Linus Tech Tips, Tech Quickie, Tech Linked channels hacked

[Captain_Hindsight]

Just now, Kilrah said:

It is a cache issue, on youtube's side.

 

Seems they cache searches for extended periods of time. 

But then why is the main LTT channel not affected ? Just weird

[Kilrah]

Likely just timing, they didn't all get taken down or reinstated at the same time. 

[KeradSnake]

3 minutes ago, Captain_Hindsight said:

I can confirm that there is still the Tesla logo on YouTube search for Techquickie and Techlinked

 

Just open https://www.youtube.com/results?search_query=techquickie+  and https://www.youtube.com/results?search_query=techlinked

 

No cache issue, reproducible on different devices.

click on the channel and you'll find out that it's actually in its normal techlinked/ techquickie logo. As mentioned many times above, it's cache error from YT side at least on the main search, and this affects not just the logo but also description on the main search. 

 

Although...

3 hours ago, KeradSnake said:

Video search from channel does seems to not having that issue though, and it can shows result based on whats in the description (THANK GOD because I think this wasn't the case back then, at least for me, idk it never worked) so it's a good way to hunt for videos that are still having the scam in the description, and of course I found two examples from that. Checked from regular and incognito, both shows the same so yep it's still not changed for these two example and not cache error

In the nutshell: Main search have cache error from YT side, channel search do not (which can be used for finding videos that still have the scam description)

 

and this makes me question YT even more if they can't even handle cache error from their side why do I expect them to prevent session token theft

[SamB33]

Hey just wanted to know does LTT have an BCM/DR/IR policies?

 

I work in the public sector as a Cybersecurity Auditor, part of my job is assessing Business Continuity Management, Disaster Recovery, and Incident Response plans and providing regulatory recommendations when I find areas of improvement. I was quite stressed out just listening to WAN show yesterday hearing Linus and Luke talk about the events that took place. 

 

To me it sounded incredibly disorganized from my perspective. Thinking about it, in the event of a cybersecurity incident is it really best practice to have an angry naked linus try to just figure it out? I mean, typically the incident response team will wear clothes. I heard at one point Luke tried to call Dan super early in the morning. Was that because you guys have a call tree in policy that was supposed to alert Dan? What if it was absolutely imperative Dan needed to be reached, do you guys have alternative contact information in IR policy? For this incident specifically does LTT perform Phishing Testing/Training on users? I was also listening and heard some changes going on related to IAM, I would have questions related to that to. What if this was an environmental, economical, or polical/hacktivism issue, does LTT have contingency plans to deal with those? Procedures for alerting your stakeholders including the public, does LTT have those in place? When listening to the WAN show it sounded like areas of BCM/DR/IR were addressed during the issue instead of getting your ducks in a row prior to this all going down.  

 

I don't expect answers to these questions, it shouldn't be public information for LTT's own protection. 

 

TLDR: Does LTT have BCM/DR/IR policies to help address incidents?

[Matyi10012]

The large logo for Techquickie seems to be Telsa:

 

 

I dont know if it is just google not yet updating the logo for search, or it is a seperate image that has to be updated back, so just giving a feedback.

[TetraSky]

It's really still Tesla in the Search. On the actual channel and videos, it's the normal one.

This is sadly a youtube caching server issue. Giving it more time will likely end up solving it. Another solution might be to change the logo once more to something else and hope Youtube finally updates.

[Whiro]

[JoshB2084]

I found this one might be interested.

 

[divito]

49 minutes ago, JoshB2084 said:

I found this one might be interested.

 

This is a short, but good video. I think a lot of people really underestimate how certain tactics work when it comes to malware, phishing, etc...

Spotting things when they're infrequent or uncommon is ridiculously easy. But with the right approach and the right target, some attacks take the most mundane tasks someone might do on a computer everyday, and it can blend in very well to where you won't even be able to recall anything out of the ordinary.

[Philip Basallo]

Hey guys.. It just so happened that my small channel just got hacked similarly to LTT.. Can anyone help me, Im desperate, my channel is small but I have me life's work put into it. It was hacked just about hours from now. It does not have a Tesla but a CS-2 Scam site/qr code live at the moment.. youtube.com/nestygunner 

 

I already sent my help request on support-in@google.com but still no reply. I could not login or recover my account because they used a USB Key authentication. 

 

please guys.. can anyone help me on this

[Spotty]

5 hours ago, Philip Basallo said:

I already sent my help request on support-in@google.com but still no reply. I could not login or recover my account because they used a USB Key authentication. 

Ooof! It's shocking that Youtube allows people to add 2FA methods to an account without reauthenticating the user.

Unfortunately without access to the account I don't think there is going to be much you can do. Try tweeting at the Youtube creator twitter account as well sometimes that helps get attention.

[Myethox]

1 hour ago, Spotty said:

Ooof! It's shocking that Youtube allows people to add 2FA methods to an account without reauthenticating the user.

Unfortunately without access to the account I don't think there is going to be much you can do. Try tweeting at the Youtube creator twitter account as well sometimes that helps get attention.

This is what my brother ended up doing for his channel. Once he reached out VIA Twitter, they sent him a form he could fill out. It helped that he was in all of his videos. Easier to show that it was his. It took a few days to get everything back to the way it was, but he eventually did.

[Quackers101]

On 3/26/2023 at 4:29 PM, Matyi10012 said:

The large logo for Techquickie seems to be Telsa:

 

I dont know if it is just google not yet updating the logo for search, or it is a seperate image that has to be updated back, so just giving a feedback.

when the cache in a storage far far away, have still not updated or corrected. but then one see, going into a wormhole and its a totally different channel when clicked on

 

3 hours ago, Myethox said:

It helped that he was in all of his videos. Easier to show that it was his. It took a few days to get everything back to the way it was, but he eventually did.

which can become a point of attack now. *sad face*

Edited March 27, 2023 by Quackers101

[Wolves of the West]

I am kinda concerned about the employee at linus tech tips that was the victim of this attack. Do we need a wellness check?

[TylerD321]

1 hour ago, Wolves of the West said:

I am kinda concerned about the employee at linus tech tips that was the victim of this attack. Do we need a wellness check?

I don’t know why you’d be worried about them. Shit happens and Linus / the team seemed to be very understanding. 

[Skiiwee29]

@Masters2150 I have merged your thread into the LTT Hack thread. This was discussed already within this thread.