Cybersecurity experts are warning about growing demand for stolen YouTube login credentials on Dark web forums. Etay Maor, CSO at IntSights, explained that in recent weeks his team has noticed an uptick in demand for stolen credentials for prominent “Influencer” accounts on the global video site.
YouTube has been growing exponentially since the company started in 2005, known as the main platform to post and share your videos the world over; the site where many of us have had late nights surfing interesting videos. YouTube started out as place to show off your skateboard skills but has transformed into a commercial juggernaut. People make money as “influencers”. The highest paid YouTuber makes $26 Million each year and he’s only 8 years old. Ryan Kaji has been reviewing toys on YouTube for a while, racking up millions of views and gobs of cash.
YouTube gives anyone the opportunity to share their videos and make a name for themselves, regardless of what they are doing. High profile accounts, making millions of dollars, are “high value” to hackers, according to Maor. But why?
There are a couple malicious actions a hacker can take once they have access to a lucrative YouTube account.
Hackers can use the account to spread malware to the millions of subscribers to a popular YouTube “influencer”. Hackers need eyeballs to socially engineer. Influences have hundreds of thousands of eyeballs devoted to their channels, trusting the recommendations from the Influencer. Hackers exploit both the eyeballs and the trust to implant malware into videos or links to malicious websites tied to fake recommendations that are posted to the channel. In these cases, malware is spread by hackers exploiting the trust of subscribers to click on malicious links or install recommended products that are actually malware. Once inside your systems the hacker can lock up your devices with ransomware or use the intrusion to gain sensitive information about the viewers of the videos. But there are other reasons for this up-tick in YouTube Credential theft.
Option 2: Ransom Back Access to the Influencer’s Accounts
When a hackers takes control of an “Influencer” account, that revenue stream is instantly lost to the Influencer. Secondly, they can lose brand loyalty and viewers if the hacker begins to abuse the account by posting inappropriate material. Both place urgency to recover access to the account of the Influencer before too much damage is done and revenue is lost. This makes it easier for hacker to extort a large bitcoin ransom payment to return access of the account to the Influencer.
The prevention of the sale of these accounts on the Dark Web is not something that you can do directly, but there are some solutions. The first thing that users should be thinking about is their account security. Users should be asking themselves three questions all relating to authentication and access control.
The very best “silver bullet” for protecting any online account is enabling two-factor authentication. This is true for YouTube Account take-overs especially. A quick refresher on Two-Factor Authentication. Two factor authentication is the use of two of the following three identification factors:
Using two of these three factors is simply the best way to protect your accounts. Hackers know that most people don’t set up 2FA into their account as it can delay logging in by a few seconds. As a result hackers steal or buy login credentials and take over Influencer accounts to extort bitcoin payment. With two-factor authentication enabled on YouTube accounts (all critical accounts should have 2DA), it takes more than your username and password to gain access.
You mentioned all critical accounts should have Two-factor setup. What if I have an account that doesn’t support 2FA? What should I do then?
One action all cybersecurity professionals recommend doing is learning how to use a Password Manager. They install right into your web browser and are easy and free for personal use. A Password Manager enables you, over time, to set and use unique passwords on all your favorite websites. This protects you from a YouTube account compromise (or any account for that matter) when and if a hacker acquires your favorite password from another websites breach or the Dark Web. There are more than 10 BILLION publicly known exposed accounts publicly available on the Dark Web. That is also just the tip of the iceberg as security experts estimate 10 to 50 times as many exposed accounts on closed hacker forums on the Dark Web.
Password Managers fight user password fatigue so you don’t have to remember multiple different passwords for your accounts. They store your passwords securely inside an encrypted vault in your web browser plug-in an insert them into legitimate websites when you visit them (but ignore phishing websites trying to steal your credentials). Password Managers create complex and unique passwords for you that are perfect to help keep hackers away from your information.
Anyone that has dozens to hundreds of online accounts should check to see if any of their accounts have been exposed to hackers. CyberHoot provides a Dark Web Search service on its homepage and for all users of the service that gives a full report of when, where, and what was exposed from you and may be for sale on the Dark Web. If you aren’t a CyberHoot user, head to www.CyberHoot.com and scroll down our homepage to find the Dark Web Search and see if any of your accounts have been breached. If any of your accounts have been breached, we highly recommend changing your passwords to a unique, complex, 14+ character password, store it in a password manager, in order to keep one step ahead of the hackers.
CyberHoot can train your employees on cybersecurity awareness with our large training library of over 200 videos. CyberHoot has phish testing too. This allows companies to test their staff and view which employees may need additional training. CyberHoot has Dark Web reporting to notify you whenever your accounts have been exposed on the Dark Web.
Sign up with CyberHoot today to have your employees being more aware and more secure.
Sources:
Dark Web Demand Surges For YouTube Accounts
Hackers Selling Stolen YouTube Credentials on Dark Web
8-year-old boy Making $26 Million a Year on YouTube Reviewing Toys
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
CyberHoot June Newsletter: Stay Informed, Stay Secure Welcome to the June edition of CyberHoot’s newsletter,...
Read more
Stop tricking employees. Start training them. Take Control of Your Security Awareness Training with a Platform...
Read more
A recent discovery by cybersecurity firm Oligo Security has unveiled a series of critical vulnerabilities in...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.
