Thank you ALL for your constant support! And thanks to dbrand for sponsoring this video. Use code FIVEFOOTONE at shortlinus.com for 15% off everything site wide. ► GET EXCLUSIVE CONTENT ON FLOATPLANE: lmg.gg/lttfloatplane ► GET LTTSTORE MERCH: lttstore.com ► GET LTX 2023 TICKETS: lmg.gg/ltx23 ► SPONSORS, AFFILIATES, AND PARTNERS: lmg.gg/partners ► OUR WAN PODCAST GEAR: lmg.gg/wanset
As someone who had a channel deleted (albeit in a different way), I sympathize. Glad Google had your back and I wish they were as responsive for me (took a week, but at least they restored it). - It's good to own up to mistakes; others will learn from this - Perhaps link to the advice you quote in the video and not just a shout out to ThioJoe? Keep up the good work.
I agree with you GreyAye. This is an impressive display of emotional intelligence. Managers and leaders everywhere should take note. This video should be featured in classes at universities teaching the subject. Linus is a role model in this case, FOR SURE.
@@jeremy-b Linus clearly said it's as much as a problem with UA-cam as with his company. Also with your logic even TFA shouldn't be a thing, because "dOnt LeaK yoUr pAssWord gUys".
Almost happened to me but caught quick. Then a month later it happened to my cameraman who has a small passion channel. I felt so bad but used my size to help him get it resolved quick. It shouldn’t be like that, smaller channels are just as important and should be able to get help quick. Let alone the amount of poor people who got scammed
Thankfully the hack was resolved quickly, thanks to you! You are a true friend I feel bad for small channels who get hacked, they just get wiped off the face of the earth and replaced by Elon Musk NFT Bitcoin Tesla Free Double Bitcoin streams.
Man, my guy was so focused that he forgot to put clothes on. So much dedication to the channel. We would’ve felt the same, and were so glad you’re back.
They should send the PDF to some security researchers, if not the community (with a warning that it's live malware, of course). Getting current samples for stuff like this is huge for establishing ways to defend against it or identify it.
As someone in the cybersecurity industry, thanks for being so open about what happened, and bringing awareness to the technical elements involved. It CAN happen to anyone, what really matters is how you react.
Dont pirate tools and redline won't come to meet you :D Who takes advise from this fool anyways, got a team behind him 1000s of pounds of kit and the noob gets cookie jacked hahaha
What do you think of time of day based functions being limited and requiring authorization by 2fa + offline scanned paper laminated qr code with a 7089 digit password? Sure, the cell carrier can be socially manipulated to enable a 2fa vulnerability but you can't hack what is akin to a cold crypto wallet that is offline.
I love how DBRAND jumped at the chance to completely troll Linus in his hour of need. Whomever is in charge of their social media must be an epic troll.
@@HunterVibez lets be real English is broken glass full of small particles none of the particals are perfect and it cannot be molded to be perfect for everyone so just mold it to be perfect for you and make it understandable for others
@@HunterVibezidk if I'm an idiot but whom is the object form. wouldn't that be "Whoever is in charge" seeing as in this case "Whoever" is the subject?
Tremendous respect for Linus for not only the transparency around what happened, but the strong leadership of saying "this is ultimately on me and not the employee who made the mistake that allowed this to happen." This is what being a responsible boss looks like.
It's just common sense. You have to expect people are idiots (and some phishing can look very realistic depending on the situation). I work in it security and happened to click on phishing link because it really looked like related to some internal processes. Even with awareness you can never be 100% phishing resistant.
@@bencze465 i recently got what i belove was a scam sms from my insurance company, 2 months later i got a call and turned out it was really from then i was way past the paying date
Another problem is that Windows likes to execute code from a non-executable file extension. It shouldn't execute ".pdf.exe" or ".exe.pdf". If it does anything, Windows should call the PDF software assigned to the PDF file extension, not execute the file and let it do whatever it wants. I wonder if this virus will get named LTT for worming its way into the LTT office.
That's not even the biggest problem. You can have unicode characters in file names. Seriously. Who wants a smiley in their file name. It also allows for the left to right override to exist. Which is also an huge security issue. But the actual worst part is that .lnk file extensions don't get shown. They can easily just download the malware via powershell and run it. Which is why I currently don't have the command prompt or powershell on my system. I only place it back when using sfc /scannow or when I just wanna use the command prompt.
you can really tell this man has had a rough day, starts out by stopping a cyber attack and finished by spelling ONE O-W-N-E. he's completely tapped after today, truly an inspiration.
dude is incredibly bussiness minded. Found out that people were stealing his videos and posting them on a mainland Chinese website so he contacted and hired them to make official translations of his videos and post them over there legally. If you guys search for his reaction video to Chinese pc setups, you'll find him talking about it over there.
