Written by Tonya Riley
Oct 20, 2021 | CYBERSCOOP
Scammers have been targeting YouTube creators with fake content collaboration offers in order to steal their accounts, according to a Google Threat Analysis Group report published Wednesday.
Google began tracking and disrupting the campaign in late 2019. Approximately 4,000 YouTube channels stolen as part of the campaign have been recovered since May, according to the report. YouTube has struggled with outsiders taking over channels to spread cryptocurrency scams before, as fraudsters took over several high-traffic channels in August 2020 themed around the launch of SpaceX’s first spaceflight with NASA.
As a part of the latest phishing campaign, scammers sent emails to creators offering collaborations. Once the creator agreed, the scammer sent them a link to malicious software that appeared to be a legitimate URL. Attackers created more than 1,000 websites to help spread the ruse, including some that impersonated real companies including a Cisco virtual private network and the gaming service Steam. One of the websites posed as a “Covid19 news software.”
Once downloaded, the malware stole user passwords or session cookies that allowed the hacker to access the account in question. Scammers then flipped the account to impersonate technology