Phishing youtube channels and links are stealing credentials

Recently, cybercriminals launched a phishing attack using fake YouTube links to steal user login credentials. These links were cleverly disguised to look legitimate and used redirections through multiple websites to hide their true destination. The attack exploited a tool called the “Tycoon 2FA phishing kit,” making it capable of targeting a large number of users and even bypassing two-factor authentication (2FA). This highlights the growing sophistication of phishing campaigns and the need for extra caution while interacting with link.

How it works

Attackers created fake links that look like they are from YouTube. For example, the link might start with something like “hxxp[://]youtube” (instead of the usual “https://youtube”), making it seem real but hiding its true purpose.
When someone clicks these fake links, they are secretly redirected through multiple websites before reaching the final fake page. This makes it harder for security systems to detect the phishing attempt.
The final page looks like a legitimate login page, but when users enter their credentials, the attackers steal them.
According to researchers, this specific campaign was likely conducted by a hacking group called Storm1747. They used a tool called “Tycoon 2FA phishing kit,” which is designed for large-scale attacks and can even bypass two-factor authentication.

How to protect

Verify Links Before Clicking: Always check if a link is legitimate by hovering over it to see the full URL. Avoid clicking on suspicious or shortened links.
Enable 2FA: Use two-factor authentication for all accounts, but be cautious of phishing attempts designed to bypass it.
Use Antivirus and Anti-Phishing Tools: Install security software that can detect and block phishing sites.
Educate Yourself and Others: Stay informed about the latest phishing tactics and share this knowledge with family and colleagues.
Report Suspicious Activity: If you encounter a fake link or phishing attempt, report it to the website or service it claims to represent.

Mike Stevens

Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.

Phishing youtube channels and links are stealing credentials

How it works

How to protect

WinRAR and ZIP File Exploits: This ZIP File Hack Could Let Malware Bypass Your Antivirus

5 Techniques Hackers Use to Jailbreak ChatGPT, Gemini, and Copilot AI systems

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hacking Pagers to Explosions: Israel’s Covert Cyber-Physical Sabotage Operation Against Hezbollah!

Five Techniques for Bypassing Microsoft SmartScreen and Smart App Control (SAC) to Run Malware in Windows

How Millions of Phishing Emails were Sent from Trusted Domains: EchoSpoofing Explained

How to implement Principle of Least Privilege(Cloud Security) in AWS, Azure, and GCP cloud

The 11 Essential Falco Cloud Security Rules for Securing Containerized Applications at No Cost

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

FortiGate Firewalls Zero-Day Chaos: How Hackers Are Gaining Control of Firewalls Worldwide – Is Your Network at Risk?

How Hackers Can Hijack Your Device Without You Knowing – MediaTek’s RCE Flaw Explained

Hacking Active Directory: Learn How LDAPNightmare Flaw Shuts Down AD Services

PAN-OS DoS Flaw: Is Your Network at Risk? Learn How to Secure It Now!

Don’t Get Hacked! Sophos Firewall Vulnerabilities Explained

WinRAR and ZIP File Exploits: This ZIP File Hack Could Let Malware Bypass Your Antivirus

5 Techniques Hackers Use to Jailbreak ChatGPT, Gemini, and Copilot AI systems

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hacking Pagers to Explosions: Israel’s Covert Cyber-Physical Sabotage Operation Against Hezbollah!

Five Techniques for Bypassing Microsoft SmartScreen and Smart App Control (SAC) to Run Malware in Windows

How Millions of Phishing Emails were Sent from Trusted Domains: EchoSpoofing Explained

How to implement Principle of Least Privilege(Cloud Security) in AWS, Azure, and GCP cloud

The 11 Essential Falco Cloud Security Rules for Securing Containerized Applications at No Cost

Hack-Proof Your Cloud: The Step-by-Step Continuous Threat Exposure Management CTEM Strategy for AWS & AZURE

Web-Based PLC Malware: A New Technique to Hack Industrial Control Systems

Top 2 Malicious Python Packages You Must Avoid! Zebo-0.1.0 & Cometlogger-0.1

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hackers’ Guide to Rogue VM Deployment: Lessons from the MITRE hack

Eternal Malware: CVE-2024-3400 Rootkits Persist Through Palo Alto Firewalls Updates and Resets

Major Python Infrastructure Breach – Over 170K Users Compromised. How Safe Is Your Code?

Cyber Security Channel

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]