Stolen YouTube credentials up for sale online

(Image credit: Shutterstock / Alexey Boldin)
Audio player loading…

Researchers at the external threat intelligence company IntSights have observed that stolen credentials for prominent YouTube accounts are increasingly being sold in online black markets and on Dark Web forums.

YouTube channels have long been considered valuable by cybercriminals who use them to expose a new audience to a wide rang of fraudulent activities including scams and malware.

However, YouTube accounts from compromised computers or from logs of credentials can bring in even more money for cybercriminals when sold online. Although less popular channels may not be as lucrative as ones with more subscribers, content creators rely on them for their revenue and may be willing to pay an attacker to get their content and access to their channels back.

In order to gauge cybercriminals' interest in stolen YouTube accounts, one hacking forum recently decided to run a poll and the results show that 80 percent of its members would consider buying these stolen credentials.

Online auctions

Just as ransomware groups have begun to auction off stolen data, so to have cybercriminals who have acquired YouTube account credentials. 

In its blog post (opens in new tab) on the matter, IntSights showed one example where a seller was auctioning off  687 YouTube accounts at a starting price of $400 with a Blitz price of $5000 is someone wanted to buy the accounts outright. The auction was also set to end 24 hours after the last bid likely due to the fact that the seller wanted to sell off the stolen credentials fast before victims had a chance to contact Google support and explain the situation.

Although there are many ways for attackers to target YouTube channel owners, it appears as if the recent accounts that were up for sale were taken from databases containing Google credentials as well as from computers infected with malware.

IntSights recommends that all YouTubers protect their accounts by enabling two-factor authentication (2FA) as this makes it harder for cybercriminals to gain control of them in the first place.

Via BleepingComputer (opens in new tab)

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.