Since at least In 2019, thieves have been stealing from the elite YouTube way. Sometimes they publish Cryptocurrency fraud, sometimes they only sell in the market to access the account. Now, Google has in detail The method that the hackers used was thousands of times YouTube Producers in the last few years.
Cryptocurrency frauds and their account fraud are not uncommon; no more looking than the last Twitter crash in the example of the chaos on the scale. But the relentless onslaught of YouTube accounts is clearly evident in its breadth and the methods used by hackers, the old-fashioned tricks that are very difficult to protect.
It all starts with phish. The attackers send YouTube producers an email that appears to be from a real source – such as a VPN, a photo editor, or a viral server – and is committed to integration. Provides standard promotional ideas: Show our products to viewers and we’ll pay you. It’s the kind of marketing that happens every day on YouTube media, companies that have a lot of paid shows.
Clicking on a link to download a product, however, takes the maker to a criminal site instead of doing the actual thing. Fraudsters sometimes emulate well-known features such as the Cisco VPN and Steam Games, or pretend to be the ones who focus on Covid-19. Google claims to have discovered more than 1,000 sites so far that it has been designed to deliver unsolicited YouTubers. And this only proves to a degree. The company also received 15,000 e-mails linked to the attackers. The revolutions do not seem to have been made of a single substance; Instead, according to Google, various burglars have announced activities to take account in Russian-speaking forums.
As soon as YouTuber unknowingly downloads malicious software, it activates its browser cookies. This “group chat” confirms that the user has logged into their account. A hacker can upload stolen cookies to a malicious server, making them more likely to be legitimate. Session cookies are very important for attackers because they eliminate the need to use each entry section. Who needs a license to enter Death Star Prison where you can rent a hurricane?
“Increased security measures such as two-factor authentication can pose a threat to attackers,” says Jason Polakis, a computer scientist at the University of Illinois, Chicago, who studies robberies. “This makes browsing cookies a very useful tool for them, as they avoid the monitoring and security that comes with access.”
Such “stay-and-cookie” methods have been around for over a decade, but they are still useful. In the campaigns, Google reported seeing hackers using almost every shelf and opening criminal devices to steal cookies from their devices. Many of these transit tools can also steal passwords.
“The theft of account threats remains extremely dangerous, because attackers can use corrupt accounts in a number of ways,” Polakis said. “Fighters can use fraudulent emails to spread fraudulent and competitive content, or they can use stolen cookies to withdraw money from the victim’s financial accounts.”