Russia Behind Massive Cyberattack Targeting Google, Report Suggests

( On Wednesday. Google reported that it had successfully tracked and stopped an email phishing system, which uses fake and misleading emails to steal money or information from recipients, that has been targeting YouTube users since 2019.

Google’s Threat Analysis Group revealed in a blog post published this week how hackers were using a “cookie theft malware” that would compromise users’ YouTube accounts, hijack their channels, and then either sell those accounts or use them to publish cryptocurrency scams.

Some scams included YouTube channels posting live video footage of cryptocurrency-related events, and encouraging people to send crypto to a specific wallet address in order to receive twice the amount back. Those who send the money to those wallets never receive what they are promised.

Over 1,000 domains, many of which were posing as COVID sites, were built for the purpose of this YouTube-related scam. It used various fake social media pages and the malware that was used by the hackers was able to steal user passwords and cookies being used by YouTube to take control of user accounts.

When an account was hacked, it may have been sold for as much as $4,000 to scammers, depending on how many subscribers the account had.

Google, the owner of YouTube, said that 99% of the hacked channels had been recovered and that they will now be taking additional steps to protect users in the future. The FBI has also been informed about the hacking campaign.

The Threat Analysis Group added that they are always working to improve detection methods and invest in new tools and features that can identify and stop threats like these.

Some 4,000 accounts have been restored as part of this operation, and 1.6 million emails were blocked in May alone.

It shows that cryptocurrency is opening up a whole new industry for hackers, and it could get worse before it gets better.