Thousands of YouTubers are hacked and their accounts spoofed by the very classic phishing method via E-mail. The objective: disseminate content related to cryptocurrency scams by reaching as many people as possible.

By the admission of Google, these are thousands of accounts of YouTubers which are regularly hacked. Influencers are denied access to their account, or see their channel display content related to cryptocurrency scams. Sometimes hackers demand a ransom to free the account.

Taking control of an account of YouTuber is therefore not uncommon and, according to Google, it remains difficult to fight. Everything usually comes from a Phishing well orchestrated but, all in all, quite classic. The attacker sends his target a teaser email that appears to come from a real company wishing to enter into a commercial relationship with him. This is an email regarding a product placement, software, an advertising banner …

In fact, the content of this message completely falls within the uses of this YouTuber profession. As soon as the victim clicks on the link of the message allowing access to the offer or to the software, he triggers the trap. But, as often the accounts are protected by a authentication double factor, it is necessary to be cunning.





To prevent this authentication procedure from triggering, or any other security system refusing the connection, hackers will retrieve data. Cookies session implemented in the victim’s browser. No need to show any white paws thanks to these Cookies which show that your session is still active, therefore authorized.

A theft of transfer cookies to thwart protections

By autopsying these attacks, Google was able to identify a dozen tools that hackers use to steal these precious cookies. And still according to the firm, more than 1,000 domain names and as many pages have been designed to fool YouTubers. In addition, there are 15,000 email accounts linked to hackers. Google also explains that the wave taking control of accounts Youtube increased in August 2020. Influencer accounts with several hundred thousand subscribers were thus hacked and modified to broadcast scam videos on the bitcoin.

To avoid these takeovers, Google says it has strengthened its teams. Security experts would have intercepted 99.6% of these e-mails from phishing on Gmail, with 1.6 million messages. 2,400 malicious files were also reportedly blocked. And, in total, 4,000 account restores were reportedly undertaken. But the concern is that, to bypass this surveillance, hackers are now looking for YouTubers who do not necessarily use their address. Gmail, but another service.

To get out of Google’s radar, they also manage to redirect victims to platforms like WhatsApp, Telegram, Discord. Under these conditions, it becomes more difficult for Google to block these phishing campaigns. To limit the breakage, even if it is not unstoppable, the firm will ask from the 1er November to YouTubers to activate thetwo-factor authentication and take into consideration Google’s security messages.