EEVblog Electronics Community Forum
EEVblog => Other Blogs => Topic started by: Jackster on March 23, 2023, 04:22:28 pm
-
This morning, the LTT main channel and its sister channels were hacked.
The main channel was renamed and rebadged as a Tesla channel and then went live with an Elon Musk live stream featuring a few other people with links to some crypto crap.
(https://pbs-prod.linustechtips.com/monthly_2023_03/image.thumb.png.526289b67e1d860df338bff6236a7717.png)
(https://pbs-prod.linustechtips.com/monthly_2023_03/image.thumb.png.22a7dd566d784598ba93dd75293ab95b.png)
The main channel was taken down shortly after and remains down.
(https://pbs-prod.linustechtips.com/monthly_2023_03/643358465_Screenshot2023-03-23at3_20_02AM.thumb.png.13aca8be8f27a5a64cafa77323c08c5c.png)
Pretty interesting to see such a large network of channels hacked.
What are we thinking? Youtube 2FA flaw? Staff device hacked? Inside job?
-
I remember some years ago on a video Linus telling that they had at the beginning an android phone on the server room in the new building that everyone would connect remotely (via Anydesk or something similar) for 2FA needs. But they had already finished using such workaround and now was implemented in a different way.
-
Yeah its interesting, await the explanation.
Apparently there is malware specifically targeting youtube gamers: https://www.bleepingcomputer.com/news/security/new-malware-bundle-self-spreads-through-youtube-gaming-videos/ (https://www.bleepingcomputer.com/news/security/new-malware-bundle-self-spreads-through-youtube-gaming-videos/)
Uses existing cookie to log in then upload its own videos. But I don't know if that lets you lock out the existing user account out.
-
Dave called it.
Session token based attack via sponsor attachment.
https://youtu.be/yGXaAWbzl5A
-
This crypto scam impersonating Musk has been going on for months.
I'm really curious to know who is behind it.
-
Shame it got taken down. The Crypto scam content was orders of magnitude better than that of the original channel.
-
https://www.youtube.com/watch?v=nYdS3FIu3rI (https://www.youtube.com/watch?v=nYdS3FIu3rI)
tldr:
- 700MB padded file to avoid being scanned
- scr file extension, to not seem super suspicious as an exe
-
Windows -still- allows any file to run as exe silently with full access to user data?
We knew about this, what, 20 years ago.