New Attack Hijacks Popular YouTube Gaming Channels to Steal Steam Accounts

Cybersecurity researchers at Bitdefender Labs have uncovered a sophisticated scam targeting the Counter-Strike 2 (CS2) gaming community.

Cybercriminals are hijacking popular YouTube gaming channels to impersonate professional players and lure unsuspecting fans into fraudulent schemes.

These scams, timed to coincide with major esports events like IEM Katowice 2025 and PGL Cluj-Napoca 2025, result in stolen Steam accounts, cryptocurrency theft, and the loss of valuable in-game items.

Exploiting YouTube Channels for Fraud

The attack begins with the compromise of YouTube accounts that already have a substantial subscriber base.

Once hijacked, these accounts are stripped of their original content and rebranded to mimic well-known CS2 players such as Oleksandr “s1mple” Kostyljev or Nikola “NiKo” Kovač.

The scammers then launch fake livestreams, looping old gameplay footage to create the illusion of live content from these professional players.

During these streams, viewers are enticed with promises of free CS2 skins or cryptocurrency rewards.

QR codes or links displayed on the screen direct users to fraudulent websites where they are asked to log in with their Steam credentials or send cryptocurrency for a supposed “double return.”

Victims who comply unknowingly grant scammers access to their Steam accounts, leading to the theft of valuable in-game items.

Cryptocurrency sent to scammer-controlled wallets is also immediately siphoned off.

Crypto-Based Scams and High-Profile Events

In addition to Steam account theft, scammers exploit “crypto-doubling” schemes.

These involve convincing victims to send Bitcoin or Ethereum under the false promise of receiving double the amount back.

Fraudulent websites often claim affiliations with legitimate platforms like CS.MONEY or esports sponsors, advertising fake multi-million-dollar prize pools to enhance credibility.

The timing of these scams is strategic. Major tournaments such as IEM Katowice 2025 and PGL Cluj-Napoca 2025 draw millions of viewers, providing an ideal platform for scammers to maximize visibility and engagement.

Bitdefender Labs highlights several red flags for gamers:

• Promises to double cryptocurrency deposits are always scams.
• Requests for crypto payments as a condition for giveaways should be avoided.
• Lack of verifiable affiliations with official esports teams or organizers is a key indicator of fraud.

To stay safe, gamers should verify the authenticity of YouTube channels by checking for recent uploads and legitimate interactions from real players.

Avoid clicking on suspicious links or scanning QR codes from unverified sources.

Enabling multi-factor authentication (MFA) on Steam accounts adds an extra layer of security against unauthorized access.

Gaming content creators are also at risk, as scammers target their channels for account takeovers and fraudulent activities.

Bitdefender emphasizes the importance of robust cybersecurity measures, including AI-driven threat protection tools like Bitdefender Security for Creators, to safeguard channels and audiences from exploitation.

As esports continues to grow in popularity, so do the risks posed by cybercriminals exploiting its fanbase.

Gamers are urged to remain vigilant and skeptical of offers that seem too good to be true because in the world of online gaming, nothing valuable comes for free.

Free Webinar: Better SOC with Interactive Malware Sandbox for Incident Response, and Threat Hunting - Register Here