Sign In

Communications of the ACM

ACM TechNews

YouTube Content Creator Credentials Are Under Siege by YTStealer Malware

View as: Print Mobile App Share:

The structure of the YTStealer code and the unique identifier used for each sample leads security firm Intezer to suspect that YTStealer is being sold as a service to other threat actors.

Credit: Getty Images

A researcher at New York City-based security firm Intezer identified a new malware that can steal YouTube content creators' authentication credentials.

After obtaining a YouTube authentication cookie, the YTStealer malware connects to YouTube's Studio page using a headless browser and extracts user account information.

Each data sample is then encrypted with a unique key and sent to a command and control server.

Said Intezer's Joakim Kennedy, "What sets YTStealer aside from other stealers sold on the Dark Web market is that it is solely focused on harvesting credentials for one single service instead of grabbing everything it can get ahold of."

The report indicated that the malware likely is being sold as a service to other threat actors.

From Ars Technica
View Full Article


Abstracts Copyright © 2022 SmithBucklin, Washington, DC, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account