Bitdefender, a cybersecurity firm, has been monitoring a surge in sophisticated ‘stream-jacking’ attacks since October 2023. These cyberattacks involve the hijacking of high-profile YouTube channels to propagate cryptocurrency doubling scams, a trend that has been on the rise recently.
Evolution of Stream-Jacking Scams
The attacks have been evolving, now exploiting real news events to lend authenticity to their fraudulent live streams. Bitdefender observed that scammers coopt legitimate news, like SpaceX flight tests and updates by Elon Musk, by broadcasting fake live events on compromised verified YouTube channels.
Strategies to Boost Scam Credibility
To give the false impression of credibility, scammers are inflating viewer counts and slightly altering official channel names, such as using “@spacex1” instead of “@SpaceX”. They’ve exploited various significant events, including the SEC’s trial against Ripple Labs, leadership changes at Binance, and Tesla‘s Cybertruck reveal, to anchor their scams.
Adding to their deceptive arsenal, the perpetrators have been using deepfakes of well-known crypto figures. These deepfakes, while not perfect, are often convincing enough to deceive viewers into participating in the scam, usually involving QR codes that promise to double the victims’ cryptocurrency.
The scammers also manipulate the live chat feature of their streams, disabling it to avoid exposure of the fraud. They allow only selected members to comment, or those with an implausibly long subscription history to the channel—up to 52 years in some instances.
According to Bitdefender, these stream-jacking scams can be highly lucrative, with potential earnings surpassing $500,000, underscoring the critical need to increase public awareness about these kinds of fraudulent schemes.
