How Linus Tech Tips YouTube channels were hacked to spread a crypto scam
Share this @internewscast.com


YouTube channel Linus Tech Tips and two other Linus Media Group YouTube channels have been restored after a major hack allowed a bad actor to do things like livestream crypto scam videos, change channel names, and even delete videos. In a new video, owner Linus Sebastian explains that the breach bypassed things like password and two-factor protections because the bad actor targeted the session tokens that keep you logged in to websites.

According to Sebastian, someone on the Linus Media Group’s team downloaded “what appeared to be a sponsorship offer from a potential partner” and launched the included PDF with the terms of that offer. But Sebastian says this offer actually included malware that accessed “all user data from both their installed browsers” — including session tokens — which effectively gave the bad actor “an exact copy” of the browsers that they could export and use to wreak havoc without needing to enter security credentials.

Linus Tech Tips, TechLinked, and Techquickie are all back, but Sebastian has some suggestions for YouTube to prevent future breaches of a similar nature. For example, he’d like to see greater security options for certain channel attributes (according to Sebastian, you can change the name of a channel without having to enter a password or use two-factor authentication) and some kind of confirmation or verification request if somebody tries to mass delete videos.

These sorts of YouTube channel takeovers have become increasingly common as of late, and changes like Sebastian’s recommendations would hopefully prevent them from happening in the future. YouTube didn’t immediately respond to a request for comment.

I do recommend watching Sebastian’s full video explanation, which includes more details about what went down. But be warned: the video includes some security footage of a naked (though blurred) Sebastian in his house as he works to figure out what’s going on.

Share this @internewscast.com
You May Also Like

Amazon shoppers rush to buy ‘fast and furious’ £640 iPhone appearing for £320

SHOPPERS are rushing over to Amazon to get their hands on a…

First look at Meta’s Twitter rival ‘based on Instagram’ as Elon Musk slammed by top exec

META has been developing a new Twitter competitor that will be based…

Is Replika AI a real person and how much does it cost?

REPLIKA AI is a ‘companion in your pocket’ app that has branded…

I’m a security expert – all Android users need to edit settings now before common feature leaves you with costly bill

SECURITY researchers have claimed Android fingerprint security isn’t that reliable. If you…

The Vision Pro’s biggest advantage isn’t Apple’s hardware

Apple used the Vision Pro’s $3,499 price tag to give the headset…

How to import your passwords to Chrome and the Google Password Manager

One way, however, that these built-in password managers haven’t stood up to…

The next Sonos Move has shown up at the FCC ahead of its summer release

Back in March, I told you that Sonos is working on a…

You can earn £80 an hour with little-known side hustle – and you don’t need a degree

EXPERTS have urged people to exploit “the biggest new side hustle” gig,…

Bing’s chatbot now lets you ask questions with your voice on desktop

Microsoft is bringing Bing’s voice mode to Edge on desktop. With this…

How to get free electricity in the UK

I know what you’re thinking: what is this ridiculous clickbait headline all…

People are just realizing switching off Wi-Fi router setting instantly boosts security and avoids ‘brute force attack’

A COMMON Wi-Fi router setting could be risking your security at home…

Apple’s AirTag is available at its best price of the year

Father’s Day is next week, and if you’re looking for a good…