Communications of the ACM

Home/News/YouTube Content Creator Credentials Are Under Siege.../Full Text

ACM TechNews

YouTube Content Creator Credentials Are Under Siege by YTStealer Malware

By Ars Technica
July 12, 2022
Comments

View as: Print Mobile App Share:

The structure of the YTStealer code and the unique identifier used for each sample leads security firm Intezer to suspect that YTStealer is being sold as a service to other threat actors.

Credit: Getty Images

A researcher at New York City-based security firm Intezer identified a new malware that can steal YouTube content creators' authentication credentials.

After obtaining a YouTube authentication cookie, the YTStealer malware connects to YouTube's Studio page using a headless browser and extracts user account information.

Each data sample is then encrypted with a unique key and sent to a command and control server.

Said Intezer's Joakim Kennedy, "What sets YTStealer aside from other stealers sold on the Dark Web market is that it is solely focused on harvesting credentials for one single service instead of grabbing everything it can get ahold of."

The report indicated that the malware likely is being sold as a service to other threat actors.

From Ars Technica
View Full Article

No entries found

YouTube Content Creator Credentials Are Under Siege by YTStealer Malware

Brain-Powered Tech Allows Kids 'Trapped in Their Own Bodies' to Play

Disinformation 2.0 in the Age of AI: A Cybersecurity Perspective

The Role of Autonomous Machine Computing in Shaping the Autonomy Economy