What’s going on

Compromised Youtube accounts are used to host livestreams of an AI-generated video of “Elon Musk” promoting a “cryptocurrency giveaway”.

In the livestream, victims are directed to scam sites via a URL shared in the livestream, or a QR code displayed on the live video.

‍

Livestream with AI generated voiceover of Elon

‍

To make matters worse, these livestreams often have the chat locked to prevent people from alerting each other to the scam.

Once victims visit the site, they’re presented with a decently believable “giveaway” page that has random logos of Tesla, SpaceX and other companies scattered around to increase the trust factor of victims.

Instructions are provided to send Bitcoin, Ethereum and a myriad of other cryptocurrencies to the scammer’s wallet, with a promise to receive at least doubled returns.

‍

‍

Collateral damage

These compromised channels often have a short life-span, as Youtube takes the livestreams down after a quick review. Great, right?

Unfortunately, the effect can be catastrophic for people who have spent years of their lives building their content on Youtube, as some of these channels end up being completely banned off the platform.

An example is a recent incident where the Linus Tech Tips channel fell victim to this exact scheme.

‍

Meanwhile, scammers are making the big-bucks and leaving scott free.

‍

Scammer’s BTC Wallet — 1 — Taken from Blockchain.com

‍

Scammer’s BTC Wallet — 2 — Taken from Blockchain.com

‍

Protecting yourself and your channel

The root of the problem seems to be initial access to accounts, so to lock-down your channel:-

Use strong, randomly generated passwords
Enable 2FA/MFA
Configure appropriate access controls to your channel
Secure yourself from other attack vectors, such as malware, macro-embedded documents and phishing attempts

‍

If you come across a suspicious website or video, look out for typical indicators of a scam scheme:-

Financial promises that are too good to be true
Grammatical errors
Use of familiarity, authority, or urgency to build your trust

‍

What to do if you stumble across these videos

Report the livestream to Youtube
Report the crypto wallet adresses on Bitcoin Abuse Database

‍

And remember to inform people you know about this scam, you might just save someone their money or life’s work.

AI, Crypto, and Account Takedowns — A Rising Scam

A new scam born from the ashes of a tarnished crypto market and Twitter buzz

What’s going on

Collateral damage

Protecting yourself and your channel

What to do if you stumble across these videos

AI, Crypto, and Account Takedowns — A Rising Scam

A new scam born from the ashes of a tarnished crypto market and Twitter buzz

What’s going on

Collateral damage

Protecting yourself and your channel

What to do if you stumble across these videos

Enjoyed this article?Share it with others!

Heading to new heights: Crypto scams resurface ahead of Starship's liftoff

YoChi — An architect of bank-targeted phishing kits

StupidFish: Cybercrime group harvesting credit card data

The Great Wall of Cybercrime: Chinese-run bank phishing operation

Enjoyed this article?

Share it with others!