Linus reveals the cause of Linus Media Group's YouTube hacks
YouTube needs to harden their security against this kind of attack, and doing so should be simple
Published: 24th March 2023 | Source: Linus Tech Tips |
Linus Media Group's YouTube channels were hacked through a fake sponsorship email
YouTube and Google need to harden their security against these hacks
Given how long this type of account theft has been a problem on YouTube, the company has gained a reputation amongst victims as an organisation that does not take this kind of security breach seriously. This has to change. YouTube has the ability to make this kind of account breach impossible by tightening of existing their security mechanisms.
YouTubers have a limited ability to prevent this type of account takeover, as this kind of breach does not require compromised passwords or any other kind of traditional data breach. All they need to do is open a fraudulent attachment from a fake sponsorship email and hackers have the ability to take over their YouTube channels. While this kind of hack can be avoided by teaching YouTubers and their staff how to spot these kinds of attachments, YouTube can stop these hacks entirely by blocking this attack vector.
We hope that YouTube can respond to yesterday's attack by updating their security mechanisms accordingly.
You can join the discussion on Linus Media Group regaining control of their YouTube channels on the OC3D Forums.
Most Recent Comments
I mean FFS, even *I* don't do that, let alone would I at a work place.Quote
How about his staff don't open dodgy PDFs?
I mean FFS, even *I* don't do that, let alone would I at a work place.
It doesn't matter how much you focus on teaching people to not poke the crack in the wall, someone will eventually do it and the wall will break and the water will come flooding in. The correct way to handle these things is to just repair the wall, close the gap or whatever. If you don't, it's only a matter of time untill things go south.
And from the video that they published earlier, it looks like they wrote a very convincing e-mail with no spelling errors and that receiving requests like these is a common thing with their sponsors, so even a very informed person could still end up doing it.
I for one receive PDF files multipe times each day on my e-mail from people who work with me, if one of them infected one of these PDFs or someone else tried to copy the common e-mails I receive daily, unless I caught the different e-mail adress I would certainly fall for it. Given, it's kinda hard for me not to notice an odd e-mail adress because it's not common that my colleagues change their e-mail adresses and a new one would not come with the same contact name, but it could still happen depending, for example on my state of mind at that time or if one of my colleagues recently warned me of an e-mail change or had an issue with his e-mail account, I could literally be expecting a different e-mail to arive.Quote
A colleague internally working in security sent a "test" mail to all of us and copied GSMA (https://www.gsma.com/)
He did it so perfect that 40% of staff followed the link. It was a harmless redirect but still provided him with a counter for how many fell for this phising.Quote