Bitdefender shines light on YouTube channel hijacking

Cybercriminals are hijacking YouTube channels and video streams to spread scam links to phishing or fraudulent websites, according to a new report from Bitdefender.

The report details a rapid increase in YouTube stream-jacking attacks aimed at either taking full control of a real channel or redirecting victims to a spoof channel that closely mimics the legitimate one.

According to the report, the top 10 hijacked YouTube accounts have nearly 37 million subscribers between them, with the maximum number of views of a hijacked account observed being more than 3.6 billion, and all 10 accounts having nearly 10.4 billion views.

Most hijacked channels use a variation of the Tesla logo or the official logo, and the video titles often include Tesla, Elon Musk or SpaceX.

One popular method of hijacking a YouTube account involves sending a fake email to the owner of the account, usually offering a collaboration opportunity or notice of copyright infringement, and encouraging the owner to download a malicious file.

The file then steals credential data from the victim’s computer, allowing the attacker to bypass account verification features including two-factor authentication.

Once an account is compromised, attackers use methods such as embedding malicious QR codes into video streams to target viewers.

The report concludes that it is important for YouTube users to scrutinise videos with clickbait titles and avoid clicking on links that sound too good to be true or scanning suspicious QR codes.

YouTube channel owners meanwhile need to ensure accounts are set up using a unique and strong password that should be changed every three months, enable additional layers of security including multi-factor authentication, and install security solutions to protect against phishing and malicious attacks.

Image credit: iStock.com/contrastaddict