Russian-Speaking Hackers Hijack YouTube Channels for Crypto Scam via Phishing Campaign

An email phishing campaign tied to Russian-speaking hackers that has been targeting YouTube users has been disrupted this week after the hackers had used “cookie theft malware” to compromise YouTube accounts and hijack the channels, sell them or use them for broadcasting cryptocurrency scams. The campaign, according to Google, had been targeted users since 2019.


Josh Rickard, Security Solutions Architect at Swimlane weighed in on the incident:


"Phishing attacks are one of the most common forms of cyberattacks leveraged by cybercriminals. It has become all too easy for malevolent actors to create seemingly legitimate email campaigns to trick well-intended employees into providing access to the attacker—and they are highly effective, with 74% of attacks in the United States being successful. Today, we see the most recent example of how devastating these seemingly simple yet highly effective campaigns can be. In this case, a phishing campaign tied to Russian hackers was able to use “cookie theft malware” to hijack an undisclosed number of YouTube accounts, ultimately selling them for up to $4,000 per channel or using them to broadcast cryptocurrency scams.

But while phishing campaigns continue to be ever-commonplace, evolutions in cybersecurity are making the tools to combat these attacks equally accessible. Security orchestration, automation and response platforms must be implemented in order for organizations to be able to recognize and respond to phishing attempts. Systemwide security automation that centralizes detection, response and investigation efforts into a single platform allows for phishing threat recognition and reaction in real-time, drastically decreasing the chances of hacked or stolen information via malicious campaigns. Low code security automation makes security implementation increasingly accessible, enabling more teams to help stop phishing campaign attacks in their tracks. With versatile cybersecurity platforms such as these, dangerous threats are kept at bay and valuable data remains protected and in the right hands."

###