Linus Tech Tips (LTT) is one of the largest and most popular technology YouTube channels with 15.8 million subscribers.
- The channel was hacked on March 23, 2023 by unknown attackers who changed its name, deleted its original videos, and uploaded fake livestreams featuring Elon Musk and Jack Dorsey promoting crypto scams.
- The livestreams were part of The B Word conference held by Ark Invest in June 2020, but they were edited with overlays linking to fraudulent crypto sites.
- YouTube suspended the channel for violating its community guidelines, but the hackers also targeted other LTT channels such as TechLinked and Techquickie.
- The owner of LTT, Linus Sebastian, tweeted that he was aware of the situation, but did not provide any details on how the breach occurred or when the channels would be restored.
The exact method that LTT got hacked is not known, but some of the possible ways that YouTube channels get hacked are:
- Data breach: The hackers may have obtained the login information of LTT from a data breach of YouTube or another website or app that LTT used. They may have also exploited a vulnerability in YouTube’s system to gain access to the channel.
- Phishing: The hackers may have sent LTT a fake email or message that appeared to come from a legitimate source, such as a sponsor, a media outlet, or a friend. They may have tricked LTT into clicking on a malicious link, downloading a malicious file, or entering their credentials on a fake website. They may have then used this information to log into the channel and take control of it.
- Weak password: The hackers may have guessed or cracked the password of LTT by using brute force attacks, dictionary attacks, or social engineering techniques. They may have also used stolen passwords from other breaches that LTT reused for their YouTube account.
- Cookie theft: The hackers may have infected LTT’s device with malware that stole their session cookies from their browser. Session cookies are data that confirm that the user has successfully logged into their account. The hackers may have then uploaded these cookies to a malicious server and used them to impersonate LTT and access their channel without needing their password.
To prevent getting hacked, YouTube channel owners should always use strong and unique passwords for their accounts, enable two-factor authentication, avoid clicking on suspicious links or attachments, verify the source and legitimacy of any communication they receive, and scan their devices regularly for malware.
Crypto scams are fraudulent schemes that use cryptocurrency or related technology to deceive people and steal their money or digital assets. Crypto scams can work in different ways, but some of the common ones are:
- Bitcoin investment schemes: Scammers pretend to be experienced investors who can help people make money by investing in bitcoin or other cryptocurrencies. They ask for an upfront fee or personal information, and then disappear with the money or hack the victims’ accounts.
- Rug pull scams: Scammers hype up a new project, coin or nonfungible token (NFT) and persuade people to buy it. Then they withdraw all the funds and leave the investors with worthless tokens that they cannot sell1.
- Fake trading platforms or crypto wallets: Scammers create fake websites or apps that look like legitimate exchanges or wallets, but they either steal the users’ money or credentials, or manipulate the prices and transactions to their advantage.
- Fake crypto tokens, investments or jobs: Scammers create fake cryptocurrencies or offer fake opportunities to invest in or work with crypto projects. They may use fake celebrity endorsements, fake news articles or fake social media accounts to lure people in. They then ask for money or personal information, and never deliver on their promises.
- Crypto phishing: Scammers send emails, texts or messages that appear to com from a trusted source, such as a crypto exchange, wallet provider or friend. They try to trick the recipients into clicking on a link, downloading a file or entering their credentials on a fake website. They then use this information to access the victims’ crypto accounts and steal their funds.
To avoid crypto scams, you should always do your own research before investing in any cryptocurrency project, verify the source and legitimacy of any communication you receive, use secure passwords and two-factor authentication for your crypto accounts, and never share your private keys or wallet addresses with anyone.