As the crypto sector keeps growing worldwide, hackers are also ramping up their efforts to scam and steal digital currencies. On Monday, January 24, Youtube accounts of some of India’s major crypto exchanges and influencers got compromised.
The hack was identified when hackers uploaded videos on the Youtube channel to promote a fake coin named “One World Cryptocurrency.” The hacker also added a wallet address in the description so that viewers can send cryptocurrencies as instructed in the uploaded videos.
The victim crypto companies include Binance-owned WazirX, CoinSwitch Kuber, CoinDCX, and Unocoin.
A few among the affected exchanges conducted inquiries and found that hackers didn’t perform any suspicious activity on the accounts like ‘password reset,’ after accessing accounts. While WaxirX says it has contacted YouTube and awaits its response.
Vice President for Marketing at WazirX, Rajagopal Menon, affirmed,
“There was a systematic hack on several crypto YouTube accounts around the world. Fortunately, our team caught the fraudulent video within seven minutes of going live on our channel and deleted it. On conducting a diagnosis, we did not find any security flaw from WazirX’s end that could have given hackers access to our channel.”
A representative of CoinDCX also tweeted on Monday and noted:
“Our security team was swift in identifying and taking down the fraudulent video posted on CoinDCX’s channel, limiting the video’s reach. For the few of our subscribers who saw the video before it was removed, please disregard all of its content.”
The reason behind the recent India crypto YouTube account hijacking
We reached out to the go-to cybersecurity and privacy industry investigator, PrivacySavvy, to comment on the incident.
As per the statement of PrivacySavvy founder and a Cyber Security expert, Ali Qamar, compromised Youtube channels’ integration with third-party APIs (Application Programming Interfaces) for enabling live streaming was the cause of the incident. An API is a software application type that allows multiple softwares to communicate and collaborate.
Social accounts hacking is not new in India. Even Indian Prime Minister Narendra Modi‘s Twitter account was hacked last December.
Related Reading | YouTube Crypto Scams On The Rise As Victims Lose Millions
After Modi’s Twitter account hacking, the hacker tweeted that India has “officially adopted bitcoin as legal tender” and also “the government has officially bought 500 BTC and is distributing them to all residents of the country.”
Also, in September 2020, an unknown group hacked Modi’s Twitter account linked to his personal application and website.
Per the report of Chainalysis, issued in December 2021, crypto scammers managed to steal almost $14 billion last year. At the end of the day, it’s users’ responsibility to have best practices in place to protect their coins. The easiest way to avoid being scammed is to watch out for the red flags that are often similar to classic credit card frauds and money-wiring scams.
Featured image from Unsplash, chart from TradingView.com