YouTube found to contain serious security vulnerabilities

A serious security flaw has just been discovered on YouTube that could lead to the theft of emails of billions of users. The risk of fraud and phishing attacks is "lurking" users of the world's largest video sharing platform.

A security researcher with the nickname Brutecat has discovered a serious security vulnerability on YouTube, allowing bad guys to exploit it to steal the email address of any user. What's worrying is that this exploitation method is considered "relatively simple", posing a major threat to the privacy and information security of billions of YouTube users worldwide.

YouTube found to contain serious security vulnerabilities Picture 1

YouTube was found to contain a serious vulnerability that leaked emails.

According to Brutecat, this vulnerability comes from a combination of security flaws in Google products. By exploiting these flaws, bad guys can easily get the GAIA ID (Google account identifier) ​​of YouTube users, then convert it into the corresponding email address.

This means that nearly 2.5 billion YouTube users, equivalent to a third of the world's population, are at risk of having their emails exposed and becoming targets of phishing attacks. Hackers can use email information to send fake emails, steal personal information, bank accounts or spread malware.

Fortunately, Google quickly patched the vulnerability after receiving a report from Brutecat. The researcher was also awarded a $10,633 reward by Google for his important discovery.

However, YouTube users still need to be vigilant and protect themselves from cyberattacks. Always be cautious with suspicious emails, do not click on strange links, do not download attachments from unknown sources and regularly change your passwords.

Isabella Humphrey

Update 18 February 2025