Cryptocurrency News

YouTube Creators Threatened by Cookie Theft Malware

YouTubers are the biggest victims of the Cookie theft malware. The people behind it try to attract potential targets by luring them with fake collaboration opportunities and eventually hijack the target’s channel. Later, they sell the channel to the highest bidder or use it for cryptocurrency scams. 

Google collaborated with Gmail, CyberCrime Investigation group, Trust and Safety, and Safe Browsing teams to decrease the phishing emails on Gmail by 99% in May 2021. With this increased protection, the attackers shifted the routine from Gmail to other email service providers. Cookie theft involves a technique through which access to the user’s account is enabled through session cookies stored in the browser. 

Many YouTube creators mention email addresses on their channels for future business opportunities. Attackers get the email address from the target channel and send a forged business mail to existing companies, where they request the owner of the target channel for video collaboration. Later, they introduce fake products or services of the company to the target. When the target channel agrees to a collaboration, a malware page containing the malicious link, disguised in the form of software is sent to the target via email or PDF on Google Drive. 

The attackers create fake domains in the name of existing companies and build multiple websites for their malware. One thousand one hundred fake domains have been identified solely created for this particular purpose. Many of these are completely impersonated software sites like Cisco VPN, games on Steam, Luminar, and others. Attackers tend to use Google, Telegram, Whatsapp, or even Discord. 

When the target runs the software, the executed malware steals cookies from the victim’s browser. It then uploads the stolen cookies to one’s control servers. The malicious file is difficult to detect when the target executes it as it falls on the side of security notifications for the user of any kind of compromise happening. Some of the most used malware are Vidar, RedLine, Raccoon, Grand Stealer, Masad, or Kantal. This malware is capable of stealing the user’s password and cookies from the browser. 

Owing to the above reasons, YouTube made the channel transfer protocols more stringent. It can auto recover about 99% of the hijacked channels. Service providers can now notify users proactively when a potential sensitive action from a third party is discovered.

Tony Todd

Tony Todd is a journalist of the Latest Bitcoin News team, and he is a strong believer of blockchain technology. He curates contents on the latest happenings of the blockchain world and fintech industry. In his free time, he loves to explore new places and connect with influential people of crypto space.

Recent Posts

How to determine if a company is using blockchain technology correctly?

In today’s Digital era, every company needs to effectively utilize blockchain technology. This latest technology,…

9 months ago

Possible ways to utilize Bitcoin for entertainment and rewards

Digital assets, often known as cryptocurrency, have completely changed the financial industry. They have also…

10 months ago

What Is The Future Of A Crypto Career?

Building a career in the crypto industry appears realistic and optimistic, as there is a…

2 years ago

Navigating regulatory challenges in the Nigerian cryptocurrency market

Introduction The CBN has moved to develop a regulatory framework for cryptocurrencies. In June 2019,…

2 years ago

The Role of Crypto Exchanges in UAE’s Strategy to Attract Tech Talent

Introduction  The UAE has become an attractive destination because of its liberal visa policies. It…

2 years ago

Investing in Singapore’s crypto exchanges: opportunities and risks

Introduction  As a global financial hub, Singapore has seen tremendous growth in the cryptocurrency market,…

2 years ago