Popular YouTube Channel ‘Linus Tech Tips’ Suffers Hack
Linus Tech Tips, along with two other Linus Media Group YouTube channels, have been reinstated following a major breach that enabled a malicious actor to carry out activities such as streaming fraudulent crypto videos, modifying channel names, and erasing videos. Owner Linus Sebastian explained in a recent video that the breach was able to bypass security measures such as passwords and two-factor authentication because the attacker targeted session tokens that maintain users’ login status on websites. Linus revealed that a team member from Linus Media Group downloaded what was believed to be a sponsorship offer from a potential partner, which was actually a malware-containing attachment that gave the attacker access to all user data from installed browsers, including session tokens. As a result, the attacker had an identical copy of the browsers and could cause damage without requiring security credentials.
What are session tokens?
A browser session token is a unique identifier generated by a web application or website when a user logs in, used to maintain their session and authenticate subsequent requests. The token is stored in the server’s memory and sent to the user’s browser as a cookie. When the user sends a request to the server, the token is checked for authenticity. Session tokens have an expiration time, after which they become invalid, ensuring the user’s account is secure. In summary, browser session tokens are an efficient and secure way to maintain user sessions and authenticate user requests.
In a segment on the Linus Tech Tips podcast The WAN Show on Friday March 24th Luke Lafreniere stated that the attack occurred as the Malware Signature was not recognised by their Signature Based Anti-Virus, however whilst their security processes generated an alert no automated actions took place in the middle of the night once the compromised system was identified.
After the recent hack that caused the channels Linus Tech Tips, TechLinked, and Techquickie to be restored, Linus has offered some recommendations to YouTube to avoid future breaches of a similar kind. Among his suggestions, he suggests implementing increased security measures for certain channel features, such as requiring passwords or two-factor authentication to change the channel name. He also recommends adding a verification request for any attempt to delete videos in bulk.
In a statement YouTube spokesperson Elena Hernandez said “After being alerted by the Linus Tech Tips team that their account was compromised due to unauthorised access, our team investigated the issue and worked with them to secure and restore their account,”. YouTube have yet to speak out about how they plan to prevent this action in future, as over the weekend more than a dozen other channels on YouTube appeared to have suffered from the same type of attack resulting in malicious fake crypto feeds.
Lately, takeovers of YouTube channels like this have become more frequent. Implementing suggestions like Linus’ could potentially help to prevent such incidents from occurring again. It is recommended to watch Linus’ complete video explanation for further information about the incident. NOTE: It should be noted that the video contains security footage of a naked, yet blurred, Linus in his home as he investigates the situation.
How can you protect yourself from this type of an attack?
Not all businesses operate 24/7/365, however malicious cyber attackers can target your business at any time of day. By implementing a Managed Endpoint Defence and Response Solution backed by SIEM in companion with your AntiVirus, it is like having a 24/7 Security Team protecting all of your business endpoints to prevent these types of attack from slipping through the net.
Full Linus Tech Tips Video about the Hack
Latest News Stories
Ransomware Attacks show a small dip, But is it the “Calm Before The Storm”?
Ransomware attacks saw a nearly 25% decline in April of this year, according to the latest monthly Cyber Threat Intelligence Report by NCC Group, a UK-based information assurance firm. While the decline is encouraging, the figures remain worryingly high, with 352...
BBC Panorama Report finds 6 year old security flaw in Hikvision Cameras
A recent BBC Panorama investigation (video available here with the segment regarding this story available between 11:57- 20:48) has uncovered security vulnerabilities in two of the world's leading manufacturers of surveillance cameras, Hikvision and Dahua, both of...
US State Department Announces $10 Million Bounty for Information on Clop Ransomware Attacks
In an intensified effort to combat cyber crime, the US State Department's Rewards for Justice (RFJ) programme has revealed a bounty of up to $10 million for information linking the recent Clop ransomware attacks to a foreign government. The announcement follows a wide...
Our Customers
Testimonials
Ackroyd & Abbott
The problems get sorted quickly as possible and the staff are friendly and helpful.
Annette, Logo Leisurewear
Happy with excellent service by Pawel and Adam getting my new PC just as I need it to be set up. Thanks.
Chris, Kelham Hall
Another 5 star Job from One2Call’s top man.