A brand new report shared by Google’s Threat Analysis Group (TAG) highlights an ongoing phishing marketing campaign towards YouTube creators, sometimes ensuing within the compromise and sale of channels for broadcasting cryptocurrency scams.
The TAG attributes the assaults to a bunch of hackers recruited in a Russian-speaking discussion board that hacks the creator’s channel by providing faux collaboration alternatives. Once hijacked, the YouTube channels are both offered to the best bidder or used to broadcast cryptocurrency scams:
“A large number of hijacked channels were rebranded for cryptocurrency scam live-streaming. On account-trading markets, hijacked channels ranged from $3 USD to $4,000 USD depending on the number of subscribers.”
The YouTube accounts are reportedly being hacked utilizing cookie theft malware, a faux software program configured to run on a sufferer’s laptop with out being detected. TAG additionally reported that the hackers additionally modified the names, profile footage and content material of the YouTube channels to impersonate giant tech or cryptocurrency change corporations.
According to Google, “the attacker live-streamed videos promising cryptocurrency giveaways in exchange for an initial contribution.” The firm invested in instruments to detect and block phishing and social engineering emails, cookie theft hijacking and crypto-scam stay streams as a countermeasure.
Given the continued efforts, Google has managed to lower the amount of Gmail phishing emails by 99.6% since May 2021. “With increased detection efforts, we’ve observed attackers shifting away from Gmail to other email providers (mostly email.cz, seznam.cz, post.cz and aol.com),” the corporate added.
Google has shared the above findings with the Federal Bureau of Investigation (FBI) of the United States for additional investigation.
Over 3.1 million (3,117,548) person e-mail addresses have been reportedly leaked from a crypto price-tracking web site known as CoinMarketCap.
According to a Cointelegraph report, Have I Been Pwned, a web site devoted to monitoring on-line hacks discovered the hacked e-mail addresses being traded and offered on-line on numerous hacking boards.
CoinMarketCap acknowledged the correlation of the leaked information with their userbase however maintains that no proof of a hack has been discovered on their inner servers:
“As no passwords are included in the data we have seen, we believe that it is most likely sourced from another platform where users may have reused passwords across multiple sites.”