Posted on September 23, 2019 at 10:21 AM
It is a fearful time indeed to be a Youtuber, as many of the automotive review and auto-tuning niche within Youtube can very safely claim. ZDNet followed a lead from one of their readers and discovered that multiple high standing Youtube channels had been hacked through a sophisticated attack on their accounts.
Figures like Built, Troy Sowyers, MaxtCheckVids, PURE Function and Musafir have suffered the far reaching effects of this debacle, and all their accounts are now unavailable or even removed at the time of this writing.
The worst thing is that many other Youtube Creators were affected by this, far smaller than these giants that have been slain in the above links. They have even less of a chance to recover from this debacle as the people cited within this article
The Hackers were Efficient, Bypassing the 2-step Verification as Well
These hackers were both organized and practiced. One of the Youtube creators explained that they had a clear Modus Operandi when hacking accounts:
- They first lure their victims in with a phishing email, taking them to a fraudulent Google page where they put in their login details.
- When the credentials are collected, they simply hack the account using this information.
- They reassign the ownership of these Youtube channels to themselves and change the custom URL of these channels so the content creator themselves, along with their fans, become convinced the entire channel was removed.
These phishing were not clearly devious. With the private information of just one content creator that’s a known friend to others, they can create completely convincing emails from their victim’s accounts and then spread the disease to even more innocents either through a personal email or a chain email with the former content creators attached to make it seem credible.
A content creator posted this video commenting on the events. He claimed that these could overcome the 2-step verification system Youtube gives you as an optional security improvement. He had the suspicion they used a toolkit that is capable of bypassing this, but of those kits, specifically a reverse-proxy toolkit, there are too many to be able to safely guess which one they used, if at all.
The owner of Youtube Channel by the name of PURE Function stated that he used a 2-step verification system to ensure his account’s safety. Thus confirming that the hackers had the ability to bypass it in some way.
Google, rather unsurprisingly, is refraining from commenting at the time of this writing.
The Accounts are Hot Contraband, and the Hackers Want to Sell Quick
ZDNet discussed this matter with a hacker simply known as Askamani. They are an active user on the internet forum called OGUsers. Said forum specializes in trafficking hacked accounts, Youtube accounts only being a slice of that pie.
Akamani explained that this sort of attack was “regular business” in their eyes.
According to Akamani, these kinds of attacks are perfectly normal, but the severity of this attack means that someone managed to steal a list of email accounts. They themselves suspect it was someone getting into an influencer’s data.
Akamani explained that you could send spam phishing as many times as you please, but getting your hands on accounts with a good Subscriber count is a lot more tricky. They reckon that, given the spikes of complaints, that a hacker managed to get their hands on a large database and is reaping the rewards of their misdeeds
They advised to keep our eyes on OGUsers or its Russian counterparts. These accounts are only going to be profitable for a small window of time until Youtube manages to give the Youtube Creators their accounts back. Because of that, they have to sell the accounts really quickly because they completely lose their value in a very short timespan.