Get Surfshark VPN at surfshark.deals/echelon and enter promo code ECHELON for 83% off and 3 extra months for free!
@_bit_
2 жыл бұрын
Bet
@_bit_
2 жыл бұрын
🔥
@Lizz_ss25
2 жыл бұрын
Just out if curiosity is it linked to Chrome and windows. And or is it less effective on day Linux or macOS (unix based systems in general) and or non Chrome based browsers such as Safari or old version of Edge?
@aszthrotep4632
2 жыл бұрын
use nordvpn instead
@Lizz_ss25
2 жыл бұрын
@@aszthrotep4632 Didn’t they have a breach a while back?
@Games4Kickz
2 жыл бұрын
I remember when that happened to Marco and it was worrying to see how long the hacker was able to run the live streams which scammed viewers on his channel after KZitem replied to his tweet that they are going to look into it. Genuine or not, never download any game, application, document, etc... from an email or link in an email. If a game company links me their dropbox or similar to get the game I rather skip, even if it is the next big thing.
@keonkla
2 жыл бұрын
Very smart, you can never be to careful with a message from a party you absolutely can not verify.
@BloodyMobile
2 жыл бұрын
The incomprehensible part is that KZitem just went and verified the scammer. Not even giving a fuck that all content "randomly" got nuked and all... They definitely gain something from your scams, otherwise they'd be not as "helpful" to the scammers...
@fusrosandvich3738
2 жыл бұрын
@@BloodyMobile Well yeah, youtube gets a load of short-term money and suffers absolutely no long-term consequences. Why wouldn't they support the scammers?
@espanolroto1609
2 жыл бұрын
Would using a VM + VPN mitigate any vulnerabilities?
@Zynet_Eseled
Жыл бұрын
@@keonkla my best suggestion is to swap it to a dummy email, delete the initial, buy a shitty laptop, use a VPN, and load this on a dead and fake account so if the hackers get access, then the account hacked is gone
@Mikanoshi
2 жыл бұрын
How the hell it was verified AFTER the hack? Literally in YT's policy: "We won’t verify channels that are trying to impersonate another creator or brand. If we find a channel is deliberately impersonating someone else, we may take more actions". Hacker might have conspired with someone from YT or their mods are just stupid. Yesterday one of the channels I subbed to was hacked and was streaming BTC/ETH giveaway with Michael Saylor, so this shit is still thriving.
@martmine4618
2 жыл бұрын
There should definitely be a penalty for any company that doesnt follow their own policies. And youtube has done that more than once.
@skyesfury8511
2 жыл бұрын
How? Same way that YT gets away with shadowbanning, or outright banning, people that don't frogmarch to their ideologies. There's zero repercussion for YT behaving like fashists*.
@underthepale
2 жыл бұрын
As I've been saying for years now, "Laws are for poor people." It's easier to break the rules at YT than it is to follow them, and therefore, their TOS mostly punishes honest users. When it comes to dealing with our new corporate masters, don't always assume malice, but stop blindly assuming innocence, as well.
@painexotic3757
2 жыл бұрын
youtube is more concerned about people making mean comments than actually stopping criminals.. it's sad.
@elimerrill8163
2 жыл бұрын
You read the Policy, if you really did I congratulate you
@WoddCar
2 жыл бұрын
Google when they see a KZitem when 300k subs and obviously genuine: “nope, not gonna verify it” Google when they see an obviously hacked KZitem scam channel: “yep, seems legit”
@Mario583a
2 жыл бұрын
Two(+) different channels with the same name and profile? What could pawsibly go wrong -Bubsy- ~Google.
@KineticSymphony
2 жыл бұрын
That's the most disturbing aspect to this scam, how the hell did the scammer get the account verified?
@ReformedSooner24
2 жыл бұрын
RussianBadger still hasn’t been verified lol
@Mepholar
2 жыл бұрын
No idea how the scammer able to verify like that, but feels similar to SQL string field hacking where some text field input from a user isn’t safeguarded vs server command code phrases (which are then supplied for “the account name”, “password”, etc) and it generates a massive list of the entire server database with keywords for account access points. If such a hacked text field causes overflow in some server field it could trigger some binary variable from off to on. (A visual, though unrelated, example is getting to levels in tetris past what in player expected to reach, and the game starts dropping random* square character sprites instead of blocks, and levels move on from numbers to letters, to the same character sprites; all of which are just next in sequence) Back when internet was new banks had this problem with their servers. Businesses are slow to upgrade their code and tech after infrastructure put in place, and exploits are vulnerable until one is so bad the companies are drug by their wallets to put in place something new. Anyhow... feels similar to that. No idea if its exploitable fields on youtube’s side though.
@clou09
2 жыл бұрын
Obviously an inside job. The timing and speed of execution is just unbelievably fast.
@Ayundaru
2 жыл бұрын
FINALLY someone made a video on this. It's been happening a ton.
@ItsEd981
2 жыл бұрын
I love your fake Minecraft Speedrun videos
@Don-ds3dy
2 жыл бұрын
The bots, the censorship, the hackers, dislikes being removed, etc, KZitem is in it's little dark age.
@darkpit37
2 жыл бұрын
Bro, there are a bunch of videos on this topic that were uploaded years ago.
