- The YouTube account hacks are the result of a coordinated campaign that targeted YouTube users with phishing emails, pointing them to phishing sites, where hackers harvested their login account credentials.
- Some of the hacked YouTube channels in the auto community include Built, Troy Sowers, MaxtChekVids, PURE Function, and Musafir.
What is the issue?
Several high-profile accounts of YouTube creators especially from the auto and car community have been targeted in a massive wave of account hijacks.
Who was impacted?
Some of the hacked YouTube channels in the car community includes Built, Troy Sowers, MaxtChekVids, PURE Function, and Musafir, among others.
Apart from these, other YouTube creators also had their channels hacked over the weekend. A YouTube channel owner reported on Twitter that his account named ‘Bangon Pilipinas TV’ got hacked and the name has been changed to ‘Natural Live HD’.
“@teamYoutube please be inform that one of my Brand account in Youtube was hacked. Name Bangon Pilipinas TV. Now its change to Natural Live HD. i need help to return it back my owned YT Channel, waiting for your advise thank you,” Ayuk Nalds tweeted.
“@SusanWojcicki hello so I'm guessing y'all working on my YouTube channel it's been hacked. I been waiting on your creators respond back to me they haven't I really need my YouTube channel back my name is TheRealDJSpankk Rogers Screwston Tx that's my YouTube pg,” another YouTube user tweeted.
The YouTube account hacks are the result of a coordinated campaign that targeted YouTube users with phishing emails, pointing them to phishing sites, where hackers harvested their login account credentials.
- According to a YouTube channel owner who managed to recover his hacked account, hackers used phishing emails to redirect victims to fake Google login pages, where they harvested users' account credentials.
- Upon which, the hackers logged into users’ Google accounts, changed their YouTube channel’s URL, and re-assigned their YouTube channels to new owners.
- The hackers were also capable of bypassing two-factor authentication on users' accounts.