Linus Tech Tips, Tech Quickie, Tech Linked channels hacked

[A_Button117]

Just now, TheTripleDeuce said:

wan show views tomorrow gonna be high AF lol

Really looking forward to it! 

[CoolJosh3k]

7 minutes ago, Vishera said:

I have been on the internet for 20 years and it didn't happen yet...

Time is not really an important factor here. It is your activity and the factors that make up that activity.

[StopHackingLinus]

1 minute ago, TheTripleDeuce said:

wan show views tomorrow gonna be high AF lol

Linus will be furiously smoking the Devil's Lettuce for that episode

[TheTripleDeuce]

1 minute ago, StopHackingLinus said:

Linus will be furiously smoking the Devil's Lettuce for that episode

normally i just watch the next day but uh, ima watch live for sure

[Ethan_Hohl]

I want you to know that the scammers use multiple sets of addresses to receive their scam revenue.

I posted 2 sets of them earlier, unfortunately they got moderated away.

 

Reporting the revenue addresses would be one way to track the scammers down. Some exchanges are willing to help victims and law enforcement to find them or at least get the scammed coins back. But this is only possible if addresses are known! Law enforcement themselves are mostly not able to find all the addresses as they often are not informed on how to handle this situation. And when somebody is involved who knows what to do, the source of information (the scammers website) may have changed the addresses or is already completely gone.

 

So, would be nice/good/helpful to set something up to get all these addresses and not just delete them, informing the poster with a one time pop up...

[Winterlight]

12 minutes ago, Trahor said:

Funny to see all your million trillion years passwords, can't wait to see some quantum computer cracking them in .2second

But you forget about quantum encryption that make impossible too steal your data.

[SkillTim]

4 minutes ago, TheTripleDeuce said:

wan show views tomorrow gonna be high AF lol

If they get back online in time!

[TheTripleDeuce]

1 minute ago, SkillTim said:

If they get back online in time!

they have floatplane & twitch

[Robonwars]

Just now, Ethan_Hohl said:

I want you to know that the scammers use multiple sets of addresses to receive their scam revenue.

I posted 2 sets of them earlier, unfortunately they got moderated away.

 

Reporting the revenue addresses would be one way to track the scammers down. Some exchanges are willing to help victims and law enforcement to find them or at least get the scammed coins back. But this is only possible if addresses are known! Law enforcement themselves are mostly not able to find all the addresses as they often are not informed on how to handle this situation. And when somebody is involved who knows what to do, the source of information (the scammers website) may have changed the addresses or is already completely gone.

 

So, would be nice/good/helpful to set something up to get all these addresses and not just delete them, informing the poster with a one time pop up...

i think they have the information alredy and dont want the adresses public 

[LaroTayoGaming]

I just recieved a Tesla live notification, and I just said... oh no another creator have been hacked. 

[Drazil100]

Just now, TheTripleDeuce said:

normally i just watch the next day but uh, ima watch live for sure

I am definitely tuning in live. That said don't get your hopes up. They have already stated that while they are going to get a video out ASAP they want to make sure the details are right. We may not get an update on this week's wan show.

[Prariedog13]

33 minutes ago, Link81 said:

I find it extremely offensive that Channel Super Fun has been completely ignored by the cyber criminals. I find it hard to believe that they have not gained access to it with the same credentials as the rest.

They're afraid of what dennis will do.

[OliTheBear]

10 minutes ago, Fullmental said:

Or Google's 2FA has a security vulnerability that allows you to bypass without even a session token. There are many points of entry, some more secure than others. Given how frequently large channels get hijacked, I wouldn't rule it out.

What many don't realise is that for Google you should really enable Advanced Protection to mandate physical tokens https://landing.google.com/advancedprotection/ 

 

Worse still, this is the only way to force Google to validate your 2FA token when you want to do critical things like, e.g. change a password, turn off 2FA etc. Why isn't this enabled by default?!?!

 

If any good comes of this is maybe Linus and team get more content out there on security practices to try and prevent this happening to others in the future... or put pressure on Google to improve their practices...

[SkillTim]

2 minutes ago, TheTripleDeuce said:

they have floatplane & twitch

Do 15M subs know that?

[TheTripleDeuce]

Just now, SkillTim said:

Do 15M subs know that?

the ones who watch wan show do

[Myethox]

My brother just went through this recently. The same "Tesla" account and everything. It took some time, but he was able to get everything back. I am sure Linus and team will have this fixed soon. I would love to see a video on what these hackers did to break the security on the accounts. May give us some ideas on how to fortify our own security.

[Geosmin]

1 minute ago, Prariedog13 said:

They're afraid of what dennis will do.

the wrath of dennis
now THAT is scary to think about

 

[Fullmental]

1 minute ago, OliTheBear said:

put pressure on Google to improve their practices...

Now we're talking. If anyone is equipped to put pressure on Google over their security practices, it's a 15M sub tech YT channel that just got hacked.

[XBrav]

I've been through a similar event in the past. Unfortunately, 2FA is only good if you don't have any "trusted" devices that can be compromised. Through my own stupidity, it took 10 seconds for the exploit to dump all my cache from my browsers and basically authenticate a 3rd party client to remove my 2FA, all my devices, and my recovery seeds.

[nightsfire]

i wonder who is going to be liable for people that got scammed? i mean i see LTT getting sued over this.

[TheTripleDeuce]

Just now, nightsfire said:

i wonder who is going to be liable for people that got scammed? i mean i see LTT getting sued over this.

lol wut?

[Barny2767]

I think I watched it start, I was just about to finish catching up on last weeks WAN show when I saw an old K60 keyboard review pop up like 1 min ago, I clicked it to see if it was a joke review in the old NCIX style and noticed a ton of others pop up and realised they must be delisted videos being put up again.

Sucks big time although I imagen Meta/Google/Youtube will have things back up in due time.

[sombradirectory]

I think we did good... ?

[Drazil100]

4 minutes ago, Prariedog13 said:

They're afraid of what dennis will do.

Dennis has already been living in the hacker's house for at least 2 weeks.

[TheTripleDeuce]

Just now, XBrav said:

I've been through a similar event in the past. Unfortunately, 2FA is only good if you don't have any "trusted" devices that can be compromised. Through my own stupidity, it took 10 seconds for the exploit to dump all my cache from my browsers and basically authenticate a 3rd party client to remove my 2FA, all my devices, and my recovery seeds.

linus has been hacked by social engineering before (sim card got compromised). the problem is 2FA that uses text messages