@BleachDemon707
2 жыл бұрын
SILENCE, CHECKMARK
@aaaakajkkknn
Жыл бұрын
Yes that happened to many clash royale youtubers like lonti69
@OnlyGetty
2 жыл бұрын
Just chiming in to say that I've brought these hacked livestreams up to the subreddits owned by said companies. For example, someone hacked Momma Cherri's channel (She was featured on Kitchen nightmares), and ran an etherium livestream for about six hours. I let them know it was happening on the free talk thread, and the moderators were strangely and aggressively defensive. They even went as far as suggesting that the channel holders who 'let their channels be hacked' should be sued, stating that it makes etherium 'look bad'. It's not just some random subreddit, two of their co-founders of etherium are on the moderator team of the etherium subreddit.
@SergeiMosin
2 жыл бұрын
It's the cryptobro mindset. Anything that doesn't fit into their worldview of crypto being some perfect futuristic thing is quickly shouted down and attacked.
@shib5267
2 жыл бұрын
they incentivize and profit from this kinda shit. Crypto is in general a pyramid scheme, they know what's up
@moshunit96
2 жыл бұрын
Blaming the victim is a pretty good indication they are corrupt themselves.
@skyesfury8511
2 жыл бұрын
@@moshunit96 I would even say there's a very good chance they're part of the scam if they behave like that.
@bitsamui5104
2 жыл бұрын
What are they going to do? Scammers are going to scam, they literally can't do anything about it. Just like governments can't stop people from being scammed by 3 card monty. Suing the youtubers sounds sus, but it's not like any single company can do anything to stop Russian hacking and scams.
@aabahdjfisosososos
2 жыл бұрын
You’re the ONLY person covering this. Thank you a ton, I’ve been seeing this annoying comments and channels everywhere.
@Snakedude4life
2 жыл бұрын
Not like KZitem is doing any preventative measures. Thanks Susan Wobbajack!
@-Ryu
2 жыл бұрын
@@Snakedude4life I still can't believe she has a job.
@anteshell
2 жыл бұрын
He is NOT the only person covering this. Quite far from it, in fact. It's just that you don't know how to use search engine and think that your recommendation feed is everything KZitem has to offer. FYI, it is not. KZitem got plenty of stuff you have no idea of and clearly this kind of reports are one of those things.
@Sevenigma777
2 жыл бұрын
Actually I've seen this covered a couple of times already so it is being covered by other ppl just so u know
@neoqwerty
2 жыл бұрын
@@anteshell When youtube is choking things down and you have to search for it instead of it rising up toward the top, does it make ANY difference when the end result is that this is the only video with some sort of traction that pops up on your home page, and you don't constantly search for the latest youtube scam? I'm subbed to a cluster of call-out/scam-warning channels and if they did any coverage, their videos aren't getting pushed out to people who need to hear it and instead getting buried under videos I've already watched before. (which is another problem youtube has besides having its thumbs jammed up its arse instad of working to fix its problems)
@Negritis
2 жыл бұрын
When even Jim browing can be hacked it's really tricky
@JoelElRican
2 жыл бұрын
I'm glad Kurt, Uncivil Law, was able to get his channel back with everything intact. I can only imagine how he was feeling. Thank you for covering this, @Upper Echelon Gamers
@smgofdvld
2 жыл бұрын
Uncivil got hacked? Damn
@MillywiggZ
2 жыл бұрын
He’s probably feeling quite… …UNBREADED!
@someonenamedbob
2 жыл бұрын
I've seen this happen to several channels over the past few years. Passive defense is great but sooner or later you need to actively punish bad actors. Can't just let people take swings at you forever, sooner or later you will get hit.
@NovaGirl8
2 жыл бұрын
at least three that I know of. Two of them I was able to remember the channel name and both creators got back their channel back although one lost a fair amount of his VODs. Another one, I had no idea who it was and all their old vids were already gone so I was not able to identify through that.
@LikaLaruku
2 жыл бұрын
Is this what happened to Jim Browning?
@MegamanNG
2 жыл бұрын
I despise when KZitem channels get hacked. It gets my blood boiling with a passion. It happened to a dear friend of mine and I don't want it to happen to anyone else. Jeezus. This is why I don't accepted sponsors like this. Hell, I actually changed my password and I need to get those special keys.
@giodandosu
2 жыл бұрын
It this gonna be sufficent? THAT is the pronlem!!!!
@Yespower
2 жыл бұрын
I imagine the removal of the dislike button has a part to play in this (though I imagine they'd remove the like dislike counts on those scammy videos), because now you can't know for certain, at a glance that this video is a scam or waste of time. Not knowing of the phenomenon you could potentially lose a lot, and wasting time at a minimum. Great video, thanks for talking about that!
@giodandosu
2 жыл бұрын
Yeah i can tell the scam are why they remove the dislike button......
@fonesrphunny7242
2 жыл бұрын
Even if you could see dislikes, scammers are great at shouting "it's just the haters" (or similar) and people will fall for it anyways.
@mikeloeven
2 жыл бұрын
TBH the act of purging a channel should immediately trigger a red flag and lockout followed by a notification to the original channel holder. This is a pretty easy thing for a bot to detect.