This happened to us last week due to a virus on the computer from one my kids, where my session was indeed hijacked, my google account taken over and my band's youtube account to run a Roblox scam (tricking people into into downloading a Roblox mod that had the same virus in it). Last week was really stressful, happy to have my account back now. I will say though that the way to get proper youtube support is really, really bad...
Imagine losing your whole channel, and within 24 hours you have a professionally scripted, shot, and edited video, detailing the whole thing, full with sponsor and additional topic notes. Congratulations on getting the channel back up and running so swiftly. I wish everyone involved a very nice long nap and weekend, and a very satisfactory salary. Good job! Looking forward to the WAN show!
actually went to their site to by something. Realized i fix all my stuff so it is all old and Dbrand got nothing for them. Got a REALLY good laugh browsing their stuff, i can actually feel it in my lungs. I am going to get something the day i actually have something that works with dbrands stuff
As a software developer, I really appreciate it when a detailed breakdown is given like this rather than just "my PC got a virus, then my UA-cam was hacked". So to say thanks, and of course for getting the channel back up in such short order, I went ahead and ordered some goodies from dbrand using the affiliate link 😁
Admitting that it was lack of training and not just the lower tier employees fault speaks worlds about how good of a leader you are. Been a long time subscriber, since the days before the office existed, and it’s been good to see you stay humble and treat employees as equals rather than numbers.
I agree. I've only caught 5-6 videos in total from this channel, and I wasn't subbed before now. But anyone who is in charge of other employees and can acknowledge the true issue and work together with employees to prevent the issue in the future, instead of just firing the employee, has my respect and my sub.
Honestly, I think it will take him a while to recover from this. Not just because of his 10+ yrs worth of work gone for a day, but also because all unlisted and privated videos are shown for an hour. Enough time for some people to download all of them
What's wild is that this can happen to literally any of us.. but when it happens to us, we (the average person) probably won't ever get our stuff back because we're nobodies in the grand scheme of things.
I really appreciate you verbally clarifying that no disciplinary action will be taken against your employees. Whoever it is, their world must have come crashing down when they realized what they'd done. I wouldn't be able to sleep at night. Being a calm, understanding employer is something the world needs.
even then, how some of these scams work is by the scammer pretending to be a legitimate sponsor, with either a spoofed or faked address and a link to download some info on the sponsorship deal/contract, which is actually a Trojan horse that then uses your computer to hack the channel.
Idk man if you're a tech guy and you believe that elon musk is hosting a stream on LTT's channel and doubling your bitcoins, you deserve what's coming to you tbh... I mean come on, that's some runescape-level scam.
Dbrand is like that friend who constantly teases you but would get in a fight to protect you. Glad to see the channel is back & thanks for being so transparent
Kind of amazing to see that you've got yourself to the point where you could post this calm analysis and reflection already. Lots of good stuff in here - especially: Get a breach response plan together - it doesn't need to be all that complex - (Prepare), Identify, Contain, Eradicate, Recover, Review. Knowing that you know the steps to work through is a HUGE benefit when you are up against an emergency. Your considered approach to disciplinary action and further training. The person who slipped up this time is now *far less likely to do that again* and may actually be an asset in working to prevent future breaches. Battle Hardened.
Linus being more or less calm and taking responsibility for his employees' lack of training is refreshing and a sign of a great boss for the long-term. He realized that his org needs more help in training and prevention, and takes ownership that the buck stops with him. Kudos on handling a super stressful situation with naked-grace lol.
If you wanna hear about when Linus went off the deep end, look up the clips from they’re podcast of when they moved his furniture. It’s nothing bad. Linus is about as wholesome as you can get as a boss
The best company I ever worked for, had a similar thing happen to them. A phishing scam to accounts and £48,000 lost in minutes. No repercussions against the employee, apart from their own self imposed trauma, just a re-evaluation of process' to avoid that and similar events from happening. A good management team learns, a bad one blames.
@@Youchubeswindon But in the case where it is drilled in to employees heads and they still fall in to such a trap, they should definitely be blamed.. most companies do make their employees aware of phishing and similar scams, malicious emails, it's pretty basic stuff. If you're not competent, and they could replace you for someone who is or might be, that's what a successful business needs to do.
