Entertainment

Why YouTube “wanna be friends?” comments aren’t as friendly as they seem

Alan Bernal
YouTube

YouTubers are increasingly concerned about a channel that is potentially putting other accounts at risk by simply interacting with a friendly comment: “wanna be friends?”

Spotlighting the issue was YouTuber ‘Evanz11’ who noticed a recurring theme across videos on the platform who had a relatively smaller reach or audience. Without fail, they would find the same comment, or closely structured ones, on uploads made by an account called ‘logan.’

“Thousands of people have lost their entire channels from this one, innocent comment,” Evanz said. “And it’s one of the largest security breaches I’ve seen YouTube go through.”

[ad name=”article1″]

The prevailing theory suggests that the person behind logan, as well as suspicious alternate names such as ‘Triby’ or ‘Sounds,’ just to name a few, figured out a way to somehow gain enough access to other people’s YouTube accounts to simulate organic channel growth.

“If you look at his first few videos, you’ll see his Comments [section is] just nothing,” Evanz explained. “Things people would literally never comment… Yeah, the real way he grew his channel so large was using bots. They’re all bots, but bots using real accounts. Your accounts.”

[ad name=”article2″]

It is unknown how logan/Triby is seemingly gaining access to accounts that simply interact with the “wanna be friends” comments on other people’s videos.

Mutahar Anasnote from the ‘SomeOrdinaryGamers’ channel looked into the suspicious activity and believes the problem is a bit more nuanced.

According to Mutahar, the YouTube breach could be tied to the OAuth token system that lets accounts from different services interact and manipulate each other with prior user consent.

[ad name=”article3″]

When linking accounts, apps will ask for permission to run the ‘tokens’ that it needs to perform its duties. There are some tokens, however, that ask for the ability to see, edit, or delete YouTube videos, ratings, comments, and captions in order to perform its functions.

While apps that ask for these permissions are not inherently malicious or bad, Mutahar believes logan found an exploit to use this token, or one like it, for the purposes of gaining surface-level access to other accounts.

For the time being, YouTubers are self-monitoring and unlinking their accounts to any third-party app that asks for these kinds of permissions as more evidence suggests that one of those services might have been compromised.

About The Author

Alan Bernal

Alan is a former staff writer for Dexerto based in Southern California who covered esports, internet culture, and the broader games/streaming industry. He is a CSUF Alum with a B.A. in Journalism. He's reported on sports medicine, emerging technology, and local community issues. Got a tip or want to talk?

keep reading
Below Deck Ben Willoughby
Reality TV
Below Deck’s Ben considers getting back together with former on-screen girlfriend
Erica Handel
Chloe burrows and Harry johnson
Reality TV
Love Island’s Chloe Burrows admits she faked romance for a “lucrative future”
Molly Byrne
Rose Vega 90 Day Fiance
Reality TV
90 Day Fiancé’s Rose shows support for Liz after “taco pasta” fight
Erica Handel
QT from The Circle
Reality TV
The Circle’s Quori-Tyler explains why the Season 6 cast is always cooking on-screen
Je'Kayla Crawford

Subscribe to our newsletter for the latest updates on Esports, Gaming and more.