Los Cybercriminals realized that the theft of YouTube accounts THE allows you to more easily expand your malicious campaignsso this has become a common practice and it is necessary for both content creators and users of the video platform to be alert.
Camilo Gutiérrez, head of the Research Laboratory of Eset Latin Americaexplained that the main attack vector of hackers is phishing emails.
This means that send an email to the potential victimusually posing as a brand looking to sponsor or help promote their account.
WE RECOMMEND YOU: Cybercriminals shorten URLs to disguise ‘malware’; how to protect yourself?
In said email they attach a supposed file in DropBox with, supposedly, the detail of the commercial proposal, however, This file actually contains malicious code of the infostealer type.
This is a type of Trojan that when infecting a computer can steal confidential information of this, particularly usernames and passwords of different accounts and sometimes it can also steal cryptocurrency wallets.
If the victim downloads it, it allows the attacker to obtain the target account’s login credentials, including up to two-factor authentication.
Once they have access to the YouTube account the used to spread more malicious code. For example, they often choose video game content creators among their victims because some tend to promote pirated or cracked video games.
According to Anaya, in these cases they publish links in the descriptions of the videos that actually take the victims to sites that distribute more infostealer malicious code.
Eset detected last year a case in which a person downloaded a crack for a popular editing program from YouTube and became infected with a infostealer who accessed their Instagram, Facebook, Twitter, Hotmail, Twitch y Steam.
The complex thing about this situation is that this type of malicious programs remain hidden on the infected computer in search of all types of passwords and banking information stored in the browser, but they also have the potential to perform other actions on the computer, such as capturing screen,” the expert warned.
RECOMMENDATIONS FOR VICTIMS OF YOUTUBE ACCOUNT THEFT
In a company blog, he recommended victims of account theft YouTube perform the following steps. The first thing is to be able to access the account Google associated with the channel YouTubeupdate the password and activate two-factor authentication.
Subsequently, revert any unwanted changes that the malicious actor may have made to the YouTube channel in order to avoid violations of copyright or Community Guidelines.
In cases where the channel has been closed after the hack, once the Google account has been recovered, you can appeal the closure of a channel.
Without forgetting that the people who belong to the YouTube Partner Program They have access to a support team especially dedicated to creators.
Given these issues, specialists have pointed out that it is need to protect more from cybercrime.
CHECK THE BREAKING NEWS HERE
*sort of
#seek #steal #YouTube #account #malicious #code
2024-06-22 08:47:39