A massive wave of account hijackings has affected YouTube creators and users, with a specific focus seemingly being placed on automotive content creators, ZDNet reports.
The hacks are due to a phishing scam that appears to be a coordinated, wide-reaching campaign by numerous hackers to attain as many login details as possible.
YouTube creator Life of Palos said that around 100,000 YouTube content creators in the car community claim to have received these emails.
One channel owner, who managed to regain access to their account, explained to ZDNet how the entire process appears to take place:
- Hackers send phishing emails that redirect targets to fake Google login pages.
- Hackers collect these users’ account credentials and access the victims’ Google accounts.
- Hackers reassign their channels to different owners.
- Hackers change the channel’s vanity URL – which makes it appear that the original channel has been deleted.
While some users have said that the emails they received were sent directly to them, others said their emails had been sent to a list of YouTube creators who usually operated in the same niche.
Even users who have two-factor authentication enabled appear to be at risk.
Life of Palos believes that this is because the malicious parties may be using Modlishka, which is a phishing toolkit which can intercept two-factor authentication SMS codes.