2 min read

YouTubers Targeted with Phishing, Info-Stealing Malware

Filip TRUȚĂ

September 21, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
YouTubers Targeted with Phishing, Info-Stealing Malware

Content creators are becoming a hot target for hackers. Some attackers are simply seeking revenge and others seek to cause harm for bragging rights. Some, though, go the extra mile, using information-stealing malware to maybe even profit off their deed.

The latest such story comes from security researcher and content creator John Hammond. In a recent video, he shows how hackers tried to phish his credentials and other sensitive data via a fake copyright notice impersonating YouTube support – an increasingly common tactic among threat actors.

‘Your channel will be blocked’

“Today I got a notification on my phone that YouTube had sent me a copyright report, claiming one of my videos violated copyright and my channel was going to receive a strike,” Hammond tweeted. “Except, my video didn't violate copyright. And YouTube didn't really send me a copyright report.”

In his video (embedded below), the YouTuber reveals an intricate “charade” was at play. The threat actors constructed their malware delivery mechanisms with pinpoint precision, using various tricks to evade detection while disguising the payload as an innocent word document.

While the initial communication had telltale signs of a scam, it’s worth noting that a fake copyright notice like this one can dupe even an experienced pair of eyes, as was the case with scam-baiter Jim Browning who got tricked by vengeful hackers into deleting his own YouTube channel.

The reason it works – as many YouTubers will tell you – is that content creators are alarmed at the thought of having their content pulled down or demonetized, or their channel removed altogether.

“As others have pointed out, this is an example of Redline Stealer malware,” Hammond said in another tweet. “This is EXTREMELY COMMON for creators, used with ploys and deceptions to try and retrieve credentials and access. The threat to have a channel suspended can be terrifying for most and often seals the deal.”

RedLine stealer activity on the rise

RedLine is a malware-for-sale on the underground web designed to help threat actors steal login credentials, browser data, credit card information, and even cryptocurrency. Once the social engineering wheels are in motion, it only takes victims a couple of clicks to unknowingly surrender their precious data.

Bitdefender can confirm that such attacks are increasingly common. Our telemetry indicates a considerable rise in info stealer activity since 2020, with RedLine leading the pack in most targeted attacks. Bitdefender is on track to release a detailed version of these findings soon.

Hats off to Hammond for sharing his story in this pertinent, well-balanced narrative that should appeal even to non-savvy audiences. If you’re a content creator, pay close attention to all the red flags the researcher highlights. Enjoy!

Video: https://www.youtube.com/watch?v=y1WgyR4c-4A

tags


Author



Right now

Top posts

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Authorities Dismantle iSpoof Criminal Phone Spoofing Operation, Arresting 142 Authorities Dismantle iSpoof Criminal Phone Spoofing Operation, Arresting 142
Vlad CONSTANTINESCU

November 25, 2022

1 min read
975 Arrested by Interpol Over Phishing, Romance Scams, Sextortion and Investment Fraud 975 Arrested by Interpol Over Phishing, Romance Scams, Sextortion and Investment Fraud
Filip TRUȚĂ

November 25, 2022

2 min read
How SIM Swapping Attacks Work and How to Protect Yourself How SIM Swapping Attacks Work and How to Protect Yourself
Filip TRUȚĂ

November 25, 2022

3 min read