A researcher at New York City-based security firm Intezer identified a new malware that can steal YouTube content creators' authentication credentials.
After obtaining a YouTube authentication cookie, the YTStealer malware connects to YouTube's Studio page using a headless browser and extracts user account information.
Each data sample is then encrypted with a unique key and sent to a command and control server.
Said Intezer's Joakim Kennedy, "What sets YTStealer aside from other stealers sold on the Dark Web market is that it is solely focused on harvesting credentials for one single service instead of grabbing everything it can get ahold of."
The report indicated that the malware likely is being sold as a service to other threat actors.
From Ars Technica
View Full Article
Abstracts Copyright © 2022 SmithBucklin, Washington, DC, USA
No entries found