Rising threats to influencers as cyber attacks escalate

Bitdefender has published a report revealing a surge in cybercriminal activities targeting content creators and influencers on social media platforms.

According to Bitdefender Labs, over 9,000 malicious livestreams were detected on YouTube in 2024, with cybercriminals rebranding compromised channels to appear legitimate.

One such compromised account held an impressive 28.1 million subscribers, indicating the scale and potential impact of these attacks.

The report highlights the substantial viewership these cybercriminals can access, with one particularly compromised account receiving 12.4 billion views. Even if only 1% of these views convert, approximately 124 million individuals could be exposed to scams, malware, or data theft.

Bitdefender emphasises the breadth of the attack landscape, with over 350 malicious domains detected being promoted through these malicious livestreams.

These domains often serve as fronts for scams, aiming to steal credentials, cryptocurrencies, or personal information from unsuspecting viewers.

Content creators are noted as prime targets due to their high degree of online visibility and reliance on public engagement. Furthermore, managing multiple social media accounts often under interconnected credentials expands the attack surface, allowing a breach on one platform to potentially affect others.

Cybercriminals employ tactics such as rebranding YouTube accounts by setting original content to private or deleting them, followed by changing the channel's identity to impersonate renowned brands or individuals.

They create fake livestreams featuring prominent figures to lure viewers into visiting malicious domains. Impersonation extends to channel names such as Tesla, Ripple, and SpaceX, involving events that garner significant media attention.

Engaging in timely attacks linked to major events, cybercriminals exploit periods of intense online buzz, such as elections, high-profile lawsuits, and SpaceX rocket events.

Meanwhile, fake sponsorship proposals sent to creators and malicious advertising campaigns have become common strategies to distribute malware and capture account credentials.

The report also covers real-world cases involving malvertising campaigns targeting platforms like Meta, phishing attacks, and the use of deepfakes featuring figures like Donald Trump and Elon Musk to deceive a wider audience.

Researcher Ionuț Baltariu confirms that these tactics have not only continued but escalated into early 2025.

Attackers have exploited major CS2 tournaments, using hijacked channels to stream fake coverage and embed scams. Deepfake podcasts and fraudulent cryptocurrency giveaways also feature among the continuing methods of deception.

Potential future threats include the increased production of sophisticated deepfake content, exploiting fake software or game cheats to deliver malware, and the use of tools claiming to bypass geo-restrictions to install malicious content.

Bitdefender advocates for protective measures such as enabling multi-factor authentication, scrutinising sponsorship offers, monitoring account activity, educating team members, and staying informed through official security bulletins to safeguard against these evolving threats.