No one is completely secure from cybersecurity issues. According to a report, a hacker or hacker group has hijacked several YouTube accounts, renamed them as Microsoft’s alleged brands with the goal of streaming content related to a Ponzi cryptocurrency scam, targeting tens of thousands of users with a fake message from the company’s CEO Bill Gates.
Hacking has become a growing security issue for YouTube. In this case, threat actors have hijacked popular accounts to stream content from “cryptocurrency delivery”, a new classic of e-scams where victims are tricked into sending money to cybercriminals through a cryptocurrency transfer. Victims are told they will recover twice the amount they sent, but never receive any money back.
Some variants of these scams have been seen before on platforms like Twitter; However, since this social network began to delete unverified and possibly fake accounts, scammers have migrated to the video sharing platform.
So far, the authors seem to have taken control of more than 30 YouTube profiles, which are being used to broadcast an old talk by Bill Gates about new companies and startups. Threat actors use these videos to show the fake giveaway.
This Ponzi scheme is currently being streamed live on several YouTube accounts with names such as:
- Microsoft US
- Microsoft Europe
- Microsoft News, among many others
Microsoft claims that none of its official accounts have been compromised, although this does not seem to be an obstacle for threat actors to reach out to unsuspecting users.
Bitcoin addresses used by hackers to receive transactions have already been counted on thousands of dollars, meaning that tens or even hundreds of users have already fallen into the trap. In addition, this content has been viewed by tens of thousands of users, not to mention that the campaign is still active.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.