Google attributed the malware campaign to a group of attackers recruited via a Russian-language hacker forum.
Google has disclosed details of a new campaign involving phishing attacks launched against YouTube channel owners with the sole purpose of hijacking their channels. According to the report, threat actors are using cookie theft malware in the attacks to take control of the device/computer and hack YouTube accounts.
Researchers revealed that attackers behind this channel hijacking scheme are financially motivated as they auction off the stolen channels if they have a large number of followers or promote cryptocurrency scams by abusing these accounts.
About the Campaign
In their report, Google’s Threat Analysis Group’s (TAG) Ashley Sen attributed to a group of attackers recruited via a Russian-language forum through the following job description, offering two types of work:
The attacks have been going on since 2019, and attackers used to lure targets through fake collaboration schemes such as requests to purchase ads on the targeted user’s channel, photo editing, online games or music players, VPNs, and demo for anti-virus software, etc.
After gaining the channel owner’s trust, the scammers would send the victim a URL through email or a Google