Linus Tech Tips, Tech Quickie, Tech Linked channels hacked

[wanderingfool2]

12 minutes ago, TheTripleDeuce said:

y'all need to realize it was a social engineering attack, the signs are EVERYWHERE

The majority of hacks are typically social engineering.  Now if people were saying YouTube were hacked, then it would be overblown, but LTT was hacked.

 

25 minutes ago, n3ptune_cpu said:

i think this is what happened

 

- a manager or employee in LTT was searching to downlaod something 
- a google ad was placed on top of the search results with “the download link”
- this “download link” claims to be legit however it’s actually redline stealer
- they copy the site and also abuse discord cdn to distribute the links
- probably that person downloaded it and ran it
- which then now LTT has redline on one of their systems which allows access to the entire channels and accounts 

There actually some unique ways of doing things now.  Like what ThioJoe did in one of his videos, you could have an "exe" that uses the unicode character to invert it...so you even with file extensions on it looks like "LegitDocaexe.docx" (and it uses a Word Icon).  It's actually something that if someone isn't paying attention could easily miss.  So it's not even as often as finding the wrong exe, and could easily come from a targeted email attack, from a spoofed address of a sponsor.

 

I've actually seen a similar type of attack before (spoofed email), pretending to be an owner asking for a wire (mixed in with the correct wording and timing of the owner being abroad and making a similar request and it nearly worked)

[steelo]

Well, this must be embarrassing.

[TechXplore]

This is just terrible, though. I checked, all the videos that were "unlisted" are now actually gone. It could be that YouTube is still working on it, or maybe the channel was flagged so many times that its just gone...I am hoping this gets fixed really soon

[Wolves of the West]

Considering the outage event, you think we could stream techtips on floatplane without paying?

 

I can't even watch the video of Linus crying. lol Too soon?

[LightJack05]

4 minutes ago, Moortu said:

They actually make the files huge so that they can't be uploaded to totalvirus scan and it takes a while to scan by a virus scanner.

It can even go as far as to not have any bad code at first, but it downloads it later. so when it is first scanned the virus scan will not find anything

Yeah but even if it downloads it, behaviour analysis should catch that once it executes... Redline is not exactly the newest in the world after all...

[TheTrueSlugman]

Has anything like this happened to them previously?

[LightJack05]

23 minutes ago, Moortu said:

Perhaps not

I doubt just anyone can log in and upload videos.

So they can narrow it down to computers of people that are able to log in

I don't know LMGs architecture IT-Wise, but worst case would be that the malware infected the Domain Controller (if they have one) and is basically on every PC... And server... Unlikely though I think...

[Needfuldoer]

2 minutes ago, TechXplore said:

This is just terrible, though. I checked, all the videos that were "unlisted" are now actually gone. It could be that YouTube is still working on it, or maybe the channel was flagged so many times that its just gone...I am hoping this gets fixed really soon

YouTube nuked the channels to finally get them out of the hijackers' hands. I'm sure they'll put them back once the fire's out.

 

2 minutes ago, Wolves of the West said:

Considering the outage event, you think we could stream techtips on floatplane without paying?

There's always ShortCircuit and Channel Super Fun.

 

 

I bet they could stream evergreen content to Twitch if they had the streaming PC set up for it, but I don't think they'd open up Floatplane for free unless it really hit the fan.

 

[Totalfet]

I really hope they can fix this situation

[Phrozenbit]

Geez just got the news, and feel so bad. I feel the urge to do something about this. Not helping out LMG directly but for example finding out legal ways to crack down on crypto scammers? As a long time loyal fan such a thing would be the least I could do. Does anyone have any idea's ?

[LightJack05]

Just now, Phrozenbit said:

Geez just got the news, and feel so bad. I feel the urge to do something about this. Not helping out LMG directly but for example finding out legal ways to crack down on crypto scammers? As a long time loyal fan such a thing would be the least I could do. Does anyone have any idea's ?

I saw some tesla streams in my sub notifications, and it actually took me a bit to realize who it happened to...

