Security News > 2022 > June > New YTStealer malware steals accounts from YouTube Creators
A new information-stealing malware named YTStealer is targeting YouTube content creators and attempting to steal their authentication tokens and hijack their channels.
Since the YTStealer malware targets YouTube creators, most of its distribution uses lures impersonating software that edits videos or acts as content for new videos.
If the infected machine is deemed a valid target, the malware scrutinizes the browser SQL database files to locate YouTube authentication tokens.
YTStealer is fully automated and doesn't discriminate between small or large YouTube accounts, stealing all of them and letting its operators evaluate their catch later.
This is particularly dangerous for YouTube content creators because even if their accounts are secure with multi-factor authentication, the authentication tokens will bypass MFA and allow the threat actors to log into their accounts.
It is suggested that YouTube creators log out of their accounts periodically to invalidate all authentication tokens that may have previously been created or stolen.