Hackers take over popular channels with just an email address

In recent months, YouTube channel theft has erupted. Often, hackers try to turn popular channels into channels for promoting cryptocurrencies. Users are tempted to invest in Bitcoin or another digital currency through a fraudulent location. In most cases, hackers only need one email to gain control. Descriptions.

You may have heard of the misguided adventures of Micho, a French YouTuber with over 7 million subscribers. To his surprise, he noticed it on April 11, 2022 His channel has been deleted Through the site to promote cryptocurrencies and guarantee dubious returns on investments.

Of course, it was a hack and the videographer quickly restored the joy of his channel. Unfortunately, Youtubeur alone is not the victim of this type of fraud. For months now, YouTubers and steamers (the most popular or the most modest) have been constantly targeted by hackers, and it is not uncommon for hundreds of stolen accounts to come up for sale on the Dark Web. The goal is the same every time: to capture passwords, change name and banners to access the videographer’s YouTube account, and Use follower numbers to learn about fake crypto investments.

Also read: Bitcoin – No, Elon Musk did not give you money, this is another scam

Request and email for sponzo content is sufficient

As for the operating system, it’s very simple: hackers pretend A brand that wants to work with YouTuber / Streamer Create sponsored content. Typically, these are Android or iOS apps. After some exchanges by email, the videographer receives a PDF file, which contains a link to download the application in question. Obviously, this URL houses Malware capable of retrieving passwords and identifiers stored in the victim’s browser.

Marc Nebout, a computer security researcher on behalf of Sekoia, analyzed some of the URLs that were sent to our colleagues on the site to the affected YouTubers. Numeroma. He specifically explains that both sites are registered under the PW (Professional Web) domain name, that the download link is actually hosted on the disc, and that the victim only sees a copy of the page on the screen.

Once the download is complete, the videographer will receive a ZIP file that can only be accessed by password. Password given by hacker in PDF file. This is where the malware hides. Thanks for this protection, Avoids malware detection by cyber surveillance tools. To protect against this type of attack, the expert advises the proper use of two-factor authentication. But this is not enough because some hackers have already managed to avoid dual authentication to control YouTube channels.