Serenityttg

Humans are humans.  Generally cons are never new.  People have been falling for basically the same stuff for centuries.  Often far longer.  The danger is in thinking one is somehow special, and therefore immune.

There is a huge hack on dozens of European based YouTube channels. Unknown hacking group, supposedly based in Russia, is currently using stolen channels for promoting their bitcoin scam.
 
Yesterday, a YouTuber called Roth Wellden received an advertising offer for their supposed streaming service called Gloom (which was later found to be a copy of another product called Remotr) with a link to their page and supposed license for their product. When he downloaded setup program for their "product" and tried to launch it, nothing happened. It was this moment when he realized that something was wrong, so he deleted that setup file. However, later that day he suddenly lost complete access to his channel with over 319 000 subscribers. Hackers were able to bypass two factor authentication and quickly gain full access to his account. About two hours later he found out that hackers even stole pictures of his ID card, which he had saved on his computer for authentication purposes. Roth Wellden regained access to his channel at 31st of December 2019.
 
Update (2nd of January 2020):
Hack in example mentioned above was probably executed via a malware hidden in the setup file Roth downloaded that stole cookies and session ID of his browser and created a backdoor to his computer, which hackers used to access his computer, stealing more data. YouTube at the time of writing this update reinstated most of the affected channels but the thread is still present so be aware of what email exactly are you opening as you should do all the time.
 
It was later found out that this problem happened to multiple YouTube channels, all based in Europe. For example:
https://www.youtube.com/channel/UCDkprLUEGpaaeXXSN6fIeDg
https://www.youtube.com/channel/UC-Ew7ux-YFW5dynuymiU_xw
https://www.youtube.com/channel/UCnppe64ZYf9r5r6kuR94PYQ
 
As you can see, all affected channels are renamed to "Binance" or "Changpeng Zhao [Binance CEO CZ]", however Mr. Zhao said himself that he or his company are not involved in those attacks and attackers are using their names for malicious purposes.
 
Some channels were later sold to other people to use for multitude of others cryptocurrency scams like in the case of the first channel listed above.
 


   Stolen channel being offered on Russian market
 
Sources: (Disclaimer: articles are in Czech language)
https://tn.nova.cz/clanek/ceskemu-youtuberovi-ukradli-ucet-s-310-tisici-lidmi-smazali-i-videa.html
https://refresher.cz/78829-Ceskemu-youtuberovi-s-300-000-odberateli-ukradli-ucet-Jeho-kanal-ted-vysila-podvodny-stream-o-kryptomenach?fbclid=IwAR1Cox1UFCXEKUsr4n8GshDR4fqLJQVdY-IHPrkk1yZaIsGgJLWrSfkmljc&gdpr-accept=1
https://freebit.cz/uz-nejste-vlastnikem-kanalu-roth-wellden-krypto-scam-zasahl-youtubery/
 

          Example of hacked channel.

           Example of email with said offer. Some people report that they had a link to GameGloom website which contained infected setup file they downloaded.

Do not open email on your computer that has so many authentications and ways to go around the authentications. Sounds like he got phished and since he put everything on one computer with ways to get around his own security it cannot be fully blamed on the person who stole his information. Sucks when this happens but it shows how important proper security practices are and why there are entire departments/companies that specialize in this. Hopefully people on youtube do not get scammed from the videos as they look very obvious lol. 

Oh wow, it sucks to be a youtuber nowadays huh. Glad you are an aware content creator.

There is a huge hack on dozens of European based YouTube channels. Unknown hacking group, supposedly based in Russia, is currently using stolen channels for promoting their bitcoin scam.
 
Yesterday, a YouTuber called Roth Wellden received an advertising offer for their supposed streaming service called Gloom (which was later found to be a copy of another product called Remotr) with a link to their page and supposed license for their product. When he downloaded setup program for their "product" and tried to launch it, nothing happened. It was this moment when he realized that something was wrong, so he deleted that setup file. However, later that day he suddenly lost complete access to his channel with over 319 000 subscribers. Hackers were able to bypass two factor authentication and quickly gain full access to his account. About two hours later he found out that hackers even stole pictures of his ID card, which he had saved on his computer for authentication purposes. Roth Wellden regained access to his channel at 31st of December 2019.
 
Update (2nd of January 2020):
Hack in example mentioned above was probably executed via a malware hidden in the setup file Roth downloaded that stole cookies and session ID of his browser and created a backdoor to his computer, which hackers used to access his computer, stealing more data. YouTube at the time of writing this update reinstated most of the affected channels but the thread is still present so be aware of what email exactly are you opening as you should do all the time.
 
