Internet company Netcraft reports that a hacker made around $14,000 in bitcoin and ethereum after hijacking the popular YouTube channel LinusTechTips for a crypto scam. The channel, which has over 15 million subscribers and is one of the most viewed technology channels on YouTube, was compromised through a malicious email attachment. Find out more about the attack and how it happened.
LinusTechTips, one of the most-watched YouTube channels on technology with over 15 million subscribers, was hacked last week, and the attacker made away with $14,000 worth of bitcoin and ethereum, according to Netcraft, an internet security company.
The channel was hacked by an attacker who used a malicious email attachment to take control.
The attachment, which appeared to be a PDF file containing terms for a sponsor deal, was actually malware that stole information, including session cookies, from the browser of the infected system. With these cookies, the attacker could gain access to the LinusTechTips account and other logged-in accounts without the need for a password or two-factor authentication.
You might enjoying reading:
The attacker then used the channel to stream a video featuring a QR code. The code led to a website that purported to be from Tesla and claimed to double any sent bitcoin or ethereum. While the attack lasted only a few hours, the attacker was able to steal $14,000 worth of cryptocurrency, as revealed by the wallets used.
Linus Sebastian, the founder of LinusTechTips, explained the attack and stated that the responsible person on the team would not face disciplinary action. He said, “If we had better training for our newcomers and better processes for following up on alerts from our security software, this could have easily been prevented.”