@TheDarkMaster123
2 жыл бұрын
Something similar happened to a friend’s KZitem Account. He died from Covid not too long ago and someone grabbed his passcode on it and posted those low effort ‘Get the latest game on your mobile device! Emoji Emoji Emoji’ scams on it. Although nowhere near as sophisticated as these hackers, it’s honestly amazes me how easy it is to have a channel cracked and stolen
@razumikhim
2 жыл бұрын
that's rough they did it to a dead man? talk about shameless
@mowermen1762
2 жыл бұрын
Wait if someone grabbed his password that would imply that one of his family/ roommates would have stole it That’s even worse cuz it would mean they went though a dead persons stuff stole a password and did a trash scam on it Jeez my faith in humanity is gone for the week
@fonesrphunny7242
2 жыл бұрын
@@mowermen1762 Honestly, Google's security is kinda shit. If someone gets hold of your Google email address, they can just run a brute force attack to guess your password. There is little protection against repeated login attempts. You would receive a warning email ("login from a new device"), but an attacker could instantly delete it, because he has full access to your google account. Facebook is even worse. Imagine making an account and two days later you've swapped gender, changed your birth date, moved half across the globe and got about 400 male friends in South America. They don't give a shit when that happens, probably because it happens so much.
@ZastropollyonZ
2 жыл бұрын
Damn
@r0cketman776
2 жыл бұрын
I just want to say: Don't feel safe from these attacks just because you have a VPN. VPNs are great for privacy and location spoofing, but a VPN will NOT protect you or any of your accounts from falling victim to these attacks. VPNs are purely a "privacy tunnel" and prevent someone from looking at your data from the outside, but these attacks happen at the source computer, before any VPN encryption happens, meaning you're still vulnerable to these attacks. Best practice is to never click on links or download programs from emails, and verify the sender first. The weakest link in the best security is always the people behind the keyboard, the more secure we make ourselves, the more secure our accounts are.
@giodandosu
2 жыл бұрын
Ty, it is important you said that, I wasn't sure!
@fivestarman1291
2 жыл бұрын
I remember being taught basic stuff like this back in the 90's, when household computer use was rising. Don't give out personal information, don't click on shady links or download shady files. It's sad that some people still have to learn this.
@CmoIsDaNam3i
2 жыл бұрын
Mostly becaise people arent taught this. And tbh even as someone who is aware of this. If you find yourself in a place were you arent all the way there you can still fall for it. I had woken up and basically still sleepy had let my Steam account get hacked from "Free Doscord Nitro!!!" because I was basically not that much better than someone being drunk basically. I got my account back. But it can happen to anyone even if you are normally aware and ready. Just imagine now for anyone who ISNT aware in the slightest. :|
@Mike_Dubayou
2 жыл бұрын
VPNs arent even that great for privacy. Look up browser fingerprinting if you think IP address even matter for identification anymore. Your own browser is unique among millions of others, regardless of IP.
@1xtra299
2 жыл бұрын
@@Mike_Dubayou Noob here, quick question. Are you saying VPNs are useless because of fingerprinting? Or, they are good to use with public wifi, but corporations can still know your browsing history?
@natalyst
2 жыл бұрын
man, hating crypto makes me feel so safe lmao. whenever i see people advertising some crypto shit i just instantly unsub, it's happened a few times so far sadly
@cormoran2303
2 жыл бұрын
And to think all these big companies want to jump in on it.
@ZastropollyonZ
2 жыл бұрын
Crypto itself isn't bad but if someone tells you to put money into some unknown coin, don't do it since it's likely a rugpull/scam. Coffeezilla does a good job at exposing some of these scammers
@-games5524
2 жыл бұрын
I feel horrible the guy lost his channel, but this is really just the same thing thats always been happening, except now its using crypto/NFT instead of other means. Email phishing is still email phishing. Downloading and running an executable you receive via email is ALWAYS a bad idea, even if you can verify the email is legit, use a different method of delivery.
@ZastropollyonZ
2 жыл бұрын
I've seen those scams before in 2019 and 2020. Long before I got into crypto related stuff
@dhuntermg
2 жыл бұрын
Finally a video about this topic. 2 channels that stopped posting videos a while back (PvpSkillz, Dark Souls invasions-related and David p. Kami, FPS/Battlefield-related) were hacked this way and then renamed to the Ethereum LIVE name. I unsunscribed from both just as the hack took place (they still had videos up which helped me identify who they were before the rebranding), knowing it was just a scam but knowing how deep this rabbit hole goes is even more amusing.
@mantha6912
2 жыл бұрын
I remember when Astartes got hacked...those were dark times.
@SamGrey
2 жыл бұрын
This is a perfect example of how the blue check marks mean absolutely nothing 😆
@Blood-PawWerewolf
2 жыл бұрын
Yup. It’s always been nothing.
@DankScole
2 жыл бұрын
I constantly get emailed required me to “download and unzip / click a random link” and I don’t even entertain those. I can easily see how creator would fall for these.
@Ahmenthi
2 жыл бұрын
It happened today with the channel DeadJosey, who does voice work and comic dubs. If you have resources to get KZitem's attention to resolve this, I'm sure she'd appreciate any help you or anyone with some clout could give her.
