Internet accounts and records are a clear target for hackers. They are constantly looking for ways to steal passwords and take control. In this article we echo a new malware, YTStealerwhich is capable of steal youtube accounts. Once they are done with them, their ultimate goal is to put them up for sale on the Dark Web and make a profit from it. We will explain how it works and what to do to be protected.
YTStealer steals YouTube accounts
East malware targets users who have a YouTube account. Logically, its main objective is those channels that can have more followers and, therefore, more economic value to sell it on the Dark Web. What they do is steal authentication tokens and hijack accounts.
The attackers’ strategy is impersonate legitimate software related to video creation. The victim downloads this so-called program and they are actually putting malware on the device. This malicious software is going to take care of stealing the credentials and taking control of the YouTube account.
Among the programs that they use to cheat we can name Adobe Premiere Pro, OBS Studio, Ableton Live or FL Studio. As you can see, they are applications that are often used by content creators on YouTube, so they have a greater chance of success there and that someone ends up clicking and downloading that malicious file.
But not only does it pretend to be programs of this type, but adapts according to the type of channel. For example, if it is a channel dedicated to video games, it can impersonate files to modify a game, tricks, etc. For example Grand Theft Auto V, Call of Duty or Counter Strike Go.
What the malware does once it has entered the system is to crawl the SQL database files of the browser to locate the youtube auth tokens. From there it validates them by launching the web browser and adding the stolen cookie. You can also collect information such as channel name, subscriber count, creation date, or monetization status.
When he gains control of the account, the attacker puts it up for sale on the Dark Web. According to security researchers, something similar has also been detected with Spotify accounts.
How to avoid this attack
So what can you do to prevent this type of attack if you have a YouTube account? The case of YTStealer malware is not unique, as we can come across similar threats that can also put at risk accounts of all kinds on the Internet. That makes us take precautions.
Undoubtedly something fundamental is the common sense. Avoid making mistakes that could sneak you malicious software of this type. (https://andeglobal.org/) Never install programs like the ones we have mentioned without downloading them from official sources as it could really be a scam and malware that is going to steal your data. This will help keep YouTube safe.
In addition, it is also a good idea to have a good security program. Antivirus will help detect threats and remove viruses if necessary. There are both free and paid ones and you should always install them regardless of the operating system you use.
Another point to keep in mind is the importance of update all forever. Many attacks come by exploiting vulnerabilities. Update your operating system, browser, and any programs you have. In this way you will correct those security flaws and avoid many problems.
