The Linus Tech Tips channel with 15M subs was just hacked by a crypto scam. Don't let this happen to you!
UPDATE: https://www.youtube.com/watch?v=yGXaAWbzl5A
If you find my videos useful you may consider supporting the EEVblog on Patreon: http://www.patreon.com/eevblog
Forum: https://www.eevblog.com/forum/blog/eevblab-110-linus-tech-tips-hacked!/
Web Site: http://www.eevblog.com
Other channels:
EEVblog2: http://www.youtube.com/EEVblog2
EEVdiscover: https://www.youtube.com/eevdiscover
T-Shirts: http://teespring.com/stores/eevblog
#ElectronicsCreators #linustechtips #hacked

Hi just a quick uh news update and serious warning for uh, any content creator usually. but in particular um YouTube content creators? uh, unfortunately. Linus Tech Tips: um the huge Channel with 15 million subscribers I Know there's huge overlaps between our audience. They have been hit with a hack and all of their channels.

They've got multiple channels. They've all been uh, shut down. They were hit with a crypto scam um hack which has been happening to YouTube channels everywhere. It's just like it's it's practically a plague.

But yeah, all of their channels have been shut down. This is a safety mechanism. Uh YouTube have done this so that they can. you know, restore, hopefully restore all their videos and content and channel back.

um to them. So I'm sure you know they're working uh, furiously to try and get it back. but yeah it is. It is Gonski.

It is currently gone. their uh website with uh, their float plane thing is still available because that runs on their own servers. This isn't uh part of the hack so you know here it is in giz uh Moto it just happened like in the last like eight hours or something and uh, lioness has actually uh responded um he posted this on uh float plane which I don't have access to so I can't see it directly but this is on their forums regarding the YouTube channel hack. We are on top of it with you Google's team now and everything should be locked down and we are getting to the bottom of the attack.

Vector With the hopeful goal of hardening their security around YouTube accounts and preventing this sort of thing from happening to anyone. Security: Well, this has been happening for what years now. So uh, yeah, but Linus Tech Tips: 15 million Subs Huge profile uh channel is it the highest profile Channel that's been hacked and shut down I Don't know in in the IT world I Don't think there's anyone bigger than Linus Tech Tips: really? But I don't know how many like 50 100 employees or something that they've got. It's absolutely enormous business that they've got.

It's not just Linus and a couple of nerds in their house. whatever they uh, were you know quite a few years back. it's absolutely enormous. Enterprise Now and here's where the attack: Vector Like they're working on the attack Vector I Can pretty much pretty confident I know where the attack Vector is now all of us YouTubers Literally daily, we get emails from sponsors from companies who want to sponsor our Channel and most of them are legitimate will be legitimate.

but there will be a whole bunch and I'm sure lines gets probably dozens of these per day. I I Get probably you know, at least one a day. like one sponsorship deal a day and maybe one a week. sounds like dodgy.

like you can just smell it I Just got one from the in the other day for example. and I actually, um, tweeted this the other day on Twitter it was for uh dabs. what is it Dabson? Uh, you know power. uh, brick things.

You know they're like the Eco flow battery that I got. So I get contacted bombarded with all these companies wanting me to review their batteries and dabson. they're a legitimate supplier. So I get an email from them and it says that, uh, you know, hey, we represent Debson and they even include the actual uh, the PDF you know advertising material that's they'll typically send you.
You know about the company and about their products and stuff like that. and so I I Don't know if this email was legit, but the first thing you realize is that okay, the email does not come from the Dabson domain. It doesn't come from the company domain, it comes from a Gmail account. or it comes from a Hotmail account.

or it comes from some other account and we represent. You know this company and they might. but that's your first sniff that something's not right there. Okay, so what they do is how the scam works is that they, uh, claim to represent a company.

You know it could be Nvidia video cards or some fan. You know, for a company like Linus I've had companies like that approach me. Even you know these these computer companies approach me and hey, would you like to sponsor this ship? We can. You know we'll be really flexible and you can say whatever if you want and you know it'll sound.

