Top YouTuber Linus Sebastian had his channels on the app hacked this week.
The incident arose when threat actors opted to get rid of videos through the channel known as Linus Tech Tips while replacing them alongside two videos discussing cryptocurrency featuring tech billionaire Elon Musk.
After discovering more about this incident, YouTube’s parent firm Google was quick to act and remove the content and restore the channels back to him. But it’s still a huge mystery as to what exactly happened and how his channels underwent the hacking attempt.
The recently published video featured Sebastian confirming how his empire did fall into the hands of a mega cyberattack through a session better known as cookie hijacking.
This term is reserved for those situations when threat actors get access to certain creators’ online accounts by stealing cookies on their sessions. And that wards off the need to get their online credentials for login or go through the whole MFA protocol for authentication.
For those who may not be aware, session cookies are usually stored on PCs in a local manner each time users opt to log in.
But how exactly do threat actors get access to the session cookie is worth a mention?
Experts claim it all begins by sending creators or the victim a document known as a phishing email that appears like it’s so crucial. But in reality, they entail malicious attachments that do look like PDFs but they’re executable files that can induce malware into any system.
And once it does become active, it has the tendency to rob the victim’s cookies and enable cybercriminals to gain access to accounts without any need to add login details.
Sebastian was affected by the same series of events as one of the creator’s channel members installed an email that they felt was a sponsorship deal but it was far from that.
While the source did appear to be legitimate and failed to delineate any major red flags or grammar errors, it did end up extracting crucial contents and launched a PDF he did notice that it failed to open but he ignored it.
The reality was that it entailed malware that provided access to user data through browsers including cookies, browser choices, and any passwords which may have been saved here. So in the end, the threat actors got access to all of the YouTuber’s channels and websites that he had accessed.
Read next: This New Malware Has Increased by 239% Since 2020
The incident arose when threat actors opted to get rid of videos through the channel known as Linus Tech Tips while replacing them alongside two videos discussing cryptocurrency featuring tech billionaire Elon Musk.
After discovering more about this incident, YouTube’s parent firm Google was quick to act and remove the content and restore the channels back to him. But it’s still a huge mystery as to what exactly happened and how his channels underwent the hacking attempt.
The recently published video featured Sebastian confirming how his empire did fall into the hands of a mega cyberattack through a session better known as cookie hijacking.
This term is reserved for those situations when threat actors get access to certain creators’ online accounts by stealing cookies on their sessions. And that wards off the need to get their online credentials for login or go through the whole MFA protocol for authentication.
For those who may not be aware, session cookies are usually stored on PCs in a local manner each time users opt to log in.
But how exactly do threat actors get access to the session cookie is worth a mention?
Experts claim it all begins by sending creators or the victim a document known as a phishing email that appears like it’s so crucial. But in reality, they entail malicious attachments that do look like PDFs but they’re executable files that can induce malware into any system.
And once it does become active, it has the tendency to rob the victim’s cookies and enable cybercriminals to gain access to accounts without any need to add login details.
Sebastian was affected by the same series of events as one of the creator’s channel members installed an email that they felt was a sponsorship deal but it was far from that.
While the source did appear to be legitimate and failed to delineate any major red flags or grammar errors, it did end up extracting crucial contents and launched a PDF he did notice that it failed to open but he ignored it.
The reality was that it entailed malware that provided access to user data through browsers including cookies, browser choices, and any passwords which may have been saved here. So in the end, the threat actors got access to all of the YouTuber’s channels and websites that he had accessed.
Read next: This New Malware Has Increased by 239% Since 2020
