Over the weekend, YouTube was hit by a “massive” cybersecurity attack targeted at users with high numbers of followers, ZDNet warns.
An investigation by the site revealed that many accounts belonging to individuals who create car-related content, such as reviews of cars, were taken over by hackers. However, the attack was generally targeted at “influencers” across a variety of YouTube channel genres.
The malicious actors employed phishing tactics to steal the credentials of YouTube creators in what ZDNet described as a “coordinated” attack. In many cases, owners were sent emails that took them to a fake Google login page. The attackers were then able to obtain their Google account credentials, access their YouTube account, and change the owner and “vanity URL” of the account.
Some of the affected accounts had two-factor authentication enabled, but ZDNet noted that hackers were able to bypass the security measure. A source told the site that the cybercriminals may have used a reverse proxy toolkit, such as the Modlishka phishing package, to execute the attacks.
YouTubers who were affected by the attack can start the account recovery process here.