According to a recent analysis from Google’s Threat Analysis Group (TAG), a continuous phishing effort targeting YouTube producers is resulting in the breach and sale of channels used to broadcast bitcoin frauds.
According to the TAG, the attacks carried out by a group of hackers recruited from a Russian-speaking forum who hacked the creator’s channel by posing as collaborators. The YouTube channels are either for sale to the highest bidder or in use to broadcast bitcoin frauds once hackers take control of these channels.
“A huge number of hijacked channels have been renamed and are now live-streaming crypto scams. Theft of channels ranged from $3 to $4,000 USD on account-trading marketplaces, depending on the number of subscribers.”
Crypto rewards offerings in return for an initial contribution
Cookie theft virus, a bogus program built to invisibly operate on a victim’s machine, is apparently being in use to hijack YouTube accounts. The hackers also modified the names, profile images, and content of YouTube channels. In order to impersonate significant-tech or crypto trading organisations, according to TAG.
“The attacker live-streamed videos offering crypto rewards in return for an initial contribution,” according to Google. As a countermeasure, the corporation purchased technologies to identify and thwart phishing and social engineering emails. As well as cookie theft hijacking, and crypto-scam live streaming.
Significant effort by Google to reduce Gmail phishing emails
Since May 2021, Google has managed to reduce the amount of Gmail phishing emails by 99.6% thanks to continued efforts. “We’ve witnessed attackers migrating away from Gmail and toward other email providers (primarily email.cz, seznam.cz, post.cz, and aol.com). As a result of enhanced detection efforts,” the business noted.
The US Federal Bureau of Investigation (FBI) received The aforementioned results for further investigation.
A crypto price-tracking website named CoinMarketCap said to have exposed over 3.1 million (3,117,548) user email addresses.
Have I Been Pwned, a website dedicated to tracking internet hacks, discovered compromised email addresses being swapped and sold online on multiple hacker forums, according to a report.
CoinMarketCap admitted that the stolen data was part of their user base. But claims that no indication of a breach discovered on their internal servers.