@@otallono I don't think thats a good way to see the situation. If you owns a big company you MUST provide excellence training for everything is important in there. Social Engineering is something really underrated, as phishing and other hacking tools aswell. There are ways to hide malwares even in images, so yes, you need to make sure every of your employees, mainly those who have enought access to cause a problem, knows whats he is doing and to recognize problems when them happen (ie: if Linus' emplyee had noticed the redflag when opening the malicious file, they could act fast and solve the problem in its root)
At least you got your channel back. I lost my channel permanently after it got hacked, I think it had a name change too. Ever since that incident I started using Security Keys.
Thank you for turning a terrifying event into an educational video! I am glad that everything worked out and this community's response was just as incredible 🎉
Glad you got this sorted! You can actually disable all forms of two factor other than a security key by enrolling in the Advanced Protection Program. I’d highly recommend all UA-camrs do so. There does need to be changes for this type of thing though. Even to start there could be more limited channel permissions, it would be a quick change but go a long way.
"Shit rolls uphill" There are a multitude of reasons you and your team are so successful, but this statement on its own is most certainly one of them. That mentality CANNOT be overstated. Bad stuff inevitably happens to everyone, but good things happening to good people makes it all worth it. Thank you for sharing, Linus.
This isn't a mentality you can teach. Great leaders will always fall on grenades for their team. Even when, objectivity, the team is truly at fault. They never seek blame; they seek resolution.
Huge respect for taking accountability and pledging to train newcomers instead of blaming them and taking disciplinary action. LTT seems like a great place to work - keep it up, very mature leadership :)
I have empathy but I also have more empathy for the sole sysadmin they hired only in January, someone who probably has been pulling their hair out trying to improve security in an organization full of people who are usually the most dangerous, the tech nerds :P
@@Redhawk_CS Yes, everyone needs to treat security as they would a fire drill, and practice what to do when it happens. The most obnoxious part about security is most of us have at least 50 accounts that all work completely differently and have unique security policies/changes in place. Security is in nowise standardized so what you might do for a Google account can be completely different from say a Microsoft account, or some random other website that implements their own security practices. This makes training for it hard, when you essentially have to have several if not hundreds of different types of accounts that work differently from each other. Perhaps its going overboard to expect individuals to do this for every personal account, but at the very least we should be practicing this with the accounts we use for our businesses and livelihoods.
Glad you’re back! It’s great that UA-cam can restore the channels. As few people as possible should have access to the admin privileges of the channels. It was amazing to see those super chats warning people! I’m glad it’s all sorted now. Welcome back ❤
You can see how much he cares about the organisation by the emotion in his voice, especially when he expresses his gratitude. No wonder he turned down 9 figures for it all - this is his baby and he cares about his team. Even had me a bit misty.
The most impressive part of this video is the line: "Shit actually rolls up hill" in the organization. So many teams play the blame game of "whose fault" rather than take responsibility and build processes to learn from real mistakes and prevent future ones. Super impressed to hear that.
my favourite is the companies that say this UNTIL something goes wrong and you find not only does shit roll downhill those downhill get blamed for any thing they can't quantify.
His family weren’t taken hostage - Jesus Christ you fucking nerds make stuff like this seem like the apocalypse. You gonna say he got PTSD from it next?
Exactly this, I know of two that suffered the same fate, from the same vector of attack, but only restored their channels because of others in the UA-cam partnership program
Unpopular opinion: What is UA-cam supposed to do? There have to be like two billion accounts on here. Are they going to hire 100 million account managers?
@@yrobtsvt They dont need to hire account managers. Just revert that account to a previous state, invalidate the session token by forcing all devices to log out and change the password.
@@yrobtsvt Or come up with an actual ticket system so people can at least get their problems looked at eventually rather than relying on friends and Twitter? Or some better security features? You're talking like it's unreasonable they would have to actually help their users just because of their size. Even the biggest corporations in the world have customer service lines where you can call and get help eventually.
@@OrbObserver To point out how it's entirely possible to implement something like this, Steam support used to take IIRC about a week to get back to you. I remember because my account got locked in 2010. But once they did they were very prompt about helping me. Was it really annoying it took so long? Of course, but it's far better than nothing, which is what UA-cam creators seem to typically get. And if a smaller company like Valve can offer such customer service (they're actually far more prompt now days), then a monstrously huge company like Google has no excuse.
My 33k sub channel got terminated 3 months ago with the same Tesla scam. It took a week to get out google account restored but we still haven’t gotten anything other than “it will be reviewed” on our YT. Very frustrating
The fact that Linus and his team were dealing with being hacked and still managed to crank out this long and in depth of a video that's well edited is seriously underappreciated. Big props to the team for filming and the crazy fast editors for this video. Glad you all were able to get the channel back so fast.
One of my friends worked on his channel for over 5 years and had it going good. Later it was hacked by someone in Bangkok and Google never responded to his emails because he was only at about 100k subs I guess. Not a big channel but 5 years of work all gone! Google needs to do something about the lack of service support.
