Digital Forensic, Research and Analytics Center

Wednesday, June 29, 2022
spot_imgspot_imgspot_imgspot_img
HomeOnline FraudGoogle finally tackles phishing scams that targeted Youtubers all around the world

Google finally tackles phishing scams that targeted Youtubers all around the world

Published on

Subscribe us

Since 2019, Youtubers from all around the world were being targeted by phishing scams that made them lose control of their social media accounts. The accounts that were being hijacked were consequently being sold online for very minimal prices. 
Google has a Threat Analysis Group (TAG) which on October 20,2021 posted a report on the issue finally attributing these hacks to a Russian speaking group recruited on Russian language forums. That is not to say that everyone in the group was a Russian since it was not a geotagged forum.

The hackers usually targeted smaller Youtubers with below 100,000 followers so as to not draw too much attention to themselves. They approached the target as a sponsor of their videos and this could range from VPN providers, music gears, photo editors and many more. 

In order to avail the sponsorship, the sponsee usually has to download the app on their phone and show their experience to their viewers. In this case, the apps that were made to download on the Youtubers’ phones were laced with malwares. 

Malware used by the hackers are RedLine, Vidar, Predator The Thief, Nexus stealer, Azorult, Raccoon, Grand Stealer, Vikro Stealer, Masad, and Kantal, all sold on underground hacking forums. Open-source malware, available on GitHub, such as AdamantiumThief and Sorano, was also used in some attacks.

These malwares then collected all the user id logins and authentication cookies from the browser. The cookies are then used to access the Youtube account and soon after that all login ids and passwords are changed to lock the target out of their own accounts. 

Even two-factor authentications are bypassed like this which is extremely dangerous. For two years users have expressed their frustrations over this demanding more secure avenues for themselves. 

The servers discovered that were being used to carry out these scams has 15,000 fake email accounts and over 1,000 websites that hosted the malware. Google also discovered that over 4,000 people have lost their accounts to this group over the last 2 years. 

The accounts were not used for any grander purpose except to sell them off online for very little money. Some Youtubers even spotted their accounts being sold on websites. 

Accounts being sold on a website

Some of the accounts were used to peddle cryptocurrency schemes that looked very suspicious to begin with. Several handles sought to impersonate Elon Musk and Bill Gates amongst others to peddle the fake schemes. 

Even though accounts have been returned to their owners, Google has not been able to do the same for all of the accounts. However, having learnt all they could from these attacks, Google has updated some of its defensive systems and also added  the Safe Browsing system to its software as well. 

Popular of this week

Latest articles

Fact Check: A picture of an Algerian coin with Al-Aqsa and Jerusalem is ours written on it has gone viral. Know the reality

A picture is becoming fiercely viral on social media sites. On the basis of...

Fact Check: Did the Atlantic publish a racist headline on judge clearance Thomas?

An image circulating online shows a racist headline published by The Atlantic about Supreme...

Fact Check: Fake news of the death of comedian Surender Sharma has gone viral. Know the reality

A piece of news is going viral on the internet that Comedian Surender Sharma...

BJP MP’s statement- Gandhi Ji got Subhash Chandra Bose assassinated!, know- what is the fact?

A video of BJP MP Narendra Kumar Khichad from Jhunjhunu, Rajasthan is going viral...

all time popular

More like this

Fact Check: A picture of an Algerian coin with Al-Aqsa and Jerusalem is ours written on it has gone viral. Know the reality

A picture is becoming fiercely viral on social media sites. On the basis of...

Fact Check: Did the Atlantic publish a racist headline on judge clearance Thomas?

An image circulating online shows a racist headline published by The Atlantic about Supreme...

Fact Check: Fake news of the death of comedian Surender Sharma has gone viral. Know the reality

A piece of news is going viral on the internet that Comedian Surender Sharma...

BJP MP’s statement- Gandhi Ji got Subhash Chandra Bose assassinated!, know- what is the fact?

A video of BJP MP Narendra Kumar Khichad from Jhunjhunu, Rajasthan is going viral...

Was Eknath Shinde drunk while talking to the media? Read, Fact-Check

A video is going viral on social media. Users are claiming through this video...

Fact Check: Was a Terrorist caught at the Faridabad Metro Station?

A video is going viral on social media with the claim that a terrorist...