@MillywiggZ
2 жыл бұрын
This is only going to get worse with the Eastern Europe V Russia war. Those two parties have been battered the most from sanctions, supply chains and the knock on effect with fiat currency. If the marketplace is mostly Russian and the Ruble is tanking desperation might set in with the scammers.
@Unapologeticweeb
2 жыл бұрын
On top of that because there current cyberwar allot of high level hacking programs are floating around the internet hence the recent spike in hacks
@hiagustres
2 жыл бұрын
This happened TODAY to a channel I'm subscribed to for more than 4 years. Thankfully it seems to be solved, but still, it's a huge problem to everyone, it happened to my channel last year and it was terrible.
@bamboogameplay138
2 жыл бұрын
Yo i like your vids mate but i have a serious problem with you stating that "on the dark web you always need vpn". As someone who has extensive knowledge on the subject of dark web services like Tor, i2p, freenet etc, i must tell you that what you just claimed here is not only false, but also the other way around, a VPN is in almost all cases WORSE for privacy when used with these dark web services. The only way to visit the dark web in a secure way is to NEVER use it in your Phone or windows and use a hardened OS like whonix or tails. Also disable javascript on your settings.
@delta3244
2 жыл бұрын
Can't one safely acess the dark web on a phone if its hardware is trustworthy and it has an OS like those you mentioned? Or is there something I'm missing? In any case, _thank you for saying this._
@bamboogameplay138
2 жыл бұрын
@@delta3244 you cannot really put tails or whonix on your Phone. And dont think for a second android or iPhone is safe in terms of privacy. Apple is already scanning your Phone for illegal files, and google has deep hooks in android on OS system level. Its well known in the dark web community that mobile devices are not safe for that purpose.
@delta3244
2 жыл бұрын
@@bamboogameplay138 I have vague memories of hearing/reading about relatively hardened phone OSs, but could be misremembering (and judging by what you've said, I am). Android/iPhone definitely aren't fit for the purpose (perhaps raw Android is? But I haven't read the source code, so wouldn't be surprised if it isn't). Anyways, thank you for answering.
@ZastropollyonZ
2 жыл бұрын
@@bamboogameplay138 android might be safe but there some exploits on there and Google will check your files if you back up your photos saved on your devices
@joshkarn1951
2 жыл бұрын
Rekeita Law when talking about Uncivil Law being hacked mentioned the possibility that hackers could be using info obtained from a Streamlabs hack/breach to backdoor their way into taking control of a channel. Not sure how plausible but throwing the idea out there to hopefully be dismissed as not possible.
@th3matt165
2 жыл бұрын
The way they bypass 2FA also shouldn't allow them to change passwords in the normal way, forcing them to wait multiple hours for the password change and Google sending a message to other devices connected to the account, as Google wants to make sure it's actually the owner of the account that wants the password change, so if the person whose account got hacked changed their password during that time the hackers would immediately get logged off as the sessionID (the cookie that they used to log in) *should* no longer be valid.
@roflBeck
2 жыл бұрын
They literally change people's passwords "the normal way." That wait time would have to apply to all password changes.
@TheBlackAndWhiteCow
2 жыл бұрын
Most likely they have access to their email too, not sure if that's enough tho
@ZastropollyonZ
2 жыл бұрын
I somehow managed to immediately change the password to an account I stolr from this Gachatuber through "forget password" and through a shit phishing attempt. It does take a week to take primary ownership of a brand account. It's best to have multiple backup methods
@the_ttr
2 жыл бұрын
@@TheBlackAndWhiteCow not necessary - if you're logged in you can disable MFA (you will need to provide password) - if that password was stored in browser password manager, you have access. But since vector of attack is session store, then yes, they did had access to their email.
@xkerberosx1
2 жыл бұрын
UEG:"November of 2019 was nothing out of the ordinary" Covid-19: "Am I a joke to you?"
@JoelElRican
2 жыл бұрын
Nothing was shut down until early 2020... We didnt even find out about Covid til around Late January- February 2020...
@btgreat8201
2 жыл бұрын
@@JoelElRican covid was discovered December of 2019
@Marinealver
2 жыл бұрын
I think Google might have been hacked if the scammer was able to "verify" his own videos.
@TurikoYemontoshi
2 жыл бұрын
Or, far more likely, the process is fully automated and has a bunch of loopholes to ensure "verification" which the hacker purchased info on.
@LarsnVAL
2 жыл бұрын
UE: November of 2019 was nothing out of the ordinary Covid: Am I a joke to you?
@requiem4ameme929
2 жыл бұрын
I remember when this happened. It's good that you're revisiting this bc I don't see anyone else talking about it.
@cormoran2303
2 жыл бұрын
Kurt looked real rough when this happened to him. Watched the guy puke his guts up on stream with Rekieta and he was more composed then than when he streamed with Joe from Good Lawgic to talk about this. Glad to see KZitem has finally reinstated his channel.
@TegridyMadeGames
2 жыл бұрын
im convinced google is 100% autonomous at this point. Theres no way a human is doing this crap. Their customer support just sends you copy-paste messages now no matter how many times you tell them the copy-past info didnt work.
@RedHerring1290
2 жыл бұрын
Always weird to see creators I thought were totally unrelated to each other intersect in their content. Glad Uncivil got his account back, Good Lawgic's agents do fast work.