[Robonwars]

Just now, Phrozenbit said:

Geez just got the news, and feel so bad. I feel the urge to do something about this. Not helping out LMG directly but for example finding out legal ways to crack down on crypto scammers? As a long time loyal fan such a thing would be the least I could do. Does anyone have any idea's ?

buy floteplane sub watch ltt

[Drazil100]

4 minutes ago, Wolves of the West said:

Considering the outage event, you think we could stream techtips on floatplane without paying?

 

I can't even watch the video of Linus crying. lol Too soon?

Unlikely. Floatplane I believe only supports paid viewers as I doubt they have the capital to finance public streaming. It would take dev work to make a public stream that I doubt they want to do. They do stream WAN on twitch though so if they are still down on YouTube tomorrow check their twitch channel.

[PointyJackalope]

I hope we they will make a video about this and youtube will finally does something about this , because it is terrifying that no matter how good is your password it does nothing in terms of security of your account

[Waifu4Life]

3 hours ago, Ethan_Hohl said:

And how would this help preventing scams? 

Google gift cards should be outlawed, too, by this type of logic.

Especially cash money and gold is used extensively for criminal activities worldwide.

Why not outlaw all of this and go back to trading food or things directly in exchange?

 

...just kidding

 

I'm obviously talking about hacking and ransomwares. Ever since crypto emerged, hacking & ransomwares have skyrocketed. With the small percentage fraction of people who get rich out of this, crypto has proven to be more harmful than good in society and when that happens, this is when governments needs to step in.

[Phrozenbit]

Just now, Robonwars said:

buy floteplane sub watch ltt

Will definitely do that now, this event is probably one of the reasons why they are building their own platform

[Leo_B]

4 hours ago, NelizMastr said:

That's not LTT. LTT channel is offline. That's TQ

Oh ok, not quite as bad then, still really bad though

[Spotty]

5 minutes ago, Needfuldoer said:

There's always ShortCircuit and Channel Super Fun.

Can we get some Tech Tips?

No, we have Tech Tips at home
The Tech Tips we have at home:

 

 

[Thaldor]

20 minutes ago, Moortu said:

Perhaps not

I doubt just anyone can log in and upload videos.

So they can narrow it down to computers of people that are able to log in

Looking at what is left it's the one responsible for just the 3 channels. I am sure that LMG clips and ShortCircuit has different person responsible for the content and most likely for the uploads than the LTT, Channel Super Fun has always been a bit as it's own entity and I would guess same goes for Mac Address and They're Just Movies.

 

At least we can rule Linus out of the suspects since LinusCatTips is unaffected. Who would have thought LCT living longer than LTT

[LightJack05]

I wonder whether it was actually Social Engineering, or if there was an exploit that just allowed for 0-click RCE... It definitely looks like the actual machine of someone responsible for management of these channels got compromised... 

[LightJack05]

3 minutes ago, Spotty said:

Can we get some Tech Tips?

No, we have Tech Tips at home
The Tech Tips we have at home:

 

 

I love the tech tips we have at home.

[Robonwars]

1 minute ago, LightJack05 said:

I wonder whether it was actually Social Engineering, or if there was an exploit that just allowed for 0-click RCE... It definitely looks like the actual machine of someone responsible for management of these channels got compromised... 

maybe yt has a 0day exploit by the volume of channels being hacked lately

[Seskalwolfe]

I wonder the odds this is a move to drive for Floatplane memberships. It's working on me lol

[Middcore]

16 minutes ago, TechXplore said:

This is just terrible, though. I checked, all the videos that were "unlisted" are now actually gone. It could be that YouTube is still working on it, or maybe the channel was flagged so many times that its just gone...I am hoping this gets fixed really soon

LTT will be fine. All the videos will get restored. A channel this big, YouTube will bend over backwards for them. 

[Drazil100]

1 minute ago, PointyJackalope said:

I hope we they will make a video about this and youtube will finally does something about this , because it is terrifying that no matter how good is your password it does nothing in terms of security of your account

They don't even have to post the video to get YouTube to act on this. They know that Linus is either going to cover this on WAN show or that he will make a dedicated video on it. They are probably putting in every effort they can into showing they are taking action so that when the video comes they look good.