You know when they might even put a figure amount in there or pay you five grand or ten Grand or something like that to sponsor our content. So any especially small YouTubers Going to go. Oh, and finally hit the big leagues. I've got a sponsorship deal I've got a company who wants to sponsor me sounds really good and then they will.

If you start emailing them that you're interested, they'll uh then want to. you know for you to download some sort of executable or some other attack Vector that then they can infect you know, malware like a Trojan on your machine and then usually your machine that you're using already has you logged into your YouTube account. So once they've got that Trojan software on your machine, they have access to your YouTube account and they're bypassed your two-factor authentication because every YouTuber everyone should be using two-factor authentication. You know I physically like like Hardware Keys like UB keys and things like that.

This and it's practically impossible, but really to go through the front door and attack and hack somebody's YouTube account that way. But if you go via the back door and install Trojan software on their machine pretending to be a sponsor, then Bingo they've got you. and then once you're bypassed the two factor of authentication on YouTube, you've already got access to the account. What they do in this particular case, this is what they did to Linuses one and this is very common.

They rename the channel so it appears to be Tesla like this here it is right 15 million and then they uploaded some Elon Musk videos right? Bitcoin is back and this is how the scam. Works. They then link to a page where you know all they'll put in the comments or the description of the video you know. Bitcoin Just send us Bitcoin and we'll double.
We'll triple the amount of Bitcoin and it's just a crypto scam like this. so they're not like threatening him like you know or anything like that. They simply take over your Channel Channel They delete all your videos or they or they will upload new ones and it'll be like Elon Musk like you're teaming up with Elon Musk right? And everyone just gets duped into thinking that you know? look, Oh, a lot of stick tips have teamed up with Elon Musk and they're giving away crypto and oh I better get in on it quick. They're like Tesla like, but this is on lightness.

Tech tips his channel right so they just pretend it's a standard crypto scam thing and I saw somebody did actually uh, go through and look at the Bitcoin addresses because the whole thing about blockchain is that it's completely traceable, right? so you can trace it all through so you can see how much money they've scammed. Apparently they shut it down so quick that they didn't get much money, but some people were actually duped to send some money over I believe. But that's how the attack. and that's what the attack Vector is I almost guarantee it.

And they make so much content, they'd have multiple pre-books probably at least half a dozen people who whose machines have access to their YouTube account. They have to just to run their business right. They have to have access you know, upload access and full account access to be able to upload videos to the channel and and even even delete videos if they need to. And there's probably multiple machines in company.

There could be dozens of machines in the company that have full account access to the YouTube and YouTube channels plural, because it's usually under the same login. So once you're in, you pass the two-factor authentication and you've got access to all of the channels. This is how it happens. so I guarantee that.

Unfortunately, it's just you know, sheer bombardment with all this stuff. and they have so many sponsors, it's their whole business model. As you know, sponsorships, and everything else. Um, is a massive part of their income stream.

Not sure if it's the major, but it's a massive part. So they'd be dealing with sponsors at multiple sponsors daily sheer time. Unfortunately, until um, you know, somebody got a little bit lazy I guess and didn't do their full due diligence on the emails and installed something. and their machine had to have access.

So going forward they'd probably are going to Institute I'd say a company policy where they're going to um like airlock. uh you know a machine like nobody will be answering business emails and have access to the YouTube account on the same physical machine I Don't know if it is possible across networks I Don't think so. Leave it in the comments if you if you know of the actual you know Trojan software used to do this but warning you know, tape around it. you've got to go through.
you know, calling it off this machines for business emails and negotiating um, sponsorship details. and these machines over here are specifically for uh that have access to the YouTube channel. so unfortunately it's been taken back. are you? I'm pretty sure that you know YouTube will be able to deal with it, but it's obviously not a you know a trivial thing to do.

at least shut it down so that you know no one could get scammed out of their money. but yeah, yeah, um, unfortunately like YouTube could do a lot more I mean it's still ridiculous that YouTube can delete an account I've been saying this for donkey's years. They can actually delete your account because you got you know flagged too many times. You know once you're a large enough Channel you know, say silver 100 thousand YouTube Silver award or something.

your channel should be absolutely locked down and fully protected, right? It should require an active well was Susan alphabet but she's gone now. It should require and you know, and an act of the CEO to personally push the button to you know, delete all your content or something like that. It's just yeah, it's crazy. but yeah, apparently every channel was, uh, every video was actually actually deleted before this before they locked it down.

