of crypto spoofing as a countermeasure.

Due to ongoing efforts, Google has been able to reduce the volume of fraudulent emails on Gmail by 99.6% since May 2021.” With increased detection efforts, we have observed attackers moving from Gmail to other email service providers (mostly email.cz, seznam.cz and post .cz and aol.com),” the company added.

Google has shared the above findings with the US Federal Bureau of Investigation for further investigation.

Related: CoinMarketCap hack reportedly leaks 3.1 million user email addresses

More than 3.1 million (3117548) user email addresses have been leaked from cryptocurrency price tracking website CoinMarketCap.

As Cointelegraph reported, Have I Been Pwned – a website dedicated to tracking online hacks – has found hacked email addresses circulating and sold online on various hacking forums.

CoinMarketCap acknowledges the relationship of the leaked data with its user base but confirms that no evidence of the breach was found on its internal servers:

“Because no passwords were included in the data we saw, we think it most likely came from another platform where users may have reused passwords across multiple sites.”