I'm most impressed by your willingness to turn this into a teaching moment for that employee rather than pursuing disciplinary action. It really says a lot about the work culture you've been able to build at LMG.
It makes me really have some respect for Linus that not only did he not blame that employee, he said there would be no punishment or reprimand. What a class act
@@demo_niic the scary thing is how this could hit smaller creators aswell. Thankfully Linus got this squared away. But imagine some poor soul with 10k subs or something and having this happen. Without having an agent or anything I feel like it could be way harder to recover...
five foot..owne? hmmm I'm seriously glad that everything turned out to be okay for everyone at LMG. Amazing job everyone in response to this. Looking forward to more content in the future.
I love the honesty and sharing with us that your organization also got hacked (just like many big organizations). Theses tips are extremely valuable and should be implemented by everyon.
Five foot oWne! You've really had a long day Linus! This was quite a shock to hear about, I was quite upset as I've been a fan for many years now & loved the content. I'm glad you were able to resolve the issue so quickly without any long term damage or loss of content. Thank you for spreading a bit of awareness & giving some tech tips to help others try avoid the same scam.
As a tiny ittly little channel who got hacked a couple of months ago it was SO scary and SO hard to resolve. Its crazy that this can happen to even a tech monster like Linus. I'm glad you got to resolve it quickly enough!
It got resolved quickly because LTT channels generate a lot of revenue vs. your tiny ittly little channel that isn't of high priority. LTT actually have a UA-cam rep to contact directly and your UA-cam rep work in the mailroom who periodically checks their emails.
I'm admittedly extremely envious of how fast your account was resolved. I mean, I get why - but for me, it was over 2 weeks of no channel and no idea what was going on, because the youtube team had next to no helpful responses the entire time. welcome back (and welcome to the hijack club)... maybe this will put more of a fire under UA-cam's ass? probably not
Imaging UA-cam being run by one of the biggest tech companies that has direct control over the one browser engine used by most of the leading web browsers. I am puzzled.
@@sarowie I find it particularly weird because, while all of my tokens were hijacked, youtube was one of the only sites where they *actually* gained access. Everything from facebook to evernote to yelp to coinbase realized something was up and locked my account. Meanwhile, my entire google account was just like "nah, seems fine".
DBRAND...Like a bestest friend. Always pulling jokes, poking fun and doing crazy stunts just to keep your life interesting. But like a true friend is always there to help. We can all use a friend like DBRAND
This honestly isn't youtubes fault given the session token issue. They need an EDR solution if they're going to have proper InfoSec... like Crowdstrike or SentinelOne, or Carbon Black. These softwares would've stopped any of these attacks in their tracks. Source; I'm a SOC analyst and systems engineer.
Ah yes, O-W-N-E = ONE. Glad that your channels are fine. I didn't hear about it until now but it's great to know that the LMG crew still has channels to create awesome content to (:
Thank you for not blaming Colton. He probably feels bad enough about it. But I'm glad you fixed it easily. And thank you to Stephen from Gamer's Nexus, you really had Linus' back. His buck naked back
Big thumbs-up for the response, transparency, and recovery. I've been working in IT for almost 25 years now and I've seen this sort of thing happen far too often when something as simple as what looks like a broken link ends up crippling an entire business for days or weeks. Big shout out to your team for helping you get things back together.
I know I’m months late, but good job getting this under control. Good job admitting where you went wrong, and I completely agree that these companies need to offer better security measures. For example, my bank (yes, my BANK) doesn’t even have MFA as an option.
This video gives off the same feeling as after a good cry session. Like the stress is passed and dealt with but left with an almost uncomfortable level of clarity
2FA are annoying as hell, sure for some accounts I have it on, but damn...all the mails, texts, authentication app, qr codes, having to have a lock on your phone etc etc
@@Theharrizable Linus is probably a great boss but no one is perfect so I'm sure he has his short comings and as with every leader there's always something to talk about
5:47 , OMG this same thing happen to me. I was downloading a mod for a game, then the file kept closing and wasn't running. So then I decided to uninstall that mod. The next day all my accounts were hacked, Epic games ,google, riot games, steam and twitch. The only thing they did was change my Epic games email. When I manage to get all my accounts back they haven't stolen anything.
Might as well channel all that residual adrenaline into a short PSA. Still, that's an impressive turnaround time considering all the scripting and editing that went into this.
