Linus Tech Tips, Tech Quickie, Tech Linked channels hacked

[RuffRuffmcgruff]

1 minute ago, Blqckqut said:

whats the site

google password monster 

[danou25]

ALL accounts ARE DOWN

[WhyCheese]

2 minutes ago, Blqckqut said:

whats the site

I think it's https://www.passwordmonster.com/

[Vishera]

5 minutes ago, CoolJosh3k said:

It really depends on how it happened.

 

Some people use the same password in multiple places. Some have very weak passwords, negating any encryption. Some refuse to use any 2FA at all.

 

Malware is a common way to bypass the need for any authentication.

 

I’d like to take this chance to mention that Steam has better security than my bank.

I have never been hacked...

As long as you are careful it should be fine.

And my passwords are very very long and each website account has a different password...

[Sant_HH]

1 minute ago, Blqckqut said:

whats the site

Pretty sure it's https://www.passwordmonster.com/

[SomeDanishDude]

well it clearly can't be anyone with alot of perms since the forum haven't been overrunned by the Crypto scammer

[WhyCheese]

Just now, danou25 said:

ALL accounts ARE DOWN

These ar up.

[PointyJackalope]

3 minutes ago, Blqckqut said:

whats the site

I just made my password in Ukranian)

[Blqckqut]

4 minutes ago, RuffRuffmcgruff said:

 

 

Better be alpha-numerical!

 

looks good to me

[Fullmental]

1 minute ago, Sant_HH said:

Pretty sure it's https://www.passwordmonster.com/

Here's a security tip: Don't type passwords for your websites into other websites designed solely to capture and analyze passwords...

[Blqckqut]

Just now, Fullmental said:

Here's a security tip: Don't type passwords for your websites into other websites designed solely to capture and analyze passwords...

i didnt, its a similar one in terms of numbers and amount of stuff, different pass tho

[FSP]

13 minutes ago, CapCloud said:

Does this mean these hackers got out (so far) with 10,000 USD+?

yeah, but I noticed that I had the ether wallet twice (because the tether wallet uses the same address), so it is more like 6500$. Getting anything back after it is transferred is pretty much impossible. But this should be everything they got, since the stream is offline now.

Theoretically they could show different wallets to different people (to obfuscate how much they got), but I tested with a vpn and different browsers and always got the same addresses.

[Robonwars]

1 minute ago, Fullmental said:

Here's a security tip: Don't type passwords for your websites into other websites designed solely to capture and analyze passwords...

at least not paswords that you are using

[Flangvik]

13 minutes ago, Drazil100 said:

"Really stupid" is probably a bit too far you are right. Maybe I am wrong and the hackers have ways around this but I would think there would be measures against people trying to use a session from a wildly different IP that makes you confirm you are the account holder.

I don't have experience with targeting users using Google (as I mostly attack/work with clients largely using O365 with Okta or other third-party SSO providers). But there are only so many values that can be checked to look for suspicious sessions. You can typically blend in by using a highly-reputable VPS or proxy close to the location of the original login IP and changing your UserAgent header to match the original.

Speculating further (because why not), if it is the cases that an editor's computer got compromised, another common approach is to tunnel network traffic through the compromised workstation, effectively turning it into a proxy, and therefore having the stolen session originate from the original IP.

[Mikezz]

2 minutes ago, Blqckqut said:

 

looks good to me

[Brawhammer]

1 minute ago, Fullmental said:

Here's a security tip: Don't type passwords for your websites into other websites designed solely to capture and analyze passwords...

Good advice, but that site is fine. There's no network requests happening when you type in the box. A lot of these strength tests are done using javascript run in the browser to detect strength. Every website does this already. It's nothing new.

[Brentar]

3 minutes ago, PointyJackalope said:

I just made my password in Ukranian)

 

Meanwhile....

[CoolJosh3k]

YouTube: “what’s that you are connecting via a never-before-seen device from a never-before-seen-address? This is fine.”

 

Ofcourse this could have been stolen 2FA code or maybe even a RAT. However, I really do sense this new device, new address is part of the scenario that unfolded.

[Fullmental]

8 minutes ago, XenZibe said:

Good advice, but that site is fine. There's no network requests happening when you type in the box. A lot of these strength tests are done using javascript run in the browser to detect strength. Every website does this already. It's nothing new.

It's fine until someone hijacks the site and changes the code to capture it live instead, or makes a new one that the casual user doesn't do their due diligence on before trying a bunch of their passwords, or maybe they randomly harvest the input fields on a random sample of hits using server side code you can't possibly see or analyze. You don't know who you're putting your trust in when you visit this kind of site. Plus, now that someone's posted that URL, a bunch of people reading this topic are going out to the site and entering random passwords. Do they all run a wireshark trace beforehand and obfuscate their passwords before checking? 99.99% of people almost certainly don't, and if they ARE smart enough to do that, they don't need an algorithm to tell them if their password is strong or not in the first place.

[Robonwars]

Just now, XenZibe said:

Good advice, but that site is fine. There's no network requests happening when you type in the box. A lot of these strength tests are done using javascript run in the browser to detect strength. Every website does this already. It's nothing new.

is the site open source ? if not do Not trust it

[daniel37parker]

My ultimate easy to remeber password, not really.

[moosa1991]

i believe the way they hack the accounts is they copy your saved passwords from google chrome ect not the password has been hacked so when you go onto a website the password is already saved for you it clones the database of every password and once in changes your two factor verification so u cannot just change the password again 

 

really when a number is changed youtube should send a text or email asking if you confirm the two factor verification and if no then u can change your password but if they already had access to the email addresses passwords ect then no point

[BrandonTech.05]

15 minutes ago, Kartikay-Agarwal said:

Can the people who watch LTT on youtube get access to see the full statement that linus published on floatplane?

It posted at the top of this thread. It's the same one from floatplane

[Darkshadow12671]

8 minutes ago, RuffRuffmcgruff said:

 

Better be alpha-numerical!

I think my password might be a tad bit aggressive. Might take a hot minute to break. And it is one of many like it.

[True]

Woke up to Elons Mug on my phone..  said WTF are you doing there.  I don't follow tesla.. and i sick to death of crypto.