YouTube Creators Hit in Account Hijacking Campaign

The victims, who post car reviews and other videos about the auto industry, were targeted in a seemingly coordinated campaign to steal account access.

Dark Reading Staff, Dark Reading

September 23, 2019

1 Min Read
Dark Reading logo in a gray background | Dark Reading

A "massive" series of account takeover attacks has for the past few days targeted YouTube creators, many of whom are influential members of the automotive and car review community.

The high-profile channels targeted include Built, Troy Sowers, MaxtChekVids, PURE Function, and Musafir. Creators in other industries were also targeted in the coordinated campaign, which manipulated account holders into visiting phishing sites to steal their login credentials.

According to a report from ZDNet, which investigated the attack, this is likely how the takeovers unfolded: Phishing emails lured targets onto fake Google login pages, which collected credentials attackers used to access Google accounts. The attackers then assigned popular YouTube channels to new owners and changed the channels' vanity URLs so the accounts appeared to be deleted.

Some victims were looped into group email chains including other creators in the same community; others received individual phishing messages. It seems the attackers were able to successfully bypass multifactor authentication in order to break into the accounts of some YouTube creators.

Read more details here.

Edgepromohorizontal.jpgCheck out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "'Playing Around' with Code Keeps Security, DevOps Skills Sharp."

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights