Cybercriminals have increasingly targeted influential social media accounts in 2024 and early 2025, hijacking popular YouTube channels and other platforms to carry out scams, distribute malware, and steal personal and financial data from millions of viewers. Research conducted by Bitdefender Labs reveals a sharp rise in these account takeovers, with content creators and influencers becoming primary targets due to their large followings and extensive viewership.
According to Bitdefender, over 9,000 malicious livestreams were detected on YouTube in 2024 alone. These livestreams are often broadcast from hijacked channels that mimic trusted brands and public figures, aiming to deceive viewers into falling victim to fraud. One notably compromised account recorded a total view count of 12.4 billion; if merely 1% of those viewers were deceived, the potential victim count would reach 124 million users.
Attackers frequently impersonate well-known companies such as Tesla, Ripple, and SpaceX. They also employ deepfake technology to create fake livestreams featuring public figures like Elon Musk and Donald Trump. These productions commonly promote cryptocurrency scams and phishing attempts to trick viewers into divulging sensitive information or transferring digital assets.
Instagram has similarly been a focus for hackers, with phishing tactics including impersonations of Meta or Instagram Support, cloning of login pages, and coercing creators into sharing SMS verification codes. The exploitation extends beyond direct account takeover attempts; malicious sponsorship agreements lure creators into downloading malware-laden files disguised as promotional content. Additionally, malvertising campaigns advertise fraudulent AI tools or popular games like Grand Theft Auto VI to install information-stealing software and remote access trojans on victims’ devices.
These cyberattacks often coincide with events that attract large online audiences, such as Apple keynotes, high-profile legal cases like the XRP-SEC lawsuit, or notable gaming tournaments such as Counter-Strike 2 (CS2). Attackers use these occasions of heightened public interest to launch fake livestreams or scams disguised as official contests. For example, during the 2025 White House Crypto Summit, fraudulent YouTube streams promoted fake cryptocurrency airdrops to trick viewers into surrendering sensitive credentials and funds.
To mitigate these risks, Bitdefender recommends that content creators adopt robust security practices. These include using the most secure web browsers available, enabling multi-factor authentication (MFA) on all social media accounts, and continuously monitoring for unusual account activity. Creators should exercise caution when reviewing sponsorship offers, especially those linked to trending topics, to avoid being manipulated into downloading malicious files or participating in scams.
Further protective measures involve implementing strong Distributed Denial of Service (DDoS) protection to prevent service interruptions following account breaches and employing reliable proxy services to increase anonymity and security when managing multiple accounts. Bitdefender also stresses the importance of educating team members about current cyber threats and keeping up to date with official security advice from social media platforms and cybersecurity experts.
To support creators in defending their online presence, Bitdefender offers specialized solutions such as Bitdefender Security for Creators, which provides continuous account monitoring, scam email filtering, and guided recovery options in the event of a security incident.
This ongoing wave of cybercrime highlights the evolving tactics used against influential figures across YouTube, Instagram, and other social media, underscoring the need for heightened vigilance and comprehensive security measures in the digital ecosystem.
Source: Noah Wire Services