Coordinated Attack Targets and Hijacks High Profile YouTube Accounts
High-profile accounts from the YouTube creators car community have been hacked and hijacked in what appears to be a coordinated attack, with one YouTube car enthusiast claiming that around 100,000 users were targeted.
ZDNet reports that those affected received a phishing email that sent them to a fake Google login page, which collected the users' account details. With this information, the hackers broke into the users' Google account and re-assigned the channel to a new owner/s, who then changed the channel's vanity URL, so the original user (and their followers) thought the account had been deleted.
The owner of one YouTube channel even had a two-factor authentication on his account, prompting speculation that hackers used a reverse proxy-based phishing toolkit.
One hacker, who is active on a forum known for trafficking hacked accounts, said the hacked accounts have all the signs of being 'regular business': "These campaigns targeting car accounts are something normal. Someone got their hands on an email list with addresses from a specific sector. My money is on someone hacking into one of those social media influencer databases."
The hacker suggested keep a watch on OGUsers and the Russian forums: "These accounts need to be dumped really quick before YouTube gives them back to their original owners. You need to sell hacked accounts real quick before they become worthless."
. . .
If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.