Cybersecurity researchers have unearthed a new trend that sees a growing interest from black markets and cybercrime forums. The emerging trend highlights how a significant number of stolen credentials for prominent YouTube accounts are up for grabs on Dark Web.
Stolen YouTube credentials are now in demand
Researchers at a cyber intelligence firm IntSignts continue to observe an influx of demand for email addresses and passwords associated with prominent YouTube accounts.
The reason behind the sudden increase in demand for YouTube credentials on Dark Web is likely linked to growing Internet consumption, particularly streaming services over the last few weeks. Lest we forget, the need for Internet services has skyrocketed during quarantine like never before.
In its blog post, IntSights wrote:
“It should come as no surprise that global reliance on the internet has skyrocketed during quarantine, with surges in internet usage and streaming services in particular.”
Combined with malware campaigns that increase the number of infected devices, YouTube credential theft could become even more challenging. Underground cybercriminals offer this as a service for money.
Cybercriminals don’t seem to target YouTube directly. Instead, they steal credentials associated with compromised computers and use them as additional service offerings to gain both wattage and credibility.
“While smaller channels may not be as lucrative as larger ones, YouTubers rely on them as revenue streams and might be willing to pay money to attackers to get their content and access to their channels back.”
One poll also found out that cybercriminals are interested in stolen YouTube accounts.
As the famous saying goes “where there is demand, there will be supply,” researchers have also noticed an increasing number of stolen YouTube channel credentials up for sale while costs usually differ depending on several factors such as reach, subscribers’ count, etc.
Well, the chances of attackers selling these accounts decline after the respective owners reach out to Google support. As a result, hackers generally try to close the deal as quickly as possible.
Hackers rely on a variety of techniques to target YouTube channels. For example, phishing. In the past, attackers tried to bypass Google’s two-step verification (one-time password), which according to researchers is far from being secure.