Security News

The YouTube takeover replaced the legit account with regalia that faked that used by an investment management firm and filled with more crypto boosterism, namely a video that cut an old chat between Elon Musk and Twitter founder Jack Dorsey into a new and misleading narrative. We are aware of a breach of the Army's Twitter and YouTube accounts and an investigation is underway.

Cybersecurity researchers have documented a new information-stealing malware that targets YouTube content creators by plundering their authentication cookies. "What sets YTStealer aside from other stealers sold on the dark web market is that it is solely focused on harvesting credentials for one single service instead of grabbing everything it can get ahold of," security researcher Joakim Kenndy said in a report shared with The Hacker News.

A new information-stealing malware named YTStealer is targeting YouTube content creators and attempting to steal their authentication tokens and hijack their channels. Since the YTStealer malware targets YouTube creators, most of its distribution uses lures impersonating software that edits videos or acts as content for new videos.

YouTube has blocked the campaign account of Hong Kong's only candidate for the Special Administrative Region's head of government, John Lee Ka-chiu, citing US sanctions. Lee, often referred to as "Pikachu" by the Hong Kong anti-establishment faction as it sounds similar to "Lee Ka-chiu," stepped down from his position as Secretary for Security in Hong Kong to run for the chief executive spot.

Korean security analysts have spotted a malware distribution campaign that uses Valorant cheat lures on YouTube to trick players into downloading RedLine, a powerful information stealer. The campaign spotted by ASEC targets the gaming community of Valorant, a free first-person shooter for Windows, offering a link to download an auto-aiming bot on the video description.

Scammers are taking full advantage of the launch of Google's new TikTok competitor, YouTube Shorts, which has turned out to be an awesome tool for feeding billions of engaged viewers stolen content. Narang analyzed 50 different YouTube channels and found as of December, they had racked up 3.2 billion views across at least 38,293 videos stolen from TikTok creators.

The US Attorney's Office of Arizona on Wednesday announced the indictment of two men on charges that they defrauded musicians and associated companies by claiming more than $20m in royalty payments for songs played on YouTube. "In short, Batista and Teran, as individuals and through various entities that they operate and control, fraudulently claimed to have the legal rights to monetize a music library of more than 50,000 songs," the indictment [PDF] alleges.

Widespread malware campaigns are creating YouTube videos to distribute password-stealing trojans to unsuspecting viewers. Password stealing trojans are malware that quietly runs on a computer while stealing passwords, screenshots of active windows, cookies, credit cards stored in browsers, FTP credentials, and arbitrary files decided by the threat actors.

Since at least late 2019, a network of hackers-for-hire have been hijacking the channels of YouTube creators, luring them with bogus collaboration opportunities to broadcast cryptocurrency scams or sell the accounts to the highest bidder. "Cookie Theft, also known as 'pass-the-cookie attack,' is a session hijacking technique that enables access to user accounts with session cookies stored in the browser," TAG's Ashley Shen said.

Google has caught and brushed off a bunch of cookie-stealing YouTube channel hijackers who were running cryptocurrency scams on the ripped-off channels. The cookie-stealing, cryptocurrency-scam running channel hijackers are still out there, but they've shifted from Gmail to other email providers: "mostly email.