Popular YouTube Channel ‘Linus Tech Tips’ Suffers Hack
Linus Tech Tips, along with two other Linus Media Group YouTube channels, have been reinstated following a major breach that enabled a malicious actor to carry out activities such as streaming fraudulent crypto videos, modifying channel names, and erasing videos. Owner Linus Sebastian explained in a recent video that the breach was able to bypass security measures such as passwords and two-factor authentication because the attacker targeted session tokens that maintain users’ login status on websites. Linus revealed that a team member from Linus Media Group downloaded what was believed to be a sponsorship offer from a potential partner, which was actually a malware-containing attachment that gave the attacker access to all user data from installed browsers, including session tokens. As a result, the attacker had an identical copy of the browsers and could cause damage without requiring security credentials.
What are session tokens?
A browser session token is a unique identifier generated by a web application or website when a user logs in, used to maintain their session and authenticate subsequent requests. The token is stored in the server’s memory and sent to the user’s browser as a cookie. When the user sends a request to the server, the token is checked for authenticity. Session tokens have an expiration time, after which they become invalid, ensuring the user’s account is secure. In summary, browser session tokens are an efficient and secure way to maintain user sessions and authenticate user requests.
In a segment on the Linus Tech Tips podcast The WAN Show on Friday March 24th Luke Lafreniere stated that the attack occurred as the Malware Signature was not recognised by their Signature Based Anti-Virus, however whilst their security processes generated an alert no automated actions took place in the middle of the night once the compromised system was identified.
After the recent hack that caused the channels Linus Tech Tips, TechLinked, and Techquickie to be restored, Linus has offered some recommendations to YouTube to avoid future breaches of a similar kind. Among his suggestions, he suggests implementing increased security measures for certain channel features, such as requiring passwords or two-factor authentication to change the channel name. He also recommends adding a verification request for any attempt to delete videos in bulk.
In a statement YouTube spokesperson Elena Hernandez said “After being alerted by the Linus Tech Tips team that their account was compromised due to unauthorised access, our team investigated the issue and worked with them to secure and restore their account,”. YouTube have yet to speak out about how they plan to prevent this action in future, as over the weekend more than a dozen other channels on YouTube appeared to have suffered from the same type of attack resulting in malicious fake crypto feeds.
Lately, takeovers of YouTube channels like this have become more frequent. Implementing suggestions like Linus’ could potentially help to prevent such incidents from occurring again. It is recommended to watch Linus’ complete video explanation for further information about the incident. NOTE: It should be noted that the video contains security footage of a naked, yet blurred, Linus in his home as he investigates the situation.
How can you protect yourself from this type of an attack?
Not all businesses operate 24/7/365, however malicious cyber attackers can target your business at any time of day. By implementing a Managed Endpoint Defence and Response Solution backed by SIEM in companion with your AntiVirus, it is like having a 24/7 Security Team protecting all of your business endpoints to prevent these types of attack from slipping through the net.
Full Linus Tech Tips Video about the Hack
Latest News Stories
Rochester Schools Still Suffering 1 Month After Cyber Attack
Rochester Public Schools, based in Minnesota, was hit by a significant ransomware attack on 6th April 2023, disrupting its operations and affecting thousands of students, teachers, and staff members. The attack was first detected at 4:30 a.m. by a member of their IT...
Simple Email Habits Give Cyber Criminals an Edge
In an increasingly digital world, even the seemingly innocent action of sharing holiday plans in an out-of-office email could give cyber criminals an edge. At the recent 2023 SmallBiz Week conference in Melbourne, Australia, representatives from small businesses, as...
Join One2Call for a Masterclass in Cyber Security!
One2Call and Doncaster Chamber are excited to announce a Cyber Security Masterclass on July 25th, 2023. The event will be held at Flourish Enterprise's Woodfield Park location from 9am to 10:30 am. Did you know that standard signature-based Anti-Virus alone is only...
Mick, MS International
Easy to get hold of and down to earth.
Jeanette Addis, Principle Support Ltd
Very approachable, friendly team and fast response time. Thank you.
Kevin Wood, IT Consultant
As with all dealings with One2Call this has happened speedily and courteously. Thank you as always.