There are reports of a new wave of YouTube hacks that steal the victim’s account, opening a live stream to what seems to be an official announcement by Charles Hoskinson, the founder of Cardano (ADA). Apparently, the attacker’s goal is to lure viewers into a giveaway scam.
WhatsApp Trojan Steals YouTube Accounts
One of the victims of the current YouTube hacks is the popular meme-compilation channel H-Matter with over 400,000 subscribers. Kevin Luge, the owner of the channel, gave CryptoCoin.News an exclusive report about the incident.
According to Luge, on the day he was hacked, he was initially contacted by someone claiming to be Marko Smith, a representative for the mobile game Raid Shadow Legends, who appears to have sent him a trojan via WhatsApp:
On the same day at an earlier time, I received a business inquiry, supposedly from the director of the app development studio. He offered me a fair amount of money for a promotion below one of my videos. We continued the conversation on WhatsApp, upon which he sent me a .zip file which I had to convert in order to start an “application” to confirm the contract. Instead, I suppose that he sent me a trojan that enabled the attacker to gain access to my Google account and the associated YouTube channel.
Only a few hours after opening the file, all existing videos on H-Matter had been set to private, the channel’s name was changed to [Cardano] Foundation, and there was a live stream running that depicted Hoskinson making an official announcement about an upcoming protocol update.
Luge reacted just in time to contact the YouTube support, which instantly froze the account. Other YouTubers did not get so lucky, for example, the Hip-Hop artist Lil Spooki. The hacker deleted his channel with over 3.8 million subscribers a few hours after the attack.
Cardano is a common Target for Impersonators
This is not the first time Cardano had to deal with impersonators on YouTube. Reports of hacked YouTube accounts date back to at least September 2020. A month later, moderators on the Cardano forum had to open a thread collecting these reports, as new impostor channels had been found on a daily basis.
According to the reports, the attackers try to scam viewers by luring them into sending ADA to their address, under the false promise of a double return. The scam works similar to the Twitter hack in July 2020 that compromised the official accounts of crypto companies such as Coinbase and Binance, as well as several high-profile individuals including Joe Biden, Barack Obama, Bill Gates, and Jeff Bezos.
Such attacks are extremely ruthless with a high amount of criminal energy. Not only do the hackers manage to create a more effective scam by stealing high-profile social media accounts, but it also damages the impersonated project’s reputation and, in this case, has lead to several YouTube creators losing their accounts. Just a few days ago, SushiSwap became the target of impersonators who lured social media users into downloading malware, potentially in an effort to steal their crypto assets or social media accounts.
Already in July 2020, Cardano has published a communiqué warning community members about fake giveaways, stating:
These schemes are an unfortunate consequence of Cardano’s increasing popularity in the cryptocurrency community. The perpetrators of these schemes use various methods to defraud victims, including impersonating influential figures in the Cardano ecosystem, claiming to be Cardano partners, hijacking YouTube accounts with many thousands of followers, and posing as the official social media accounts of Cardano, the Cardano Foundation, EMURGO, or IOHK—or employees thereof.
CryptoCoin.News has reached out to Cardano for a statement on the current increase in fake social media accounts.