I love how Linus puts in the fact that no one is getting fired for this and that it was simply a matter of the knowledge his personnel has and actually takes accountability for his own mistakes. Really goes to show how good of a boss he is and that he's willing to take responsibility and better train his employees so things like that don't happen again. Props to you Linus 🙏
Nah it was the loop hole in the system 😞. If they use different email contact than the one that linked the youtube or maybe use 1 special computer to check the email only shouldn't that be resolve? The internet nowadays getting scarier with only opening PDF or any untrusted file can just copied our stuff in the background
He says no one gets fired, but he obviously didn't have proper anti-virus like Sophos or Webroot on his employee's machines, so even if someone did click on something dumb it's his fault for not properly security his devices. Linus has the security know how of a home user, but at least he does seem to be a chill person. He should hire an IT professional to oversee his environment and save some headache... Or maybe he is happy stuff like this happens because it gives him things to make content about?
Publicly stating that, no matter what who or why, sh*t rolls uphill and taking that responsibility is an impressive thing and just adds to the respect you have as a boss. Kudos.
Not just as a boss - but as a business owner, as a content creator, and so on. That willingness to take ownership, and ask "what could I do, to improve the situation" is such a good attitude for becoming successful.
i had a similar hack done to me in december 2021, i had about 800-900 subscribers, i had my channel back in less than 48 hours, youtube's process is very good and works for smaller creators too
I'm a security data scientist for a bank, which most of the time makes me feel pretty paranoid about the level of care I take when dealing with digital content, but stories like this make me feel a little less crazy.
You should get even more paranoid depending on your levels. Keep your nogging working and thinking about ways to avoid trouble. (Of course, only if you can deal about that. No use stressing over things you can't deal with.)
@@mattsopiratoso790 Oh I have to be plenty already. I don't know whether it's because of my job or just really advanced data mining, but I've had emails and texts sent to me that used very tangential details about my life to sell the illusion, and my employer has told me straight up that they've found bounties on me and my whole team on the dark web. And I don't even have any real power or anything lol. I'm just a convenient potential entry point, like a lot of others. It's creepy to think about, but that's where we are today. The sophistication of black hats has increased to an almost unbelievable degree.
@@jamesstack7237 Oh come on now, some of my best friends are sys admins 😁 Actually, I would think your value as a target would be even higher than mine. My code runs over sensitive datasets, but I myself don't even have access to them. Typically I only have access to extracts in dev and it's our devops guys and gals who have access to silver and gold that place my code in production.
I've never had a job where shit didn't roll downhill, I think shit only rolls uphill in tech because the people are smart enough to own responsibility. In Healthcare it is all about liability which leads to fingerpointing and the people at the bottom take the blame for failure even when there is poor management and lack of training
@@elijahdungan3612 Haha, that's a very interesting take on the healthcare industry. That means the only ones who rise to the top are the ones who manage to keep themselves clean. Ofc, nobody is perfect, so who did they blackmail to get where they are? amiright?
It's like you need a separate computer with its own address to be in contact with sponsors , totally isolated from other computers . Yeah its a pain in the back , but when there is no access ever made to the creative part , there is nothing anyone can use .
@@pete_lind hacked by downloading a file. That no one thought about that... That trick is as old as computers itself. Seeing my work tasting it's employees on it regularly. But yeah besides the extra security. Separating prevents a lot. Excellent tip in general, even it's just for yourself,
those who blames mistakes are fools Linus know that, so instead of punishing the guy who made the mistake he uses it as a learning factor to better secure and improve the company
@@pete_lind We have that in our firm, actually a cheap setup but a pain for us employees ... we can´t goof around in the internet. I have no internet access, I am only allowed to use the software intended for my work plus the fact that the server my work is stored on isn´t connected to the internet either. I think we only have two computers with internet access and they are both strictly regulated .... and we are nobodies in the big picture. I think my boss is paranoid.
I would love to see a follow up analysis of the infected PDF. I think it would be a useful tech tip for viewers, particularly if you work in an office environment which is where this kind of attack would be more likely to happen. Glad you guys came back so soon.
Yes! Also a deep dive to where the info was send etc would be a good watch, collaboration with @JimBrowning or @markrober ? Would make good content i think
Why they allow using session keys from any ip address, why not only from the address when the key was created? I am thinking about it when I program my own server, its just common sense.
@@jungervin8765 This is complicated because it can quickly become a user impact scenario. And user education is the hardest part for these authentication schemes. CG-NAT, VPNs, change of routes, load balancers, reverse proxies and several other networking changes can easily become an issue for the average user when they need to constantly login again. I think an approach like Microsoft's Conditional Access would be an improvement: Have user-configurable limitations on locations (which are geo, wide ranges and not specific ones), devices and configurable session length would be ideal. Also, having seemingly risky logins undergo a new MFA challenge also help. But in the end all of these can be bypassed one way or another; the actually ideal scenario is to have several different checks and security features combined - the general idea is to have defense in depth, assuming everything can be breached one way or another and reducing the likelihood of the event to be like a plane crash: several things need to go wrong in sequence for something to happen.