@fredhurst2528
2 жыл бұрын
Interesting to me that there would be many people so casual about their use of youtube that they would not recognize that a channel they are subscribed to has completely changed format and would not only "not" be incredibly suspicious, but they would actually watch the video and say to themselves, "hey, this channel is now a crypto influencer when it used to host video game content, I think I will send them money." I cannot be the same species as people this dumb.
@sertaki
2 жыл бұрын
They wouldn't realize the channel changed. Because the name and profile get changed and all videos were deleted, the only way to realize who that was before is is if they memorized the channel url or went there by bookmark. If somebody is subscribed to hundreds of channels, one can easily miss something changing.
@fredhurst2528
2 жыл бұрын
@@sertaki I guess I don't subscribe to channels I don't intend to watch, and if I intend to watch, I will know what content is supposed to be on that channel, so it still baffles me despite your explanation. Guess I am more careful about what I click on than a lot of folks. Thanks anyways, and take care while on the interweb, it's not always a nice place.
@sertaki
2 жыл бұрын
@@fredhurst2528 I personally am a lot on youtube, watch all kinds of stuff from different styles of videos, and am therefore subscribes to a huge number of channels. If one of them suddenly changed into a weird dude, I would have no way of easily knowing which channel just vanished and would wonder if that's just some channel I subscribed to 6 years ago who has not posted for years. Seeing some weird crypto stuff, I would immediately unsub, however.
@GlamEye
Жыл бұрын
A popular music channel called ambition music just got hacked a few hours ago. It has over 1 million subscribers and now the hundreds of music videos are gone and replaced with videogame hack scams and a live crypto scam stream, also it was renamed to microstrategy.
@chartier67
2 жыл бұрын
What is funny, and this is NOT an attack against UE. Surf Shark and other VPN software's makes it very hard catch hackers and other dark web antics. Also, his friend unknowingly opened an infected file which wouldn't have been prevented by a VPN. VPN's are good for shielding you from a web visibility yes and the ability to watch programs in other countries, but for the most part is more beneficial to the criminals.
@giodandosu
2 жыл бұрын
Yeah I get it, normal people use it to see thing, criminals use it for scam and worse, i get it...
@traplover3132
2 жыл бұрын
A while back, a phisher was appearing as the game company Team17, tricking youtubers into thinking that they were going to get sponsored by them as well as get early acces to the game "The Survivalist". As far as i can recall the biggest channel that fell for it was a swedish channel with over 300 000 subs.
@xloppyschannel4881
2 жыл бұрын
never click links on a emaik
@JoelElRican
2 жыл бұрын
or in a text message on your phone...
@LarsnVAL
2 жыл бұрын
POV: UE was hacked and someone dubbed him to make a video warning you about hacking to further gain trust to then hack all viewers
@SaintInix
2 жыл бұрын
Just wanna say, I've always enjoyed your content. Substance and truth are in short supply these days. Thanks for always making good quality breakdowns of these issues.
@mousermind
2 жыл бұрын
This even happened to Simon Whistler's TopTenzNet channel not too long ago. But back then we still had Dislikes. Now we're powerless if this happens to our favorite channels.
@TheScawer
2 жыл бұрын
Wow, I'm so glad dislikes are turned off. I feel safer on the platform already.
@TheJackal917
2 жыл бұрын
KZitem is a fkhole and it's management needs to get jailed.
@M4TTYN
2 жыл бұрын
you can't be serious.
@TheJackal917
2 жыл бұрын
@@M4TTYN why? It is a fkhole if it allows shit like this. It is also busy wirh hunting down ''wrongthink'' ', like wtf. It's ''KZitem'', right? Not ''OURtube'' or ''THEMtube'' or not even ''HERtube'' - hi, Susan!
@Bullminator
2 жыл бұрын
Best way to protect yourself if to use a seperate email (away from youtube channel) for contact. And you only talk with people on this email in virtual machine. So if email gets fucked, your pc will still be safe as all info on disk gets purged when you turn the virtual machine off anyway.
@exiledmonastic4650
2 жыл бұрын
underrated comment. is it really that simple? i suppose doing that wouldn't be much effort if someone had a larger youtube channel. nice and simple!
@coragin21
2 жыл бұрын
Wouldn't a VPN and and running a Virtual Machine completely nullify any actions these hackers are trying to do? A virtual machine is where I have always opened questionable things or surfed questionable sites. This might be a good idea for UEG to make a video on. Where to get VM software, how to set one up, etc.
@Omfghellokitty
2 жыл бұрын
I've always reported these when I see them as hacked account livestream fraud crypto scam advert
@DonCarlione973
11 ай бұрын
It's so crazy how it seems to be so easy for these people to steal your private accounts! That's some scummy ass shit right there. Taking a man's livelihood away like that... it's super f'd up 😒
@Liz3_
2 жыл бұрын
pdf shouldnt be affected, im unaware common pdf renderers, most notable: browsers do not execute anything within a pdf so a attacker would need to find a exploit within the pdf renderer itself, which is possible but very very unlikely rest is very good! update after watching the end: you do NOT need a vpn when browsing the www or hidden services in tor, tor acts (in a way) like a vpn, but through multiple servers rather then one, big difference is that tor only secures stuff in tor, not outside of it. but adding a vpn when using tor is redundant
@delta3244
2 жыл бұрын
it is worth noting that excecutables can disguise themselves as pdfs by using the pdf icon as their icon and ending with .pdf.exe or something, but yes, once you have directly checked the extension, pdfs (probably) can't harm you.
