Attackers massively steal popular YouTube car channels

Over the past few days, YouTube channel owners became victims of cyberattacks on a massive scale, with the most attention to car reviews and auto tuning channels. Attackers massively stole automobile channels.

In addition to the automotive community, creators of video content in other areas were also subjected to cyberattacks. The peak of attacks came last weekend. Everything indicates that all incidents are interconnected and are part of one large-scale campaign.

“The attackers somehow managed to bypass two-factor authentication. Cybercriminals could use the Modlishka tool, which is a reverse proxy and is capable in particular of intercepting SMS messages with verification codes. However, there is no direct evidence of using Modlishka yet”, – say authors of the popular Life of Palos channel.

The video on the Life of Palos channel below reports on a cybercrime campaign (from 1:50).

Potential victims received letters with links to phishing sites where they were stolen credentials.

As one of the affected users who managed to regain access to their YouTube account told ZDNet reporters, the attackers directed him to a fake Google authorization page, tricked out credentials and logged into his account with their help. Then they linked his YouTube channel to the new owner and changed the semantic URL, so that for new owner and his subscribers everything looked like the account was deleted.

Read also: Tortoiseshell cybercrime attacks Saudi IT companies

As Askamani, a hacker who sells hacked accounts, told ZDNet, the recent campaign is like a “regular business.”

“Campaigns aimed at owners of automobile channels are a common thing. Someone put his hand on the lists of email addresses of users interested in certain topics. […] You can spam any random people, but you won’t be able to access accounts with a large number of subscribers. If, as you said, there is a surge in complaints, then someone has got a real excellent database and is now trying to make money on it”, – Askamani explained.