It was later found out that this problem happened to multiple YouTube channels, all based in Europe. For example:
https://www.youtube.com/channel/UCDkprLUEGpaaeXXSN6fIeDg
https://www.youtube.com/channel/UC-Ew7ux-YFW5dynuymiU_xw
https://www.youtube.com/channel/UCnppe64ZYf9r5r6kuR94PYQ
 
As you can see, all affected channels are renamed to "Binance" or "Changpeng Zhao [Binance CEO CZ]", however Mr. Zhao said himself that he or his company are not involved in those attacks and attackers are using their names for malicious purposes.
 
Some channels were later sold to other people to use for multitude of others cryptocurrency scams like in the case of the first channel listed above.
 


   Stolen channel being offered on Russian market
 
Sources: (Disclaimer: articles are in Czech language)
https://tn.nova.cz/clanek/ceskemu-youtuberovi-ukradli-ucet-s-310-tisici-lidmi-smazali-i-videa.html
https://refresher.cz/78829-Ceskemu-youtuberovi-s-300-000-odberateli-ukradli-ucet-Jeho-kanal-ted-vysila-podvodny-stream-o-kryptomenach?fbclid=IwAR1Cox1UFCXEKUsr4n8GshDR4fqLJQVdY-IHPrkk1yZaIsGgJLWrSfkmljc&gdpr-accept=1
https://freebit.cz/uz-nejste-vlastnikem-kanalu-roth-wellden-krypto-scam-zasahl-youtubery/
 

          Example of hacked channel.

           Example of email with said offer. Some people report that they had a link to GameGloom website which contained infected setup file they downloaded.

There is a huge hack on dozens of European based YouTube channels. Unknown hacking group, supposedly based in Russia, is currently using stolen channels for promoting their bitcoin scam.
 
Yesterday, a YouTuber called Roth Wellden received an advertising offer for their supposed streaming service called Gloom (which was later found to be a copy of another product called Remotr) with a link to their page and supposed license for their product. When he downloaded setup program for their "product" and tried to launch it, nothing happened. It was this moment when he realized that something was wrong, so he deleted that setup file. However, later that day he suddenly lost complete access to his channel with over 319 000 subscribers. Hackers were able to bypass two factor authentication and quickly gain full access to his account. About two hours later he found out that hackers even stole pictures of his ID card, which he had saved on his computer for authentication purposes. Roth Wellden regained access to his channel at 31st of December 2019.
 
Update (2nd of January 2020):
Hack in example mentioned above was probably executed via a malware hidden in the setup file Roth downloaded that stole cookies and session ID of his browser and created a backdoor to his computer, which hackers used to access his computer, stealing more data. YouTube at the time of writing this update reinstated most of the affected channels but the thread is still present so be aware of what email exactly are you opening as you should do all the time.
 
It was later found out that this problem happened to multiple YouTube channels, all based in Europe. For example:
https://www.youtube.com/channel/UCDkprLUEGpaaeXXSN6fIeDg
https://www.youtube.com/channel/UC-Ew7ux-YFW5dynuymiU_xw
https://www.youtube.com/channel/UCnppe64ZYf9r5r6kuR94PYQ
 
As you can see, all affected channels are renamed to "Binance" or "Changpeng Zhao [Binance CEO CZ]", however Mr. Zhao said himself that he or his company are not involved in those attacks and attackers are using their names for malicious purposes.
 
Some channels were later sold to other people to use for multitude of others cryptocurrency scams like in the case of the first channel listed above.
 


   Stolen channel being offered on Russian market
 
Sources: (Disclaimer: articles are in Czech language)
https://tn.nova.cz/clanek/ceskemu-youtuberovi-ukradli-ucet-s-310-tisici-lidmi-smazali-i-videa.html
https://refresher.cz/78829-Ceskemu-youtuberovi-s-300-000-odberateli-ukradli-ucet-Jeho-kanal-ted-vysila-podvodny-stream-o-kryptomenach?fbclid=IwAR1Cox1UFCXEKUsr4n8GshDR4fqLJQVdY-IHPrkk1yZaIsGgJLWrSfkmljc&gdpr-accept=1
https://freebit.cz/uz-nejste-vlastnikem-kanalu-roth-wellden-krypto-scam-zasahl-youtubery/
 

          Example of hacked channel.

           Example of email with said offer. Some people report that they had a link to GameGloom website which contained infected setup file they downloaded.

