Linus Tech Tips, Tech Quickie, Tech Linked channels hacked

[LightJack05]

2 minutes ago, Robonwars said:

maybe yt has a 0day exploit by the volume of channels being hacked lately

I mean... That is very unlikely... There would be a whole lot more going on if that was the case...

I think it's more probable that there is some software, especially on their servers and public facing that had an exploit... Might also be some vulnerability in an email service or whatever. Something managed to get a RCE on a machine...

[Wolves of the West]

The hacker is likely reading this forum, right now. Dum Dum, DUM!

[LightJack05]

1 minute ago, Wolves of the West said:

The hacker is likely reading this forum, right now. Dum Dum, DUM!

Well greetings to him, he now has Google being very mad at him... I would not feel comfortable with that...

[RafaelSoaresP]

I feel LTT was a shit target for the crypto scam, as the large majority of subs are way too tech savvy to fall for that crap

[FuchsFuchs1]

2 minutes ago, RafaelSoaresP said:

I feel LTT was a shit target for the crypto scam, as the large majority of subs are way too tech savvy to fall for that crap

agreed

[C0MPI]

Lol, I can't imagine what kind of stress this causes for youtube lol

[Needfuldoer]

14 minutes ago, Middcore said:

LTT will be fine. All the videos will get restored. A channel this big, YouTube will bend over backwards for them. 

It's the smaller channels that will get completely hosed.

 

That's why I genuinely hope that once the dust settles and they piece together the sequence of events that led up to it, LTT posts a cautionary tale video. "It happened to us, it can happen to you." The video where old Whonnock server died is a good example for that kind of turning crisis into content. (I'd post a link, but you know...)

[BaidDSB]

do you guys think someone will be fired over this?

[nielsjacquet]

Safest way to avoid these hacks is to have a VM to access only youtube services with service account(s). And never use these accounts on day to day use machines. 
Also enable conditional access and 2fa to login to the VM.

[Phrozenbit]

1 minute ago, nielsjacquet said:

Safest way to avoid these hacks is to have a VM to access only youtube services with service account(s). And never use these accounts on day to day use machines. 
Also enable conditional access and 2fa to login to the VM.

that, and good filters on whatever mail exchange server (or service) they are using, and proper instructions on how to apply security awareness for new employees

[Euphoria]

Just wanted to drop by and say I'm so sorry for the whole LMG team(s), I just happened to check YT as the first videos were going live and immediately I knew something was up.

This must have been terrifying seeing some nuckfuggets taking over your baby, everything you worked for. Jebus H Christ I can't even imagine how gut-wrenching that must have felt!

 

I hope there is no permanent damage or lasting effects, and I know the chances are slim but I hope the douche nozzles get caught or get owned themselves by someone else.

Take care and be safe to everyone at LMG.

[denco101]

12 minutes ago, LightJack05 said:

Well greetings to him, he now has Google being very mad at him... I would not feel comfortable with that...

Looking forward to a stream or video where Linus shows up at the hacker's door... maybe gives them the first tech downgrade, sponsored by any one of the makers of baseball bats...

[abu_shawarib]

6 minutes ago, BaidDSB said:

do you guys think someone will be fired over this?

No, unless it's actual, proven sabotage.

[LightJack05]

4 minutes ago, nielsjacquet said:

Safest way to avoid these hacks is to have a VM to access only youtube services with service account(s). And never use these accounts on day to day use machines. 
Also enable conditional access and 2fa to login to the VM.

Well 0-Trust/Segregation is always a good idea, but only if it is well executed... Also, once the user logs in to the VM, the attacker has access again...

You would have to check for integrity on everything... 

Creating security awareness and putting limitations on code-execution would be ideal in combination with your solution. Basically have a seperate VM (or multiples) for administrator access to the accounts and have them locked down so they don't execute code. (Honestly, a chromebook would be pretty good. )

And then only allow physical access to the machine. Whether that would be realizable in a production environment would be another question...

[Ankit Meher]

Only problem is that Floatplane is too expensive. It's almost 300 INR per month. That's a lot. I will consider it if it merges with nebula.tv . Although that's just a fantasy and will probably never happen. 

[Drazil100]

2 minutes ago, denco101 said:

Looking forward to a stream or video where Linus shows up at the hacker's door... maybe gives them the first tech downgrade, sponsored by any one of the makers of baseball bats...

Dennis has been living in the hacker’s house for 2 weeks. That’s why channel super fun didn’t get hacked. 

[mrg9999]

16 minutes ago, RafaelSoaresP said:

I feel LTT was a shit target for the crypto scam, as the large majority of subs are way too tech savvy to fall for that crap

Even the ones who purchased the "Screwdriver"?
 

[nielsjacquet]

6 minutes ago, Phrozenbit said:

that, and good filters on whatever mail exchange server (or service) they are using, and proper instructions on how to apply security awareness for new employees

yeah that is the biggest obstacle in IT, getting emlpoyees to use the correct tools and avoid shadow IT. Awareness and adption are a must but not the most sexy thing ever.

[Robonwars]

Just now, mrg9999 said:

Even the ones who purchased the "Screwdriver"?
 

we know that under 50 ppl falen for this the scam from the wallet the stream had an potential reach of 18 mio ppl

[Drazil100]

1 minute ago, mrg9999 said:

Even the ones who purchased the "Screwdriver"?
 

I have a friend who bought one. It’s really nice. I don’t use screwdrivers enough to justify the purchase but for someone who needs one on a weekly basis it’s totally a valid purchase. 

[Xaiux]

5 minutes ago, mrg9999 said:

Even the ones who purchased the "Screwdriver"?
 

I love mine and use it weekly if not daily at work. I really hope the channel can be recovered quickly, and that it can force YouTube to create a better process for this as well as tighten security. 

[Guest]

God i hope it wasnt Plouffe that got exploited

 

Who will talk about "lubing" key switches now?

[nielsjacquet]

6 minutes ago, LightJack05 said:

Well 0-Trust/Segregation is always a good idea, but only if it is well executed... Also, once the user logs in to the VM, the attacker has access again...

You would have to check for integrity on everything... 

Creating security awareness and putting limitations on code-execution would be ideal in combination with your solution. Basically have a seperate VM (or multiples) for administrator access to the accounts and have them locked down so they don't execute code. (Honestly, a chromebook would be pretty good. )

And then only allow physical access to the machine. Whether that would be realizable in a production environment would be another question...

That is what i have to do before i begin my working day, unlock admin account and login to a seperate machine to access intune. All is locked down with conditional access (only verified machines can have access) and 2FA

[Ravinsky_pl]

14 minutes ago, BaidDSB said:

do you guys think someone will be fired over this?

At this stage I suspect it is difficult to say 100% what happened, but if the situation occurred as a result of gross negligence or sabotage then I would be surprised if the LMG did not draw consequences against the person or persons in question. 

[cmndr]

This could be a great idea. 

Imagine a new channel - Linus TESLA Tips.