Researchers at external threat intelligence company IntSights have observed that stolen credentials from top YouTube accounts are increasingly being sold on online black markets and dark web forums. YouTube channels have been seen as useful by cybercriminals who use them to expose new audiences to a wide range of fraudulent activities, including scams and malware. However, YouTube accounts from compromised computers or credential journals can generate even more money for cybercriminals when sold online. Although less popular channels are not as lucrative as those with more subscribers, content creators depend on them for their revenue and may be willing to pay an attacker to retrieve their content and access their channels. In order to gauge the interest of cybercriminals in stolen YouTube accounts, a hacking forum recently decided to conduct a survey and the results show that 80% of its members would consider purchasing these stolen credentials.
online auctions
Just as ransomware groups have started stealing stolen data at auction, so have cybercriminals who have acquired YouTube account credentials. In its blog post on the subject, IntSights showed an example where a seller auctioned off 687 YouTube accounts at a starting price of €400 with a Blitz price of €5,000, if someone wanted to buy the accounts outright. The auction was also scheduled to end 24 hours after the last auction, presumably because the seller wanted to sell the stolen credentials quickly before the victims could contact Google Support and explain the situation. While attackers have many ways to attack YouTube channel owners, it appears that recent accounts for sale have come from databases containing Google credentials, as well as from computers infected with malware. . IntSights recommends that all YouTubers protect their accounts by enabling two-factor authentication (2FA), as this makes it harder for cybercriminals to take control of them in the first place. Via BleepingComputer