Doesn't always work that way. When someone is only trying to get their day's work done they are not going to be thinking about scams and stuff.

There is a huge hack on dozens of European based YouTube channels. Unknown hacking group, supposedly based in Russia, is currently using stolen channels for promoting their bitcoin scam.
 
Yesterday, a YouTuber called Roth Wellden received an advertising offer for their supposed streaming service called Gloom (which was later found to be a copy of another product called Remotr) with a link to their page and supposed license for their product. When he downloaded setup program for their "product" and tried to launch it, nothing happened. It was this moment when he realized that something was wrong, so he deleted that setup file. However, later that day he suddenly lost complete access to his channel with over 319 000 subscribers. Hackers were able to bypass two factor authentication and quickly gain full access to his account. About two hours later he found out that hackers even stole pictures of his ID card, which he had saved on his computer for authentication purposes. Roth Wellden regained access to his channel at 31st of December 2019.
 
Update (2nd of January 2020):
Hack in example mentioned above was probably executed via a malware hidden in the setup file Roth downloaded that stole cookies and session ID of his browser and created a backdoor to his computer, which hackers used to access his computer, stealing more data. YouTube at the time of writing this update reinstated most of the affected channels but the thread is still present so be aware of what email exactly are you opening as you should do all the time.
 
It was later found out that this problem happened to multiple YouTube channels, all based in Europe. For example:
https://www.youtube.com/channel/UCDkprLUEGpaaeXXSN6fIeDg
https://www.youtube.com/channel/UC-Ew7ux-YFW5dynuymiU_xw
https://www.youtube.com/channel/UCnppe64ZYf9r5r6kuR94PYQ
 
As you can see, all affected channels are renamed to "Binance" or "Changpeng Zhao [Binance CEO CZ]", however Mr. Zhao said himself that he or his company are not involved in those attacks and attackers are using their names for malicious purposes.
 
Some channels were later sold to other people to use for multitude of others cryptocurrency scams like in the case of the first channel listed above.
 


   Stolen channel being offered on Russian market
 
Sources: (Disclaimer: articles are in Czech language)
https://tn.nova.cz/clanek/ceskemu-youtuberovi-ukradli-ucet-s-310-tisici-lidmi-smazali-i-videa.html
https://refresher.cz/78829-Ceskemu-youtuberovi-s-300-000-odberateli-ukradli-ucet-Jeho-kanal-ted-vysila-podvodny-stream-o-kryptomenach?fbclid=IwAR1Cox1UFCXEKUsr4n8GshDR4fqLJQVdY-IHPrkk1yZaIsGgJLWrSfkmljc&gdpr-accept=1
https://freebit.cz/uz-nejste-vlastnikem-kanalu-roth-wellden-krypto-scam-zasahl-youtubery/
 

          Example of hacked channel.

           Example of email with said offer. Some people report that they had a link to GameGloom website which contained infected setup file they downloaded.

There is atleast one with almost million subs. I guess youtube is not feeding them enough nowadays.

Its not a  "massive hack", its called phishing attack. These extremely common nowadays, I get emails asking for price quotes with excel files and when you open them some sort of shit happens and there goes your data.

Bussines email says about page gamegloom.com but real page is remotrapp.com

Its a bussines mail, Roth Wellden cant know about scam.

There is a huge hack on dozens of European based YouTube channels. Unknown hacking group, supposedly based in Russia, is currently using stolen channels for promoting their bitcoin scam.
 
Yesterday, a YouTuber called Roth Wellden received an advertising offer for their supposed streaming service called Gloom (which was later found to be a copy of another product called Remotr) with a link to their page and supposed license for their product. When he downloaded setup program for their "product" and tried to launch it, nothing happened. It was this moment when he realized that something was wrong, so he deleted that setup file. However, later that day he suddenly lost complete access to his channel with over 319 000 subscribers. Hackers were able to bypass two factor authentication and quickly gain full access to his account. About two hours later he found out that hackers even stole pictures of his ID card, which he had saved on his computer for authentication purposes. Roth Wellden regained access to his channel at 31st of December 2019.
 
Update (2nd of January 2020):
Hack in example mentioned above was probably executed via a malware hidden in the setup file Roth downloaded that stole cookies and session ID of his browser and created a backdoor to his computer, which hackers used to access his computer, stealing more data. YouTube at the time of writing this update reinstated most of the affected channels but the thread is still present so be aware of what email exactly are you opening as you should do all the time.
 