@D00MNUKEM90K
Жыл бұрын
Another youtuber named Fudd also quite literally got hacked a few hours ago and is now called Ripple, all videos unlisted and replaced by several livestreams.
@garcipat
2 жыл бұрын
Getting some knowledge about cyber security should be a standard if you have your own youtube channel. Do your homework guys. Thanks for another video that demonstrates that.
@TheRealCake
2 жыл бұрын
I agree, so many channels were hacked because of ignorant clicks
@Grey.Minerva
2 жыл бұрын
This kind of attack and the stealing of the login token to bypass 2fa is also happening on discord and is almost exactly the same.
@I.____.....__...__
2 жыл бұрын
This has been happening longer than that; Overlord Gaming did a video about fake sponsors hijacking YT accounts in 2018.
@AlanGChenery
2 жыл бұрын
I've got a LOT of subscriptions. I've lost more than a few channels to this stuff. I personally don't engage with crypto nonsense so the moment I see them I know it's a hack or a scam... And it's sad to me that I often don't even know what channel it was before it was taken. Just another unnamed corpse for the graveyard. :(
@AlphaNerdGaming
2 жыл бұрын
the same thing happened with a gaming youtuber called staycation, either in 2020 or 2021. His channel got hacked, it was some kind of paypal scam live stream, he did manage to get it back though. Happened to Jim browning too
@skyesfury8511
2 жыл бұрын
Perhaps sponsors should have something on their company's website to input a code that would be sent to the creator they reach out to by the person reaching out to the creator, so the creator can verify the legitimacy of the sponsor? Bigger companies (surfshark, nord vpn, raid shadow legends, ring, etc) all have websites that are easy enough to find even if you're not familiar with the company. I'd imagine it would take minimal resources to set up and would greatly boost the safety of creators. I'm not going to pretend to know how to set up a system or program or method of doing something like that, but I can't imagine it would be very complicated.
@nunchuksteev9811
2 жыл бұрын
I feel like UEG is on top of his game right now and his views should be through the roof. I have to think he gets the shadow ban treatment.
@AshnSilvercorp
2 жыл бұрын
I love how RuneScape was ultimately a lesson in online Ponsi schemes...
@NovaGirl8
2 жыл бұрын
CJU Games got hacked a while ago. The community mass reported the channel and the livestream several times and and we somehow managed to get the channel shut down and CJU was able to to get it back. A lot of his vids got deleted/privated but thankfully he had backup of his old vids since it has happened before. Also happened to two other channels that I know of.
@angel_withaflamethrower
2 жыл бұрын
Thanks for covering this.
@TheCrazyhusky
2 жыл бұрын
First rule of the internet, Don't click shady links or download anything you aren't 100% fimilar with. If it's too good to be true, then it is.
@NotsoEP
2 жыл бұрын
Best practice now a days is to learn how to create a VM and open any attachments in that, just be sure to not use the VM for surfing as well! With hijacking and channel theft on the rise (in all platforms).
@shibinformer5931
2 жыл бұрын
We face this issue a lot with SHIB too. Even a legit KZitemr thought that the Shib community hacked their channel for exposure. But this is actually detrimental for the Shib community! This is a very bad problem in KZitem, but is worse when a legit youtuber is hacked and their account is suspended because of reports of scam. If anyone read this: any LIVE video promising crypto giveaways with an overlay and a famous crypto person or celebrity, it is a scam. Be careful.
@omegaweltall2001
2 жыл бұрын
This JUST happened to a Path of Exile creator. Smh
@24680kong
2 жыл бұрын
A maker-channel called "Homemade Maddness" form the Netherlands just got hit by this. He has 156k subscribers, but now it's called "SpaceX Official" and has the usual elon musk crypto scam on it.
@australianemergencyvehicles505
2 жыл бұрын
a channel named "dallmyd" with 13M subs just got hit by this too with bitcoin scams and stuff
@aaaakajkkknn
Жыл бұрын
I remember three clash royale channels hacked the first one was the channel started uploaded korean livestream stuff secondly another channel started uploading ukraine news and other stuff and lasty a channel that was pretty big but got hacked and started uploading internet stuff
@Applz101
2 жыл бұрын
KZitem’s Comments are always filled with scams as well. It’s horrible.
@mcp613
2 жыл бұрын
This is why should only open apps you've never heard of in a vm
@SHDW-nf2ki
2 жыл бұрын
I firmly believe that Astartes wasn't hacked by some random jackass and then sold. it was a targeted move by GW to gain control of something they saw as a threat to their control of their fandom.
@luthfihar3211
2 жыл бұрын
FYI almost all channel with cardanoADA as their name is a hacked channel, recently deadjosey, a comic dubber VA also got hit by this hacking wave
@ItzTooCringey
2 жыл бұрын
Jay Swingler is hacked now…. Oh no
@DarkSeraph95
2 жыл бұрын
I brought up a crypto scam in the server a little while back. He got his channel back but it's insane this happens
@fateric007
2 жыл бұрын
Perhaps KZitem should pay their creators better.
