Home / “Streamjacking” is the Newest Evolution of an Old Threat

“Streamjacking” is the Newest Evolution of an Old Threat

You are very much aware of ways in which physical devices, networks, and platform accounts can be hijacked and exploited for nefarious purposes. The latest addition to the list is “streamjacking,” which refers to the takeover of streaming platform accounts, such as those on YouTube [1].

The classic example of hijacked systems many of you are aware of is DDoS attacks that often utilize infected “zombie” devices controlled by malware without their owners’ knowledge. The compromise of social media accounts like those on Twitter or Facebook, however, is more noticeable, with post after post of spam or disinformation.

 “Streamjacking” takes this further, where the compromise of a video streaming platform account such as YouTube allows malicious actors to broadcast audio/video material intended for crafting sophisticated social engineering attacks. Videos are professionally edited and point to well-designed websites with high quality UX/UI, which inspires unearned confidence from potential victims. In this way it is an evolution (“phishing, but with video marketing!”) rather than a revolution.

The intruder’s end goal is not the compromise of the account with its “streaming” capability — rather, the true aim is in using the account’s follower/subscriber base to apply marketing strategies and convince viewers to engage in risky behavior (such as making payments) based on the clout of the account owner or by disguising the account as belonging to an even more famous or trustworthy source in Tech (e.g., Elon Musk or one of his companies like Tesla or SpaceX for cryptocurrency theft scams).

YouTube, Twitter, and other similar platforms do offer MFA, so how are the intruders gaining access? The same exploits they always have used: risky behavior by users. Malware introduced from payloads injected by compromised sites or piggybacking on downloaded malicious software or files can set up key-loggers or credential scrapers which are able to identify or bypass multiple authentication factors.

Streamjacking demonstrates the relentless efforts from hackers to advance their social engineering techniques. Compromised streaming and social media accounts can lead to the dissemination of harmful and inappropriate content, resulting in potential account bans and loss of previous content. Many of the good sense preventative measures we already advocate using during professional and personal online activities apply both to protecting one’s accounts and avoiding falling for “streamjacking” scams.

Think before you click.


[1] https://labs.guard.io/streamjacking-hijacking-hundreds-of-youtube-channels-per-day-propagating-elon-musk-branded-730944bbbfe6