Connect with us

Hi, what are you looking for?

Tech & Science

Russian-speaking hackers hijack YouTube channels via phishing campaign

A phishing campaign tied to Russian hackers was able to use “cookie theft malware” to hijack an undisclosed.

Google-owned YouTube. — © AFP
Google-owned YouTube. — © AFP

An email phishing campaign tied to Russian-speaking hackers has been targeting YouTube users. For the protection of consumers, the campaign has been disrupted during the last week of October 2021. This is another example of the phishing tactics being used by rogue elements, designed to fool users of online services.

However, the stopping of the hacking activity has only come after the hackers had used “cookie theft malware” to compromise YouTube accounts and hijack the channels, sell them or use them for broadcasting cryptocurrency scams.

Looking into this nefarious activity is Josh Rickard, Security Solutions Architect at Swimlane.

Rickard starts off his analysis by looking at the nature of the cybersecurity threat: “Phishing attacks are one of the most common forms of cyberattacks leveraged by cybercriminals. It has become all too easy for malevolent actors to create seemingly legitimate email campaigns to trick well-intended employees into providing access to the attacker—and they are highly effective, with 74 percent of attacks in the United States being successful.”

Such tactics are delivering results for many criminal entities, as Rickard finds: “Today, we see the most recent example of how devastating these seemingly simple yet highly effective campaigns can be. In this case, a phishing campaign tied to Russian hackers was able to use “cookie theft malware” to hijack an undisclosed number of YouTube accounts, ultimately selling them for up to $4,000 per channel or using them to broadcast cryptocurrency scams.”

Yet all is not bleak. Rickard says that “while phishing campaigns continue to be ever-commonplace”, there are new protocols in place that can challenge the cyber-threat.

Rickard discusses “evolutions in cybersecurity” which “are making the tools to combat these attacks equally accessible.”

Asa example, Rickard notes: “Security orchestration, automation and response platforms must be implemented in order for organizations to be able to recognize and respond to phishing attempts. Systemwide security automation that centralizes detection, response and investigation efforts into a single platform allows for phishing threat recognition and reaction in real-time, drastically decreasing the chances of hacked or stolen information via malicious campaigns.”

In addition the security expert cites: “Low code security automation makes security implementation increasingly accessible, enabling more teams to help stop phishing campaign attacks in their tracks. With versatile cybersecurity platforms such as these, dangerous threats are kept at bay and valuable data remains protected and in the right hands.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Tech & Science

We were surprised to find that different gut microbes spread through social contacts and shared environments.

Tech & Science

Artificial intelligence built on mountains of potentially biased information has created a real risk of automating discrimination.

Tech & Science

GenZ does not see home ownership as a priority, or even an attainable goal, as previous generations did.


For a decade, French former childcare worker Sophie Rollet carried out her own, lonely investigation to make Goodyear accountable.