YouTube Hack Attack Warning—What 2.5 Billion Users Need To Know

With 2.5 billion users worldwide, Google’s YouTube is undoubtedly the most popular video platform on the planet. And not just with legitimate users. I recently reported how hackers were going after YouTube creator accounts as part of an ongoing credential-stealing attack. Now, according to newly published security research, it appears that the threat has evolved with attackers using YouTube to distribute fake installers by way of trusted hosting services that stealthily evade detection and ultimately steal sensitive browser data, including user credentials. Here’s what you need to know.

While the problem of YouTube accounts being targeted by attackers is not a new one, and YouTube itself has even introduced a new AI bot to help impacted account holders get their access back, this latest research comes with a far more dangerous warning: all 2.5 billion YouTube users are at risk.

In the Jan. 10 report, Trend Micro incident response analyst Ryan Maglaque, threats analyst Jay Nebre, and associate security analyst Allixon Kristoffer Francisco, revealed how attackers are using YouTube and other social media platforms as part of their campaigns that are spreading download links for fake software installers by leveraging the trust users have in such sites in order to drive the clicks that end up with credential-stealing malware installed on their devices. Those links, for pirated movies or cracked software, are the key to these hack attacks.

“Victims are lured into piracy by individuals posing as guides on popular video-sharing platforms like YouTube,” the analysts explained, “these deceitful actors create a pretense of offering legitimate software installation tutorials to entice viewers to click on malicious links in the video descriptions or comments.”

Read the Full Story Here

Source: Forbes