Linus Tech Tips explains how YouTube channel got hacked for crypto scam streams

LinusTechTips talking to camera in front of red backgroundYouTube: LinusTechTips

YouTube star Linus ‘Linus Tech Tips’ Sebastian has explained how his YouTube channels managed to get hacked and deleted, without the hackers going after his passwords.

On March 23, fans of Linus Tech Tips – the biggest channel out there for PC content – were shocked to find that three channels worth of content had disappeared and been replaced by cryptocurrency scam streams

These types of attacks aren’t new, and have constantly cropped up on YouTube and Twitch, but it was shocking that Linus – whose content is all about knowing the ins and outs of tech – had fallen victim to it. 

Article continues after ad

Well, after firefighting things and managing to wrestle back control of his channels, the YouTuber has revealed what happened, including the fact he had to get out of bed in the early hours to get things sorted out.  

Linus Tech Tips explains how his YouTube channel got hacked

The Canadian tech supremo revealed that it wasn’t like someone targeted their password directly to get into his account, but, instead, they went after their whole browser profile, which made it even more difficult to combat. 

Article continues after ad

“Someone on our team downloaded what appeared to be a sponsorship offer from a potential partner. It was an innocent enough mistake for the most part. The email came from a legitimate-looking source and it didn’t raise any immediate red flags,” Linus said, noting that whatever ‘PDF’ was downloading, didn’t launch as it should have and was thus ignored. 

“What happened in the background took about 30 seconds. The malware accessed all user data from both of their installed browsers, Chrome and Edge, including everything from locally save passwords, cookies, and browser preferences. Giving them effectively an exact copy of those browsers on the target machine that they could export including, that’s right, session tokens for every logged-in website.”

Article continues after ad

He noted that the hack could have been “easily avoided” if the team had better processes in place and that it took longer than it should have to fix things because of how roles are dished out for his channels. 

“The bottom line is, our disaster response processes need to improve because I realized at three whatever in the morning, that I didn’t know how to reset the passwords and the access controls across these channels,” he added, before urging Google to improve communication and security options around these issues. 

Article continues after ad

Things are back to the way they should be across the three compromised channels, so expect the usual videos soon.

Related Topics