@M4TTYN
2 жыл бұрын
no one should be on this site for money 1st off.
@cormoran2303
2 жыл бұрын
@@M4TTYN Yeah, how dare people make money, evil capitalists!
@brianlinden3042
2 жыл бұрын
Same thing happened to a (mostly) anime youtuber I like called BestGuyEver, also around 2019, if I recall. He was able to get his channel back, but I'm sure a lot of smaller channels weren't so lucky.
@justarandompersoniguess
2 жыл бұрын
Wait marco was hacked back in 2019? I didn’t even realize that even when I am subscribed to him
@RMeitzen
2 жыл бұрын
Ah, so that explains why I saw a random crypto livestream amidst my subscriptions a few months ago.
@SUBphilip1300YOUTUBE
2 жыл бұрын
this can be a little nightmare. hopfully i dont need to be in this i have losed gaming accounts and stuff before on internet to ways me not even know how. i have 1400+ videos but my risk is probaly low for i have show me on videos so youtube have eazy to figure out who i are. and i dont response to sponsors on email. but hackers use to find many difrent ways so newer totaly safe but one of the best thing is probaly to show face on chanel video here and there so youtube can know who have the channel. it can be a real pain to get stuff hacked, i have lose emails and gaming accounts and stuff where people i know get weird stuff. but i have do many emails and have extra channels who i conect to my main one so i have many ways to prove who i are and stuff. but yea this kind of things is not fun. but can be fixed but not to fun.
@dsagent
2 жыл бұрын
Why ripple / XRP of all things? They have legal issues. Also I have noticed that occasionally I would end up subscribed to random youtube channels I have never watched.
@-imperatorinsomnia-6163
2 жыл бұрын
Ripple has a CEO it's mid level with less fed attention on illegal activity like blacklists or deep dives on the ledger. XRP was easier to launder now it's getting harder.
@wardrich
2 жыл бұрын
How the hell do people STILL fall for "send me $x and I'll send you $y" scams?!
@poeterritory
2 жыл бұрын
This seems to point to someone(s) in Facebook being in on it. Or whoever does the verification badge. Maybe it goes way deeper than people think?
@moshunit96
2 жыл бұрын
No it doesn't.
@Carnyzzle
2 жыл бұрын
Good ol youtube, can't do anything about these channels but they decided to hide dislikes
@JJS563
2 жыл бұрын
I remember the hell he went through to get his channel back
@SlowzyFootbaledits
Жыл бұрын
Great work *Upfronthackers* so glad you are out there fighting these lowlifes. We need to do all we can to spare the elderly and the general public from these despicable scammers!
@nervaaugustus7089
2 жыл бұрын
Thank you for covering this, UEG.
@W8D_
2 жыл бұрын
Thanks so much for raising awareness about online tech problems - you're really helping me see why I should be careful online. Just watched your TikTok video and agree with it all - I have no plans to download any time soon. Stay safe man - you're an excellent creator and your content should be spread around the world to help raise awareness.
@sambakich7494
2 жыл бұрын
Happened a year or so ago to Tod's Workshop, got turned into Binance English. Tod got his channel back, thankfully, but I can only wonder how many didn't.
@Nerdvanna98
2 жыл бұрын
Who's still falling for that "send me 1,000 of something and I'll send you 10,000 back" scam? Any common sense tells you that it doesn't make sense.
@JakeyGaming2027
2 жыл бұрын
2022 May: beware of Casualchannel user.
@Lizz_ss25
2 жыл бұрын
Just out if curiosity, is it just a windows problems or are Linux and macOS also effected…
@th3matt165
2 жыл бұрын
Since these cookie loggers are probably written for Windows they shouldn't even be able to execute without WINE on Linux and Mac.
@monetizationanddemonetizat3260
2 жыл бұрын
I don't agree with you politically but I do appreciate that you cover these subjects
@yippeethreeeight
2 жыл бұрын
That's crazy, and a bit scary for content creators.
@Mepholar
2 жыл бұрын
Seen something similar with youtube accounts replying to comments seconds to minutes after a video goes up. The comment replier has a thumbnail or a marketable attractive young woman and is posting a link to them dancing, etc. with no other vids on the channel. Seemed more prevalent in late Jan/ early Feb 2022. Feels like the channel was hijacked.
@YaBoiDoi
2 жыл бұрын
It does. There are channels that have the most realistic comments ever and theyve got a sus pfp
@ShadowMelt
2 жыл бұрын
KZitem needs to be on this like right now
@moshunit96
2 жыл бұрын
Should have been on it 3 years ago.
@delta3244
2 жыл бұрын
What do you believe KZitem can and should do about this, out of curiosity?
@ShadowMelt
2 жыл бұрын
@@delta3244 I'm not a software engineer, unable to come up with a solution.
