>_ The Tux Press

Linus Tech Tips Got Hacked!

March 24, 2023 :: Sherlock Holmes

#Linus #Tech

Well, well. Who would have thought. Linus Tech Tips’ (LTT) YouTube channel (along with TechQuickie) got hacked. Here is a overview of events:

The Hack

Not much information is known about how Linus got hacked, but there have been great speculation that it could be due to a cookie stealer malware. This malware could have been installed on one of the empoyees’ computer at Linus Media Group (LMG), and would have stolen his cookies for the LTT Google account. This would have allowed the hacker to log into Linus Tech Tips’ YouTube account, and upload the video. The hacker also changed the account’s password and 2FA authentication method, locking out Linus and the rest of the LMG team. Google should have asked for the account’s original password before allowing the password to be changed. This will reduce the effectiveness of suck hacks greatly and allow the user to regain access to their account. Such hacks are extrememly easy to perform and hard to detect, and are becoming more and more common. For example, such malware could be obtained through clicking suspicious Google Ads, which point to a malicious domain. Google really needs to get their act together and clear up these issues.

Leaked Private Videos

After the hacker gained access to the YouTUbe channel, he set many of the hidden private videos to public, and appended the words “LTT Hacked” to each video title.

The LiveStream

Then, the hacker rebranded the channel to “Tesla” and started a livestream, showing Elon Musk talking about how Bitcoin and Etherum are going to skyrocket in 2023. Here is a photo of the channel:

LTT rebranded to fake Tesla account

And here is a photo of the livestream:

Elon Musk livestream

The livestream encouraged viewers to send cryptocurrency to a wallet address in exchange for 2x the amount they sent. Obviously, the money was not sent back upon transaction.

Lessons Learned

So, what can we do to prevent this?

  1. Clear cookies upon closing your browser. Since the employees already have the login credentials to the account, they do not need to stay logged into the YouTUbe channel. This will prevent malware from stealing the cookies.

  2. Do not click suspicious links. Stay away from google ads, and use a adblocker (like ublock origin) if necessary.

DISCLAIMER: The opinions expressed in this article are solely that of the author’s, and do not represent the opinions of any organisation, affiliated or otherwise. While care has been taken to ensure factual accuracy, statements being fully accurate and impartial is not guaranteed.