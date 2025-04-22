Scammers exploit trending topics to trick viewers into losing crypto

Bitdefender warns millions at risk from hijacked content creator accounts

Cyberattacks now target influencers across YouTube, Instagram, and beyond

Cybercriminals are hijacking popular YouTube channels at an alarming rate, exposing viewers to scams, malware, and data theft - and with billions of views and millions of followers at stake, one wrong click can have devastating consequences.

New research by Bitdefender Labs claims social media account takeovers surged throughout 2024 and continued evolving into early 2025.

Content creators and influencers with significant followings and view counts have become primary targets.

Verification before interaction

Bitdefender detected over 9,000 malicious livestreams on YouTube in 2024. These are often hosted on hijacked channels that impersonate trusted brands and public figures to spread fraud and malware.

One such compromised account had a total view count of 12.4 billion; if just 1% of viewers were deceived, 124 million users would be affected.

Attackers frequently impersonate popular brands like Tesla, Ripple, or SpaceX, hosting fake livestreams featuring deepfakes of public figures such as Elon Musk or Donald Trump to promote cryptocurrency scams and phishing links.

Beyond YouTube, Instagram has also been a major target. Hackers impersonate Meta or Instagram Support in phishing emails, clone login pages, and manipulate creators into sharing SMS verification codes.

Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

Malicious sponsorships are another method of infiltration. Cybercriminals lure creators into downloading malware-laced files disguised as promotional content. Malvertising - ads for fake AI tools or games like GTA VI - that install info-stealers and remote access trojans on victims’ devices are also common tactics.

Events that draw large online audiences, such as Apple keynotes, the XRP-SEC lawsuit, or CS2 tournaments, are frequently exploited. Attackers use these moments of peak interest to launch scams disguised as official livestreams or contests.

For instance, during the 2025 White House Crypto Summit, fake YouTube streams promoted fraudulent airdrops to trick viewers into surrendering sensitive information or cryptocurrency.

How to stay safe

To stay safe, creators are urged to use the best browsers with built-in security features, enable multi-factor authentication (MFA), and closely monitor account activity for suspicious changes. Scrutinizing unexpected sponsorship offers, especially those tied to trending topics, is also essential.

It’s recommended to implement the best DDoS protection to guard against service disruptions following account takeovers, and to use a reliable proxy service to add a layer of anonymity and security when managing accounts across platforms.

Bitdefender also advises creators to train team members on current threats and to stay updated through official security bulletins from platforms and cybersecurity researchers.

Tools like Bitdefender Security for Creators offer dedicated protection, including 24/7 account monitoring, scam email filters, and guided recovery options in the event of a breach.