Google put out a report detailing a phishing campaign directed at YouTubers, which involved around 15,000 fake accounts and over a million messages to targets. The phishing attempts were carried out by multiple hackers, and the company says it’s recovered around 4,000 accounts since late 2019. The attackers weren’t just trying to get the creators to put their password into a fake website, though — they were trying to infect their computer with malware that would steal their login cookies, which is a much more intensive attack than sending a link and waiting for someone to get sloppy with their passwords.
YouTube doesn’t publicly say who was recruiting the hackers, only that they were using Russian-language forums to advertise. The…