I'm sure it was only up for like maybe an hour or two. If anyone knows, leave it in the comments. But yeah, don't don't fall for this sort of stuff. It's um, unfortunately, it's all too common Now it's happened to the most high profile.

Channel Anyway, um, yeah, content creators be safe out there. Catch you next time.

Avatar photo

By YTB

28 thoughts on “Eevblab 110 – linus tech tips hacked!”
  1. Avataaar/Circle Created with python_avatars Francois Piche says:

    I usually love the channel but thumbs down on this video for the thumbnail of Linus on a wecbam next to your picture on a webcam too. It misled me to think you had an interview with him about what happened..

  2. Avataaar/Circle Created with python_avatars M Will says:

    Copyright audio, demonitized, flagged banned, upload of exactly the same hacked video to channels and named changed etc, too hard for Google… what gets me is why is it so hard to send an email or verification of anything that wants changing and verify it BEFORE its changed.

  3. Avataaar/Circle Created with python_avatars Columba Kos says:

    I'm not sure why you care? Linus is an annoying twerp.

  4. Avataaar/Circle Created with python_avatars Timo P says:

    I'd like to see the person going through all email headers first every time they got mail. But of course it is convenient to blame people when one needs only one cookie to authenticate and bypass 2fa. Security needs to be responsibility of everyone equally or this will keep on happening. And I am now mostly referring to YouTube authentication policies.

  5. Avataaar/Circle Created with python_avatars Ed Master says:

    And we all were under the impression that Google ruled the internet.

  6. Avataaar/Circle Created with python_avatars Org@nicCold says:

    For this reason the company i work for, a leader in their area worldwide doesn't let you open any emails in certain computers, and you not allowed to even upload any data from any kind of media into it that hasn't been checked deeply for clearance. Las thing you want is a situation like this but with lifes at risk. Linus is now back, but he was really stressed, its not easy seing a lifes hard work going down the drain.
    The thumbnail is one of the best i seen for long time 🙂

  7. Avataaar/Circle Created with python_avatars complexity says:

    Stealing cookies. Start with the employees' m1cr050ft computers. Employee's aren't smart. This is probably a deep long slow attack. Hacker probably had access for weeks and took everything. And now they have to unravel that trace.

  8. Avataaar/Circle Created with python_avatars firewalker says:

    As I understand it was user running an executable binary file. It was not code inside a pdf file.

  9. Avataaar/Circle Created with python_avatars Kelsey Mark says:

    Nice ❤️ videos and thank you for breaking it down!! Despite the economic downturn, Making money is an action. Keeping money is behavior Growing money is knowledge.

  10. Avataaar/Circle Created with python_avatars Ingu Lari says:

    Is it actually a hack or LTT being loosers? I stopped watching LTT years ago as it was more of a show than true knowledge/good material.

  11. Avataaar/Circle Created with python_avatars Andre Logen says:

    Sales Team Email attachment, you nailed it.

  12. Avataaar/Circle Created with python_avatars tntom says:

    Isn't this like the third time Linus Tech Tips got hacked and scammed?

  13. Avataaar/Circle Created with python_avatars ET says:

    See Y-

  14. Avataaar/Circle Created with python_avatars liquidmandotcom says:

    Youtube or any other content host simply can not be responsible for 'trojans' infecting the computers of content uploaders.

  15. Avataaar/Circle Created with python_avatars Mariusz Kozłowski says:

    Everything Google is a mess.

