Malwares are one thing which are a threat to the tech world. Over the years, the world of technology has faced several different malware threats, each of which is unique in its own way, is powered by a single or a group on individual who try to steal your information and accounts for their own benefit. Something like this happened with YouTube recently as well.
Since 2019, YouTube has been at a threat of a phishing malware, called ‘Cookie Threat’, or pass the cookie. The hijacker through this trend can access user information and emails, through restored cookies in the browser and hence the name. The technique however, isn’t new, it has been around for decades, but only now since 2019 when such a malware attack became quite common did it extent of harm was originally revealed. The reason for it being so common now is the adoption of multi-factor authentication (MFA) which has shifted the hackers focus on the engineer tactics rather than online abuse.
According to YouTube/Google, the hijackers behind this new malware appears to be from a Russian forum, who attack big creators on YouTube with massive subscription numbers. They approach them as a company who is willing to collaborate, for their products or features. On many occasions the collaboration has been notified to be for online games, VPN, music players etc. They also promise a good collaboration fee.
Creators receive the collaboration requests through emails. Many YouTubers have provided business emails on their channels for the purpose of collaboration and hence when the hijackers approach them and the deal is said to be done, they send in a URL or PDF drive. In most cases, Google Docs have also been provided. Opening of the sent link, Doc or PDF, leads to the creator losing access to the channel and it being sent to the hijacker’s way.
However, Google is taking the necessary means in order to prevent such happenings. Google, in collaboration with YouTube, Gmail, Trust & Safety and Safe Browsing teams has started out filtering such phishing emails and up until May 2021 has managed to clear out 99.6% of the email related to phishing.
The threat however, still lingers, because while one malware can be controlled at some extent, there are others waiting to attack. While Google is taking smart steps to limit the malware attacks from its forum, it is something that is not inevitable completely because malwares most of the times come undetected until they have done the deed. Hence it is also up to the users to play smart, be conscious of anything which seems uncertain or scam and have an open mind while on the internet.
Read next: YouTube Reaches Top 3 iOS Apps in Consumer Spending
Since 2019, YouTube has been at a threat of a phishing malware, called ‘Cookie Threat’, or pass the cookie. The hijacker through this trend can access user information and emails, through restored cookies in the browser and hence the name. The technique however, isn’t new, it has been around for decades, but only now since 2019 when such a malware attack became quite common did it extent of harm was originally revealed. The reason for it being so common now is the adoption of multi-factor authentication (MFA) which has shifted the hackers focus on the engineer tactics rather than online abuse.
According to YouTube/Google, the hijackers behind this new malware appears to be from a Russian forum, who attack big creators on YouTube with massive subscription numbers. They approach them as a company who is willing to collaborate, for their products or features. On many occasions the collaboration has been notified to be for online games, VPN, music players etc. They also promise a good collaboration fee.
Creators receive the collaboration requests through emails. Many YouTubers have provided business emails on their channels for the purpose of collaboration and hence when the hijackers approach them and the deal is said to be done, they send in a URL or PDF drive. In most cases, Google Docs have also been provided. Opening of the sent link, Doc or PDF, leads to the creator losing access to the channel and it being sent to the hijacker’s way.
However, Google is taking the necessary means in order to prevent such happenings. Google, in collaboration with YouTube, Gmail, Trust & Safety and Safe Browsing teams has started out filtering such phishing emails and up until May 2021 has managed to clear out 99.6% of the email related to phishing.
The threat however, still lingers, because while one malware can be controlled at some extent, there are others waiting to attack. While Google is taking smart steps to limit the malware attacks from its forum, it is something that is not inevitable completely because malwares most of the times come undetected until they have done the deed. Hence it is also up to the users to play smart, be conscious of anything which seems uncertain or scam and have an open mind while on the internet.
Read next: YouTube Reaches Top 3 iOS Apps in Consumer Spending
