Google says it’s found over 1,000 domains to date that were purpose-built for infecting unwitting YouTubers. In some cases the hackers impersonated known quantities like Cisco VPN and Steam games, or pretended to be media outlets focused on Covid-19.
#NAMEBENCH GOOGLE APPERS HIJACKED DOWNLOAD#
It’s the kind of transaction that happens every day for YouTube’s luminaries, a bustling industry of influencer payouts.Ĭlicking the link to download the product, though, takes the creator to a malware landing site instead of the real deal. They propose a standard promotional arrangement: Show our product to your viewers and we’ll pay you a fee. Attackers send YouTube creators an email that appears to be from a real service-like a VPN, photo editing app, or antivirus offering-and offer to collaborate. But the sustained assault against YouTube accounts stands out both for its breadth and for the methods hackers used, an old maneuver that’s nonetheless incredibly tricky to defend against. Now, Google has detailed the technique that hackers-for-hire used to compromise thousands of YouTube creators in just the past couple of years.Ĭryptocurrency scams and account takeovers themselves aren’t a rarity look no further than last fall’s Twitter hack for an example of that chaos at scale. Sometimes they broadcast cryptocurrency scams, sometimes they simply auction off access to the account.
Since at least 2019, hackers have been hijacking high-profile YouTube channels.