@delta3244
2 жыл бұрын
@@ShadowMelt I have done a fairly substantial amount of programming, and outside of not verifying obviously malicious channels, I cannot see a solution. To be perfectly honest, attacks which involve stealing cookies are not YT's problem.* They are a (likely)** unavoidable*** problem with how the internet currently works. The only way to remember that a user sucessfully logged into an account after they leave the login page is to put a cookie on their machine. The only way to verify that an account holder is who they claim to be is to check that cookie. If that cookie is stolen (i.e. copied), the theft cannot be detected. See the problem? Cookie scrapers unfortunately aren't attacking KZitem, they are solely attacking the computer which they aim to steal from. Thus they are not something which YT can fight. There is one, unfortunately inneffective, thing that YT can do to minimise the effects of stolen cookies. Every user on the internet has a (generally non-unique, hence the need for cookies) user agent (UA) which can be used to track them across the web and learn about how they use computers, alongside more legitimate uses like serving the Windows version of a downloadable program for Windows users, the Linux version for Linux users, etc. This user agent includes data like the IPA of the user alongside their OS + other info about their computer. KZitem could keep track of which UA owns which session cookie, and (as part of an opt-in security program) only accept that cookie from users with a matching UA.****** There are a trio******* of problems with this method, however: 1) the given UA is in all likelyhood non-unique, so an attacker might just happen to have the same UA anyways 2) It's inconvinient for the user (hence it being an opt-in system), because now they are logged out whenever their IP or any other mutable part of their UA changes. 3) Most importantly, UAs can be spoofed. Everything except for IP is trivial to scrape off the attacked computer and mimic, so using anything other than IP for verification is pointless. This makes problem (1) a lot worse, as public IPs are currently very much not unique. Furthermore, IP addresses *are* trivial to _spoof,_ the only non-trivial part of doing so is making use of the session you have created. If you send the wrong IP address with your traffic, you will not recieve return traffic from the server you interact with; you will be blind. But your actions will still have an effect, and so you can still use your session to change your target's password, and through it, to claim a session cookie for their account as your own. This attack can be mitigated by YT taking advantage of the fact that attackers are blind without further effort (such further effort includes things like the attacker's scraper forwarding the server's traffic for the attacker's session back to the hacker (if they can guarentee the traffic will make it to the victim through any relevant firewalls), or perhaps better, having the scraper itself handle this entire task. (insert more complexities here because wars, even including these relatively minor wars over security, are complicated things) Once again, I do not believe it is YT's responsibility to do the above and try to make it immune to bad actors; I don't believe they would succeed if they tried. But that isn't to say that all hope is lost, there are still things which users of YT can do to manage their own security. For the most part, this is just typical stuff like "seriously, stop downloading random files (especially excecutables) from the internet and especially email! And stop clicking links in emails while you're at it!" but there are some specific things you can do against this kind of attack as well. For example, if you find that you absolutely must (or merely should) download an attachement which you cannot verify (i.e. any attachement which you weren't explicitly sending at this time, even if a friend sent it. Friends can get hacked! though you can always ask them through another means to verify it), you can follow the following seps to minimise, but not negate, the risk of doing so: 1) use a computer besides your main one, which your main one does not trust. 2) be logged into nothing whatsoever on that computer and have no important files on it (typically, this is not needed because of (3), but sometimes (3) isn't good enough. Judge the risks yourself) 3) open a VM, do the remaining steps in it 4) log into only the relevant email account, which has a feature X which allows you to 'log off all other computers.' 5) Start the download 6) At the first moment where you can do so and not cancel the download, use X on your main computer 7) if you can, disconnect your second computer from any possibility of acessing the internet (i.e. remove the ethernet cable, make sure it doesn't have wifi) once the download finishes. 8) only ever interact with what you downloaded on that VM (and always do 7 before opening the VM), even if it looks legit. *Exceptions may apply, but this statement is true in general. **web development is not something I've done much of, so I may be unaware of something which could theoretically be used to invalidate such attacks. I am very sure such a thing does not exist because of what I know about cookies, however. If it did exist, cookies would not be the only way to take a user's past actions into account when they enter a new page. ***there are ways of mitigating the problem even if it can't be avoided, I will get to that. ****excluding data which is liable to change all the time, like current charge of a laptop (which is part of the UA iirc) *****there is one more problem which may or may not be relevant: What I am about to propose could (it might not, but it could) more than triple the amount of memory spent on storing currently logged-in users, which may not be viable. (that number would be more than 3x if storing the entire UA was viable) (edit: formatting, typos)
@marteronde
2 жыл бұрын
i am kinda curious to why not more youtubers use a VM or a separate "Work" pc to avoid this kinds of problems
@australianemergencyvehicles505
2 жыл бұрын
a popular channel called "dallmyd" with 13M subs was just hacked like this too and they deleted most videos and is now playing 2 live streams about bitcoin
@jaredsmith4919
2 жыл бұрын
Man the tech space is getting pretty dangerous? Thanks for the heads up.
@hauntedasylum8194
2 жыл бұрын
To the hacker that keeps harassing me... why? Why are you bothering me? I'm an old guy, suffering from chronic pain and insomnia, dying of it all, and yet you make my last days that much more miserable. Why are you such an asshole? Can you leave an old man alone?
@Lizz_ss25
2 жыл бұрын
I’d be fun to make an anime or tv series, based on internet/KZitem/crypto drama
@buggerlugz6753
2 жыл бұрын
Its incredibly worrying how huge this problem is on youtube, don't seem Google is very interested in it either.
Пікірлер: 478