It was later found out that this problem happened to multiple YouTube channels, all based in Europe. For example:
https://www.youtube.com/channel/UCDkprLUEGpaaeXXSN6fIeDg
https://www.youtube.com/channel/UC-Ew7ux-YFW5dynuymiU_xw
https://www.youtube.com/channel/UCnppe64ZYf9r5r6kuR94PYQ
 
As you can see, all affected channels are renamed to "Binance" or "Changpeng Zhao [Binance CEO CZ]", however Mr. Zhao said himself that he or his company are not involved in those attacks and attackers are using their names for malicious purposes.
 
Some channels were later sold to other people to use for multitude of others cryptocurrency scams like in the case of the first channel listed above.
 


   Stolen channel being offered on Russian market
 
Sources: (Disclaimer: articles are in Czech language)
https://tn.nova.cz/clanek/ceskemu-youtuberovi-ukradli-ucet-s-310-tisici-lidmi-smazali-i-videa.html
https://refresher.cz/78829-Ceskemu-youtuberovi-s-300-000-odberateli-ukradli-ucet-Jeho-kanal-ted-vysila-podvodny-stream-o-kryptomenach?fbclid=IwAR1Cox1UFCXEKUsr4n8GshDR4fqLJQVdY-IHPrkk1yZaIsGgJLWrSfkmljc&gdpr-accept=1
https://freebit.cz/uz-nejste-vlastnikem-kanalu-roth-wellden-krypto-scam-zasahl-youtubery/
 

          Example of hacked channel.

           Example of email with said offer. Some people report that they had a link to GameGloom website which contained infected setup file they downloaded.

He told me that he got around 5 offers that day and it slipped through his filter.

Nothing else to say but to watch what out for scams nowadays. 

There is a huge hack on dozens of European based YouTube channels. Unknown hacking group, supposedly based in Russia, is currently using stolen channels for promoting their bitcoin scam.
 
Yesterday, a YouTuber called Roth Wellden received an advertising offer for their supposed streaming service called Gloom (which was later found to be a copy of another product called Remotr) with a link to their page and supposed license for their product. When he downloaded setup program for their "product" and tried to launch it, nothing happened. It was this moment when he realized that something was wrong, so he deleted that setup file. However, later that day he suddenly lost complete access to his channel with over 319 000 subscribers. Hackers were able to bypass two factor authentication and quickly gain full access to his account. About two hours later he found out that hackers even stole pictures of his ID card, which he had saved on his computer for authentication purposes. Roth Wellden regained access to his channel at 31st of December 2019.
 
Update (2nd of January 2020):
Hack in example mentioned above was probably executed via a malware hidden in the setup file Roth downloaded that stole cookies and session ID of his browser and created a backdoor to his computer, which hackers used to access his computer, stealing more data. YouTube at the time of writing this update reinstated most of the affected channels but the thread is still present so be aware of what email exactly are you opening as you should do all the time.
 
It was later found out that this problem happened to multiple YouTube channels, all based in Europe. For example:
https://www.youtube.com/channel/UCDkprLUEGpaaeXXSN6fIeDg
https://www.youtube.com/channel/UC-Ew7ux-YFW5dynuymiU_xw
https://www.youtube.com/channel/UCnppe64ZYf9r5r6kuR94PYQ
 
As you can see, all affected channels are renamed to "Binance" or "Changpeng Zhao [Binance CEO CZ]", however Mr. Zhao said himself that he or his company are not involved in those attacks and attackers are using their names for malicious purposes.
 
Some channels were later sold to other people to use for multitude of others cryptocurrency scams like in the case of the first channel listed above.
 


   Stolen channel being offered on Russian market
 
Sources: (Disclaimer: articles are in Czech language)
https://tn.nova.cz/clanek/ceskemu-youtuberovi-ukradli-ucet-s-310-tisici-lidmi-smazali-i-videa.html
https://refresher.cz/78829-Ceskemu-youtuberovi-s-300-000-odberateli-ukradli-ucet-Jeho-kanal-ted-vysila-podvodny-stream-o-kryptomenach?fbclid=IwAR1Cox1UFCXEKUsr4n8GshDR4fqLJQVdY-IHPrkk1yZaIsGgJLWrSfkmljc&gdpr-accept=1
https://freebit.cz/uz-nejste-vlastnikem-kanalu-roth-wellden-krypto-scam-zasahl-youtubery/
 

          Example of hacked channel.

           Example of email with said offer. Some people report that they had a link to GameGloom website which contained infected setup file they downloaded.