BY KERRY TOMLINSON, AMPERE NEWS

October 18, 2022

If you have a YouTube account, you might want to check for videos you didn't post. Attackers have found a way to secretly upload videos to people's accounts without them knowing.

This attack can start with an email and end with hacked accounts across the globe, including a government YouTube channel and a communications company based in Switzerland.

Watch here:

Surprise Content

Normally, you'll see marketing videos on the YouTube channel of GlobalVision 360, a communication agency based in Geneva, Switzerland. But GlobalVision 360's latest uploads are something new --- a series of cheats and hacks for popular video games like Apex and Roblox, and for software like Photoshop.

Try the channel for Thomas Miller Vlogs and you could see a change as well, from exploring abandoned buildings in the UK for his thousands of followers to cheats for games like Rainbow Six Siege and Rust.

And people in the province of Orellana, Ecuador might be surprised to see their government channel turn from community videos to hacks for Grand Theft Auto, Fortnite and more.

Attack with a twist

In these cases, from what we can determine, cyber crooks posted the videos, not the channel owners.

But here's the twist. Attackers are using a special malware that automatically downloads the video onto your device, then secretly uploads it to YouTube, adding a link and instructions in the description and maybe even a comment below that looks like it came from you.

The video tells viewers to click on the link below. That can end up launching the attack all over again on their accounts, spreading the videos and the malware like a contagion.

How it works

Cybersecurity company Kaspersky reported that this kind of attack can start with a fake or phishing email. Click on a link in the message and you can end up with a malware called RedLine that pilfers your passwords, credit card numbers, sensitive data, and more.

Attackers combined RedLine with another malware that goes to work on videos, bringing them onto your machine, breaking into your YouTube account, and secretly posting, according to Kaspersky researchers.

If you don't check your account often, you're the perfect target. You'll leave the videos up for all to see.

If you have only a few subscribers, you're still not safe. The malware also automatically sends a message to the popular messaging platform Discord and advertises your video with a direct link to you.

If the people who come to your channel are curious about a game or software, they could end up with their own infection. They'll lose their own passwords and credit card numbers, gain poisonous YouTube videos, and pass it all on to others.

Hacked Channels

Ampere News contacted the GlobalVision 360, Gobernación de Orellana, and Thomas Miller Vlogs channels to let them know that their accounts were hacked to show cheat videos.

GlobalVision 360 and the government site in Ecuador did not respond to numerous messages. The videos are still up as of the publishing of this story.

Thomas Miller Vlogs did respond.

"I had no idea about the video upload," Thomas Miller said. "I was shocked."

His account has two-step verification --- the extra login step, like a special code --- but the attackers still got through, Miller said.

He said he is supposed to get an email every time a video is uploaded to his channel but did not for the cheat videos. Plus, he said, he received a copyright strike for the videos the attackers put on his channel.

The strike means someone has accused him of showing copyright-protected content on his channel. In this case, it could mean that the cheat videos showed copyright-protected clips from the video games. If a channel gets three copyright strikes, YouTube can shut it down and remove all videos.

"I have no clue how they managed to do it without triggering any of the security on my channel," he said. "People need to make sure they check their junk email and keep up-to-date on your YouTube channels just in case."

What can you do? 

Besides being careful of links in emails, you might want to avoid game hacks and cheats as well as illegal software.

Attackers know that people search for them and use them as a lure.

More stories from Ampere News:

• The crazy way cyber crooks are pulling refund scams on you

• How cyber crooks are trying to trick you into picking up your phone & putting down your guard

• Inside a romance scam: how to make a catfisher sing

#youtube #scams #cybersecurity

FEATURED STORIES