image-26
Take a Virtual, Interactive Tour 

Hacking, Cyber Security

  |  
6 Min Read

Current Event of the Week in the Cyber Security World!

 

In the recent weeks, several YouTube channels have been hijacked. Most of these hijacks happened within the cars review and the vehicle tune - up communities. Some victims of these attacks include: Built, Troy Sowers, MaxtChekVids, PURE Function and Musafir. Although the main source, this was not the community under attack. These hacks have caused an uproar on social media throughout the Twitter and YouTube Support Forum.

sdfv

                                                                               image: ZDNet

Currently, YouTube is doing their best to handle this situation as this is not their first incident. 

The accounts being hacked were results of a coordinated attacks which lure users with messages to phishing websites which logged their credentials.

Users had received individual emails, while others received email chains. The Hackers bypassed 2FA (Two Factor Authentication.) It is said they used a reverse proxy-based phishing toolkit that can intercept 2FA SMS codes.

ZDnet has followed up with YouTube staff and have a general idea of the attack chain used below:

 

dca

 

                                                                               image: ZDNet

 

Many of the hijacked sites have a traffic surge of hackers selling the accounts to the highest bidder. YouTube must regain ownership of these compromised accounts and in turn place ownership back with the original owners.

ZDNet also spoke with a hacker named Askamani, active on OGUsers, an internet forum known for trafficking access to hacked accounts.

Askamani said that the campaign that targeted members of the YouTube car community has all the signs of "regular business."

Later Askamani states that someone must’ve hacked a social media influencer database.

 

sd

 

                                                                              image: ZDNet

 

Remember to stay safe on social media platforms! Only include the information that is necessary.  

Designated as a Center for Academic Excellence in Information Systems Security Education by the US National Security Agency, UAT offers an ethical hacking degree that’s highly recognized by industry and government entities alike.

 

Resources: 

Catalin Cimpanu. (n.d.). Retrieved from https://www.zdnet.com/meet-the-team/u/catalin.cimpanu/

Cimpanu, C. (2019, September 23). Massive wave of account hijacks hits YouTube creators. Retrieved from https://www.zdnet.com/article/massive-wave-of-account-hijacks-hits-youtube-creators/

Technology News, Analysis, Comments and Product Reviews for IT Professionals. (n.d.). Retrieved from https://www.zdnet.com/

 

 

 

Comment

Related Articles

GitHub Wants Your Policy Proposals

In light of the recent leak of Twitch’s source code (over 6,000 private GH repositories) and other information, through a 125GB data torrent over 4chan.org, GitHub (GH) is now stepping up their ...
Picture of Micah Turpin Micah Turpin 6 Min Read

Golang the new standard for malware langauge?

In a recent security report by cybersecurity firm Intezer, they reported that a huge spike of malware strains being coded in Go programming has increased about 2,000% in recent years.

VMware vulnerability leaves about 6,700 servers ripe for the picking.

VMware vCenter servers have been hit in a new attack which left them exposed and vulnerable by the hackers which allowed them to take over any unpatched machine and take over companies' entire ...

UAT Tech is a blog by the University of Advancing Technology

Want More?
Contact Us

Copyright @ 2024.The University of Advancing Technology.