(Author: Bhavya Jain)
A couple of weeks back, Linus Tech Tips, one of the biggest tech youtube channels with more than 15 million subscribers when it comes to PC content, was hacked along with two other channels operated by Linus Sebastian. The attacker deleted a good chunk of Linus’ content and live streamed some crypto currency scam featuring Elon Musk.
Now how did this happen?
The attacker was able to lure the Linus’ team into believing it to be a legitimate firm that wants to partner with Linus.
Once the trust is built then it is easier for the attacker to carry out the attack, in this case it was done by sending a pdf which the team thought is an offer letter.
The pdf was downloaded in one of the systems and as soon as the pdf was opened, malware got executed in the background and captured all the browser data available on the local system which (Read more - https://www.crac-learning.com/post/could-pdfs-be-malicious )
Now the attacker has the browser data that includes cookies and uses a session token to directly log into the respective websites (Linus’ youtube channel) without requiring password or MFA. However, Linus’s youtube channels along with his videos were restored with the help of youtube’s team.
Recommendations
While downloading any resources from the internet, always take a look at the properties of it like the size, extensions etc. Negligence to these small properties may often lead to cybercrimes.
Setup multi factor authentication not only for signing in but also for major actions like renaming the channel, deleting/uploading resources etc.
Don’t ignore the alerts for signing in from different browsers, If you suspect them immediately call off their rights to do anything with your account.
Don’t store password on browser or locally on your system, use password managers instead.
References
Comments