"Shout out to Steve from Gamers Nexus for alerting me at 3am." Can we all agree that this was worthy of a little bit more attention? Out of all the staffers that Linus has working for him, out of all the sponsors Linus promotes on his channel, and out of all the people that have his cell number or know someone that does, who is the one that alerts him of the hack at 3am?... a competing youtuber. Mad respect Steve.
Steve is in a different time zone. Yes, they're competitors, but tech tubers always have each other's backs. Also I don't think any sponsor or even all of the employees have his personal number, and I'm sure Linus has to have his workphone on silent at night. Don't get me wrong it's great that Steve did this, but I wouldn't expect any less from him, nor would I blame anyone else with Linus's cell for not being there first.
you understand it was in the middle of the night, right? People were sleeping. How would they know? Personally I only knew because I woke up at that time and i'm in a slightly different time zone. Had it been the middle of the day or a few hours later it would have been seen a lot sooner. FFS Linus himself didnt know since HE was sleeping too...
People think it’s a joke but Steve is actually tech Jesus, sent to us from above to do good for all of the community. Joking aside, you’re right, but I’m not at all surprised it was him who got to Linus first. Dude is a rock star.
The fact that so many people joined floatplane to support LTT is a testament to how much we appreciate your work. The people that did super chats deserve something special
@@certifiedbruhmomento here's the thing, the hackers couldn't take that money, that money still went to LTT. The hackers couldn't access any sort of financial information in this scenario, only the basic level tasks like uploading/deleting videos which don't have additional security past the session token
I really feel for you, as someone that had to play "Log in whac a mole" with a IP address logging into all my accounts from RUSSIA a few years ago it is truly devastating. I was never concerned with online security until I got hacked and all my accounts even a roblox account I forgot about was stolen from me in a matter of minutes. I was at the store getting groceries then all of a sudden I got new login notifications from all my gmails. Now I have 2 factor on everything. Not after playing log in whac a mole with a ip address from russia for 3 days straight .
The fact that Linus was naked, got out of bed, and thought of nothing else during this trying time, shows a lot about his dedication and focus on his work/channel.
@@righteousone1 true cause everyone knows when you get some money your problems are invalid and things can never be "rough" for you since you don't work in the coal mines breaking your back
Thank you ALL for your constant support! And thanks to dbrand for sponsoring this video. Use code FIVEFOOTONE at shortlinus.com for 15% off everything site wide.
► GET EXCLUSIVE CONTENT ON FLOATPLANE: lmg.gg/lttfloatplane
► GET LTTSTORE MERCH: lttstore.com
► GET LTX 2023 TICKETS: lmg.gg/ltx23
► SPONSORS, AFFILIATES, AND PARTNERS: lmg.gg/partners
► OUR WAN PODCAST GEAR: lmg.gg/wanset
Never been 17 seconds early 💀
LOL
So who did this?
Hi
@@Nitsua_YT same lol
Tech tip: don’t get hacked
Solid tip, bro.
Yes
Thanks bro
Tech tip: never use any tech, how are you gonna have any problems with it then
Nice tip my brother
As someone who had a channel deleted (albeit in a different way), I sympathize. Glad Google had your back and I wish they were as responsive for me (took a week, but at least they restored it).
- It's good to own up to mistakes; others will learn from this
- Perhaps link to the advice you quote in the video and not just a shout out to ThioJoe?
Keep up the good work.
oh yeah i remember you took a loooong time to get your channel back that SUCKED
There should be a club of getting your channel deleted
Jim
yooo jim browning!
Jim!! 😍
Most impressive part of all of this is how the company took responsibility instead of throwing an employee under the bus like SO MANY OTHERS DO.
surly his wife help him to understand that.
@daveballsack2038 he meant LTT not blaming the employee. Not UA-cam helping Linus
How can they possibly fire Linus. This channel is literally named after him.
I agree with you GreyAye. This is an impressive display of emotional intelligence. Managers and leaders everywhere should take note. This video should be featured in classes at universities teaching the subject. Linus is a role model in this case, FOR SURE.
@@jeremy-b Linus clearly said it's as much as a problem with UA-cam as with his company.
Also with your logic even TFA shouldn't be a thing, because "dOnt LeaK yoUr pAssWord gUys".
Almost happened to me but caught quick. Then a month later it happened to my cameraman who has a small passion channel. I felt so bad but used my size to help him get it resolved quick. It shouldn’t be like that, smaller channels are just as important and should be able to get help quick. Let alone the amount of poor people who got scammed
Whats the name of his channel?
