The attacks involved sending channel owners a malicious link under the ruse of video advertisement collaborations for anti-virus software, VPN clients, music players, photo editing apps, or online games that, when clicked, redirected the recipient to a malware landing site, some of which impersonated legitimate software sites, such as Luminar and Cisco VPN, or masqueraded as media outlets focused on COVID-19. Other channels, in contrast, were rebranded for cryptocurrency scams in which the adversary live-streamed videos promising cryptocurrency giveaways in return for an initial contribution, but not before altering the channel's name, profile picture, and content to spoof large tech or cryptocurrency exchange firms. Since May, the internet giant noted it has blocked 1.6 million messages and restored nearly 4,000 YouTube influencer accounts affected by the social engineering campaign, with some of the hijacked channels selling for anywhere between $3 to $4,000 on account-trading markets depending on the subscriber count. "While the technique has been around for decades, its resurgence as a top security risk could be due to a wider adoption of multi-factor authentication (MFA) making it difficult to conduct abuse, and shifting attacker focus to social engineering tactics." "Cookie Theft, also known as 'pass-the-cookie attack,' is a session hijacking technique that enables access to user accounts with session cookies stored in the browser," TAG's Ashley Shen said.
0 kommentar(er)
