Google’s Threat Analysis Group research: An ongoing phishing campaign against Youtube creators

Amanda Bullock / October 22,2021
Google’s Threat Analysis Group research: An ongoing phishing campaign against Youtube creators

 An ongoing phishing campaign against Youtube creatorsAccording to Google’s Threat Analysis Group (TAG), the recent attacks were attributed to a group of hackers recruited in a Russian-speaking forum, who sold hacked YouTube channels to the highest bidder.
Youtube channels hacked and rebranded for live-streaming crypto scams
There is currently an ongoing phishing campaign targeting YouTube creators, which often leads to compromise and sale of crypto scam broadcast channels. This group of hackers, after hijacking YouTube channels, will sell to the highest bidder or be used to spread cryptocurrency scams.
 An ongoing phishing campaign against Youtube creators
Example phishing email message
“A large number of hijacked channels were rebranded for cryptocurrency scam live-streaming. On account-trading markets, hijacked channels ranged from $3 USD to $4,000 USD depending on the number of subscribers”, the TAG stated.
YouTube accounts are said to have been hacked using cookie-stealing malware, a fake piece of software configured to run on victims’ computers undetected. TAG also reported that hackers have also changed the names, profile pictures, and content of YouTube channels to impersonate major tech or cryptocurrency exchange companies.
The attacker’s live stream promises crypto-currency in exchange for the initial donation. Google has invested in tools to detect and block phishing and social engineering emails, cookie theft, and crypto scam live streams as a countermeasure. With constant efforts, Google has reduced the number of phishing emails in Gmail by 99.6% since May 2021.
“With increased detection efforts, we’ve observed attackers shifting away from Gmail to other email providers (mostly,, and,” the company added.
Google has shared the above findings with the US Federal Bureau of Investigation (FBI) for further investigation. Recently, as AZCoin News reported, more than 3.1 million (3,117,548) users’ email addresses were leaked from CoinMarketCap. They acknowledge the correlation of the leaked data with their user base but maintain that it has found no evidence of a hack on their internal servers.
Despite the confirmation, CoinMarketCap has yet to identify the exact cause of the hack:
“As no passwords are included in the data we have seen, we believe that it is most likely d from another platform where users may have reused passwords across multiple sites.”
The information came into light after the hacked email addresses were found to be traded and sold online on various hacking forums, and revealed by Have I Been Pwned, a website dedicated to tracking hacks and compromised online accounts.
Read more:

  • 3.1M Email Addresses CoinMarketCap Were Reportedly Being Traded On Hacking Forums
  • DeFi Protocol On BSC PancakeHunny Was Attacked By A Flash Loan, HUNNY Price Plummeted By 50%

Join us on Telegram
Follow us on Twitter
Follow us on Facebook

  • Ethics ‘peer review’ era set in stone as Better Advice Bill passes
  • Romantic like might referred to as a faith of two, but really love pairs could be infected by triangles