The minions are coming
@@pritamdavisa large amount of people rushing to a channel is not always good
@@Xnoob545 agreed
Thankfully the hack was resolved quickly, thanks to you! You are a true friend
I feel bad for small channels who get hacked, they just get wiped off the face of the earth and replaced by Elon Musk NFT Bitcoin Tesla Free Double Bitcoin streams.
Man, my guy was so focused that he forgot to put clothes on. So much dedication to the channel. We would’ve felt the same, and were so glad you’re back.
I think it just goes to show how much of a panic he was in that he just had to get to his computer to attempt to shut down the hackers
Linus doesn't wear clothes at home ever.
Linus sleeps wearing LTT boxers (lttstore), but he got out of bed so fast that his clothes disintegrated.
Which one of the poor editors had to go through that footage tho
@@ohhBigBadWolf LMmao
So glad you are back in action. Excellent response and recovery, and ultimately messaging.
Would love to see the culprit PDF!
Get him to the top so we can see what this pdf was all about.
LMG hack de obfuscation pls
They should send the PDF to some security researchers, if not the community (with a warning that it's live malware, of course). Getting current samples for stuff like this is huge for establishing ways to defend against it or identify it.
J
Would love to see a collaboration!
As someone in the cybersecurity industry, thanks for being so open about what happened, and bringing awareness to the technical elements involved. It CAN happen to anyone, what really matters is how you react.
Dont pirate tools and redline won't come to meet you :D Who takes advise from this fool anyways, got a team behind him 1000s of pounds of kit and the noob gets cookie jacked hahaha
Fr
@@DJIInLondon damn… cut back on the salt a little bit, my kidneys can’t handle this much.
The jealousy is almost palpable 😂
What do you think of time of day based functions being limited and requiring authorization by 2fa + offline scanned paper laminated qr code with a 7089 digit password? Sure, the cell carrier can be socially manipulated to enable a 2fa vulnerability but you can't hack what is akin to a cold crypto wallet that is offline.
@@DJIInLondon look up Qakbot and Emotet. The attack Linus is describing is very common right now.
I love how DBRAND jumped at the chance to completely troll Linus in his hour of need.
Whomever is in charge of their social media must be an epic troll.
Some one who used whom correctly?????!!!!
@@HunterVibez It makes perfect sense when you consider that it's my second language.
@@FrobergDK I just see no one use it correctly
@@HunterVibez lets be real English is broken glass full of small particles none of the particals are perfect and it cannot be molded to be perfect for everyone so just mold it to be perfect for you and make it understandable for others
@@HunterVibezidk if I'm an idiot but whom is the object form. wouldn't that be "Whoever is in charge" seeing as in this case "Whoever" is the subject?
Really appreciate your honestly and candor here. A huge problem that needs to be fixed.
@cold42soy
That will never happen. Google doesn't throw any resources at actually improving UA-cam in important ways.
Indeed
This sounds like someone in Erudite would say.
@@naga_serpentis Glad I wasn't the only one who thought Divergent when I saw "candor"
Tremendous respect for Linus for not only the transparency around what happened, but the strong leadership of saying "this is ultimately on me and not the employee who made the mistake that allowed this to happen." This is what being a responsible boss looks like.
It's just common sense. You have to expect people are idiots (and some phishing can look very realistic depending on the situation). I work in it security and happened to click on phishing link because it really looked like related to some internal processes. Even with awareness you can never be 100% phishing resistant.
@@bencze465 i recently got what i belove was a scam sms from my insurance company, 2 months later i got a call and turned out it was really from then i was way past the paying date
Just how many more times can he fire Colton? :D
I bet a minute After saying this he fired everyone 🤣
Agreed
The best part of this is the fact that dbrand not only jumped at that chance to help Linus, but is also roasting him at the same time.
dbrand just keeps "broasting" him XD
I mean, haven't you had a friend like that, who will pull your chain constantly, but be the most loyal friend you have? I have. I get it.
Did anyone else notice when he spelled out the discount code he added a "W" and spelled out "FIVEFOOTOWNE" lol
@@1racerboy1 lol glad I didn't hallucinate that thought I was chatgpt there for a sec
Don’t forget the user code FIVEFOOTOWNE as Linus said
This is why having windows default to not show file extensions is the biggest security problem since the internet has existed.
Another problem is that Windows likes to execute code from a non-executable file extension. It shouldn't execute ".pdf.exe" or ".exe.pdf". If it does anything, Windows should call the PDF software assigned to the PDF file extension, not execute the file and let it do whatever it wants. I wonder if this virus will get named LTT for worming its way into the LTT office.
