A new scam is spreading on YouTube, where channels are hacked to show videos of Elon Musk accompanied by a cryptocurrency scam. One of the newer channels is one of the largest channels of high-tech content on YouTube, LinusTechTips.
The cryptocurrency scam has been prominent on YouTube for some time, and gained notoriety late last week LinusTechTipsone of the largest high-tech chains affected, forcing the site to deactivate the account for a few hours.
The scam comes in the form of a live stream that the user sees appearing in their recommendations like any other video. It’s a discussion between Elon Musk, the head of Tesla, and other people, often on the topic of Bitcoin or artificial intelligence. The video is broadcast by the Tesla Company Channel, or a similar name, which may reach several million subscribers, and several thousand people watching the live broadcast.
Free money in cryptocurrency
So far, everything seems normal, it will be a normal video conference with the billionaire. However, the video is not actually live, but rather a replay of a video several months old. Most current views and Likes On video she is working bots Not other users. But even then, the video poses no danger. The scam is in the chat, which appears to be open but is actually limited to prevent commenting. Thus, the only visible text is a link to an external site. This site states that for a limited time, if you send bitcoins, Elon Musk will give you back double. To be more convincing, it also shows a list of recent transactions. Of course, it’s too good to be true, and if you send money, you won’t get anything.
However, this is only half of the story. The scam is effective because YouTube recommends the videos, and the channels have a few thousand to several million subscribers. These are not new channels created for the scam, but legitimate channels that have been hacked, like what happened last week to LinusTechTips, which has more than 15 million subscribers. Hacker contacts target YouTube channel with offer of bogus partner, details of which “ in the attached PDF file Quite often, legitimate YouTubers receive offers this way. Here, the attachment contains malware, the most common of which is “RedLine StealerThis steals your browser’s YouTube session cookie, a small file that avoids having to identify yourself each time you visit the site.
Access without a password bypasses all account security
Armed with this cookie, the hacker can access the YouTube channel and modify the settings, without requiring the password or two-factor authentication code, bypassing all account security. It can directly access the YouTube channel account, but in the case of LinusTechTips, the session cookie belongs to an employee account authorized to manage the channel. The hacker then changes the channel’s name as well as the logo, and launches Elon Musk’s video stream. The site does not ask him at any time to confirm his identity with a password. The hacker can then delete all of the previous videos to appear more legitimate. Even if the owner gets his channel back, it may take some time to get everything back and regain the lost audience.
What’s more worrying is YouTube’s inability to counter this kind of attack. At any given time, a simple search of the terms “Tesla live” reveals many pirated channels with a constant stream, which indicates that the situation seems to be completely out of place. While waiting for a solution, beware of attachments and offers of free money, and even more so if it is cryptocurrency…