Hackers go after influencers and content creators to hit followers with malware, steal data

News
By published

Large social media channels are being targeted and abused

A person holding a phone looking at a scam text with warning signs around
(Image credit: Shutterstock / Ken Stocker)
  • Hackers are increasingly targeting social media influencers and content creators
  • Their accounts have enormous reach, which crooks can use to deploy malware
  • Followers are often drawn into crypto scams and identity theft

Cybercriminals are increasingly targeting social media influencers and other popular individuals in an attempt to infect their followers with malware, draw them into crypto scams, or steal their sensitive information.

A new report from Bitdefender has warned the trend was widespread in 2024, and has now continued into 2025 too.

Threat actors would first approach social media influencers and content creators in different ways, the report notes - they might offer fake sponsorship deals, fake advanced AI-powered video software, or through simple phishing attacks. If the victim falls for the trick and downloads malware, the attackers get ahold of the login credentials for the different platforms they’re using (YouTube, Instagram, TikTok, and others).

Monitor your credit score with TransUnion starting at $29.95/month

Monitor your credit score with TransUnion starting at $29.95/month

TransUnion is a credit monitoring service that helps you stay on top of your financial health. With real-time alerts, credit score tracking, and identity theft protection, it ensures you never miss important changes. You'll benefit from a customizable online interface with clear insights into your credit profile. Businesses also benefit from TransUnion’s advanced risk assessment tools.

Preferred partner (What does this mean?)

View Deal

Millions of people at risk

The platforms are then used to target the followers in different ways.

For example, Bitdefender says there were more than 9,000 malicious live streams on YouTube alone.

“These streams often appear legitimate at first glance, but they are controlled by hackers who have rebranded compromised channels,” they said. Rebrands often spoof major names such as Donald Trump, Elon Musk (a favorite among crypto scammers), Michael Saylor, or Brad Garlinghouse.

The researchers believe this is a major problem, with millions of people at risk. In fact, one compromised YouTube account was followed by more than 28 million people, and another compromised account has had more than 12 billion views in total.

“The staggering number underscores the global reach that threat actors can access,” Bitdefender added. “If cybercriminals convert just 1% of those views, that equates to a staggering 124 million potential victims exposed to scams, malware, or data theft.”

During these live streams, crooks would promote malicious domains, which they can use to steal credentials, people’s cryptocurrency holdings, or personal information.

Content creators are advised to tighten up on security, while followers should be skeptical of everything they see online, including information coming from their favorite influencer.

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.