Member Login
menu

'Massive' Phishing Campaign Targeted A List Of YouTube Influencers Around The World

24/09/2019

With more than a billion people glued to the platform, YouTube is already and by far, the most popular video-streaming website

In a highly coordinated phishing campaign, malicious actors have managed to launch "massive" attacks by targeting a list of YouTubers around the globe. The discovery and warning was made by Catalin Cimpanu, a ZDNet reporter, who spoke to a member of an internet forum with a history of trading access to hacked accounts.

According to the investigation, many accounts belonging to well-known YouTubers within the auto-tuning and car review community have been hijacked. But it didn't stop there, as others with channels covering technology, music, gaming and Disney, have also flied complains after they lost access to their own channels.

Many of them are flooding Twitter, as well as the YouTube support forum, demanding help and explanation.

In other words, with about 23 million channels on YouTube, that many are becoming potential targets of this malicious campaign.

YouTube hacked
One of the affected YouTube account that has been snatched from its owner. (Credit: ZDNet)

However, it would appear the attack itself has been directed mostly towards "influencers" across many YouTube channel genres.

The investigation by Cimpanu suggests that the attacks were coordinated by spear phishing campaigns.

Having spoken to a hacker named Askamani, who is a member of an internet forum OGUsers where online account hijackers are known to chat and trade, Cimpanu was able to determine that the attacks were indeed highly targeted.

To Cimpanu, Askamani said that:

"These campaigns targeting car accounts are something normal. Means someone got their hands on an email list with addresses from a specific sector. My money is on someone hacking into one of those social media influencer databases."

"You can spam random people all you like, but you won't get access to accounts with good subs [subscribers]. If there's a spike in complaints, as you said, then someone got their hands on a real nice database and their now getting a bang for their buck."

YouTube hacked
Forum threads on OGUsers website, showing people selling hacked YouTube accounts. (Credit: ZDNet)

What happened here was that, owners of YouTube channels were receiving emails, aimed to lure them into a fake Google login page. The fake page is used to trick the unsuspecting YouTube influencers into giving their Google account credentials.

Having this data and in return, the malicious actor can have access to their YouTube accounts.

In the worst cases, whoever gets their hands on the data, can initiate a transfer of ownership, and change the channel's URL.

This would make the actual owners of the channels and those who subscribed into thinking that the channels have been deleted.

Fortunately, some of the accounts were using Google's two-factor authentication for additional protection, posing difficulties for an actual breach. But unfortunately, some of the 2FA-secured accounts failed and got hacked, suggesting that the attackers were able to intercept 2FA codes.

Askamani continued by saying:

"I'd keep my eye on OGUsers and the Russian forums if I were you. Those accounts need to be dumped really quick before YouTube gives them back to their original owners. You need to sell hacked accounts real quick before they become worthless."