https://safirsoft.com How hackers hijacked thousands of important YouTube accounts

The wave of attacks has turned manufacturers' channels into cryptocurrency scams.

At least since 2019, popular YouTube channels have been taken over by hackers. Sometimes they spread cryptocurrency scams, and sometimes they simply get into the account by auctioning. Now, Google describes a technique that hired hackers have used to compromise thousands of YouTube creators over the past few years.

Cryptocurrency scams and account confiscations are common. Take a look at the Twitter hack last fall for an example of the widespread chaos. But the ongoing attack on YouTube accounts, both in terms of scope and in the methods used by hackers, is an old tactic that is hard to defend nonetheless. It all starts with a slip of the tongue. The attackers send emails to YouTube creators who appear to be from a real service — such as a VPN, photo-editing program, or antivirus — and offer to cooperate. They offer a standard advertising scheme: Show our product to your viewers so we can pay you. This is the kind of transaction that is done daily to prominent people on YouTube, which is a vibrant and influential payment industry.

Clicking the link to download the product will take the developer to the malware access site instead of the actual transaction. In some cases, hackers falsified known values, such as Cisco VPN and Steam games, or pretended to be COVID-19-focused media. Google says it has found more than 1,000 domains so far to target unwanted YouTubers. Only the scale is shown. The company also found 15,000 email accounts related to the attackers behind the plot. The attacks do not appear to have been the work of a single entity. According to Google, many hackers have advertised account capture services on Russian-speaking forums.

Ads

When YouTube inadvertently downloads malware, it receives certain cookies from its browser. Session cookies confirm that the user has successfully logged into their account. A hacker can upload the stolen cookies to a malicious server and allow them to be identified as real victims. Session cookies are especially valuable to attackers because they eliminate the need to go through any part of the login process. “Who needs a Death Star hold point to steal credit when you can borrow an attacker’s shield?” says Jason Polkis, PC.

A scientist at the University of Illinois at Chicago studies cookie theft techniques. "This makes browser cookies a very valuable resource for them, as they can prevent additional security and defense checks at login." It's been over a decade, but it's still effective. In these campaigns, Google says hackers have used dozens of off-market and open source malware tools to steal browser cookies from victims' devices. “Many of these hacking tools can also steal passwords,” Polkis says. Attackers can use high-risk email accounts to advertise scams and phishing campaigns, or they can even use stolen session cookies to "Google does not confirm any specific cookie theft incidents, but there was a significant increase in seizures in August 2020," When hackers created multiple accounts with hundreds of funds.” They kidnapped thousands of followers, renamed channels “Ilan Mask” or “SpaceX,” and then broadcast scam messages live from Bitcoin. The attacks are likely to be at least somewhat successful given their prevalence. Advertising

This type of YouTube account capture increased in 2019 and 2020, Google says the group has a number of security teams invited to address the issue As of May 2021, the company announced 99.6% of these phishing messages were received in Gmail With 1.6 million messages, 2,400 malicious files blocked, 62,000 phishing page alerts displayed, and 4,000 successful account restores. Google researchers are now looking at attackers targeting developers who use non-Gmail email providers — such as aol.com, email.cz, seznam.cz, and post.cz — as a way to prevent phishing from being detected by using Google. The attackers also tried to divert their targets to WhatsApp, Telegram, Discord or other messaging apps to keep them out of sight. Google TAG explains in a blog post. “Channel name, profile picture, and content have been replaced by crypto branding to mimic big tech companies and cryptocurrency exchanges. Attacker’s live video promises crypto gifts in exchange for first aid.” Although two-factor authentication cannot stop these malware-based cookie thefts, it is an important protection against other types of scams and phishing scams. He wants to run a Google Account associated with YouTube Studio or YouTube Studio Content Manager for two reasons. It's also important to pay attention to Google's Safe Browsing warnings about malicious pages. And as always, be careful what you click and which attachments you download from your email.

A simpler tip for YouTube viewers: It sounds great if your favorite channel is promoting a cryptocurrency transaction. Give her a dramatic squirrel side eye and go ahead.

This story originally appeared on wired.com.

How hackers hijacked thousands of important YouTube accounts
how-hackers-hijacked-thousands-of-important-youtube.html

https://safirsoft.com The iPhones of US diplomats have been hacked using NSO's

The iPhones of US diplomats have been hacked using NSO's "0-click" exploits.

Pegasus NSO secret malware grants full remote access to infected devices. Its merchandise is for journalists, lawyers, activists, and American allies....
https://safirsoft.com AT&T couldn't fix ohio man internet service that was down for a month

AT&T couldn't fix ohio man internet service that was down for a month

The wireless user only needed a new antenna, but AT&T couldn't figure out the problem, it failed. The Akron Beacon Journal reported today that there i...
https://safirsoft.com A ransomware attack on Planned Parenthood steals the information of 400,000 patients

A ransomware attack on Planned Parenthood steals the information of 400,000 patients

Hackers gained access to a Planned Parenthood ward in Los Angeles for eight days. ...
https://safirsoft.com Hackers Withdraw $31 Million From Cryptocurrency Service MonoX Finance

Hackers Withdraw $31 Million From Cryptocurrency Service MonoX Finance

The company says it contacted the hacker to get the money back. good luck.

China-based blockchain startup MonoX Finance said Wednesday that a...

https://safirsoft.com Thousands of AT&T customers in the US have been infected with new data-stealing malware

Thousands of AT&T customers in the US have been infected with new data-stealing malware

The malware exploits the 2017 vulnerability on the widely used network edge device. Researchers said Tuesday that attacks and attacks on internal netw...
https://safirsoft.com Microsoft plans to integrate 'Buy Now, Pay Later' app on Edge

Microsoft plans to integrate 'Buy Now, Pay Later' app on Edge

One user says: "It all seems unnecessary to the browsing experience."

Microsoft is working hard to plan to integrate a short-term funding pla...