  16. Avataaar/Circle Created with python_avatars 1ytcommenter says:

    So they are a 150 employee company? They have no CSO? Obviously lax or no it-sec policies? And it seems they also do absolutely have no awareness trainings for their workforce. Seems the typical startup mentality craphole company. Oh wow theere is a link I klick on it! Oh wow the email sais I have to login somewhere to get a day more off per year! Oh wow there is something for free to download I ll grab it and install it. Well deserved then!

  17. Avataaar/Circle Created with python_avatars Kram Sacul says:

    Good.

  18. Avataaar/Circle Created with python_avatars Cristian Rodriguez says:

    No Dave, the internet does not forget.. Youtube probably does not delete things at all unless a law requires them to after a certain period.. it is just marked as deleted and it will probably be scheduled as a low priority job to be executed "at some point" in the future if ever deleted.

  19. Avataaar/Circle Created with python_avatars thommw says:

    Why is he using the youtube account like any other account, having it open on some workstation and reading email, clicking on attachments, etc. If I had a big channel like this, that account would be guarded like the treasure that it is and only used on a special workstation and only for managing the channel. Some tech experts those guys are. <rolling eyes>

  20. Avataaar/Circle Created with python_avatars jankas64 Games and Builds and Other says:

    we have pewdipie has 111 mill subs but doint kno if hed been hacked ever and we got colinfurze 12.3 mill subs. even it happend its sad that they found this way to scam now. great for your informing🙂

  21. Avataaar/Circle Created with python_avatars Greg Bell says:

    Hmm, what part of a sus email don't you get then a "tech savvy" big yootoober is smart enough to click on this shit it just shows their incompetence!… I'm a tech of over 40yrs n I got screwed twice back in the very early naughties I've never been done again, but Linus the "tech genius" gets screwed with ALL HIS SERVERS N FIRWALLS, IMO is a prize wanker (including the idiot employees) who's built a following of young Dumb Richard Craniums who don't know any better just like Tesla/Electric Jesus wankers who can't see the forest for the trees, their all wankers especially EJ whos a prize vapourware salesman.
    Linus & his employees should know better tan not to click sus links, someone needs the boot IMO!

  22. Avataaar/Circle Created with python_avatars AnalogX64 says:

    Linus confirmed, one of the sponsourhip related emails contained a PDF file that uploaded browser session data to the bad actors who used it to login to their accounts. You can put all the procedures and systems in place for protection, but ultimately, the weakest link is humans falling for social engineering tricks. No company or organization is 100% safe.

  23. Avataaar/Circle Created with python_avatars diecast jam says:

    Jeez that's embarrassing, that's what you get for using password123 as your password, lol. Seriously, they have been they have been on the slide for a good year 18 months. Getting involved with politics, by doing builds for controversial figures, their spat with Gamers Nexus, senior staff members airing grievances with Linus on air, Linus doing a fake, I'm retiring arc, and now this, not good. People just want tech coverage, not personal drama.

  24. Avataaar/Circle Created with python_avatars Grumpy RC Modeler says:

    If I contact someone I never attach files no matter how useful it would be on the first email. Links or attachments will happen later after we have acknowledged that we're what we claim to be. I also don't open links or attachments. Can't believe anyone does.

  25. Avataaar/Circle Created with python_avatars Untrust says:

    Why even bother trying to disguise as tesla? Just disguise as LTT

  26. Avataaar/Circle Created with python_avatars Weißenschenkel says:

    Good ol' Social Engineering. People will ALWAYS fall for that.

  27. Avataaar/Circle Created with python_avatars Only honest person on youtube says:

    Never seen a video of his, and never will.

    There is no security on the net, and people who say otherwise are liars, as you say here, youtube cannot protect the channels, and this is going on for years.

  28. Avataaar/Circle Created with python_avatars 8BIGNIC8 says:

    The next step will be Deep fake videos of Linus selling the Idea……

Leave a Reply

Your email address will not be published. Required fields are marked *