Or just use a Mac or Linux.
That's not even the biggest problem. You can have unicode characters in file names. Seriously. Who wants a smiley in their file name. It also allows for the left to right override to exist. Which is also an huge security issue. But the actual worst part is that .lnk file extensions don't get shown. They can easily just download the malware via powershell and run it. Which is why I currently don't have the command prompt or powershell on my system. I only place it back when using sfc /scannow or when I just wanna use the command prompt.
@@seansingh4421😂😂😂😂😂
@@seansingh4421 They are all susceptible to those attacks, what is your point?
you can really tell this man has had a rough day, starts out by stopping a cyber attack and finished by spelling ONE O-W-N-E. he's completely tapped after today, truly an inspiration.
The owne had me dead😂
@Dbrand - Need to add the code FIVEFOOTOWNE for your boy!
OWNE- forgot the D
Yea I caught that too lmao
Just checked and Linus' spelling mistake is an accepted code at dbrand, lol
Linus is the only one that manages to get a sponsor on board for an update video about his channels getting deleted
To be fair, it's dbrand, they are always here for apocalypses
dude is incredibly bussiness minded. Found out that people were stealing his videos and posting them on a mainland Chinese website so he contacted and hired them to make official translations of his videos and post them over there legally.
If you guys search for his reaction video to Chinese pc setups, you'll find him talking about it over there.
Probably gonna be one of the most watched videos this year so sponsors probably chomping at the bit to get the slot
even his sorrowful 😔 time is sponsered just to make him get ahead of it sooner 🤣
It's guaranteed to get more views than the average video.
This happened to us last week due to a virus on the computer from one my kids, where my session was indeed hijacked, my google account taken over and my band's youtube account to run a Roblox scam (tricking people into into downloading a Roblox mod that had the same virus in it).
Last week was really stressful, happy to have my account back now.
I will say though that the way to get proper youtube support is really, really bad...
Imagine losing your whole channel, and within 24 hours you have a professionally scripted, shot, and edited video, detailing the whole thing, full with sponsor and additional topic notes. Congratulations on getting the channel back up and running so swiftly.
I wish everyone involved a very nice long nap and weekend, and a very satisfactory salary. Good job!
Looking forward to the WAN show!
Yep very SCRIPTED.
@@AdventuresOfDetroit yeah it was scripted last second
It was already filmed, he just waited for the hack to happen :))
The fact he got hacked didn't even leave reddit's front page and Linus had already had the video up.
Prolly cus it didn’t happen
Linus was just so done, he couldn't even spell the offer code correctly anymore.
Take care, everyone! And thanks for the hard work!
😂 I noticed it and was like umm did I hear that correctly.
@@IncorrectUA-camUser I'm glad to hear I wasn't the only owne! 🤣
No it's cuz dbrand own him 😂
I came here to say this
He owned himself there.
The dbrand sponsor was savage lol
Soo happy you guys got it figured out.
Shoutout to all who helped, truly.
Ya
Too bad he couldn't read the coupon code correctly 😂
@@Midlife_Crisis_ I copped as well 😂
First time ever a sponsor actually got my sympathy!
actually went to their site to by something. Realized i fix all my stuff so it is all old and Dbrand got nothing for them.
Got a REALLY good laugh browsing their stuff, i can actually feel it in my lungs. I am going to get something the day i actually have something that works with dbrands stuff
You've got a very loyal fan base..
Truly a treasure to have
As a software developer, I really appreciate it when a detailed breakdown is given like this rather than just "my PC got a virus, then my UA-cam was hacked". So to say thanks, and of course for getting the channel back up in such short order, I went ahead and ordered some goodies from dbrand using the affiliate link 😁
aS a SoFtWaRe DeVeLoPeR
This ain't a RCA bro
why is linus naked
You need out-of-band 2FA, BF protection and strict session timeouts. EDR also helps.
Admitting that it was lack of training and not just the lower tier employees fault speaks worlds about how good of a leader you are. Been a long time subscriber, since the days before the office existed, and it’s been good to see you stay humble and treat employees as equals rather than numbers.
@@minmb82 ROFL
I agree. I've only caught 5-6 videos in total from this channel, and I wasn't subbed before now. But anyone who is in charge of other employees and can acknowledge the true issue and work together with employees to prevent the issue in the future, instead of just firing the employee, has my respect and my sub.
I feel so bad, imagine waking up to that! Hope you recover from this and glad you got the channel back
Yeah can’t imagine your life’s work all gone overnight…
He recovered no? Seems like all videos are up 🤔
@@CanisoGaming in theory
Honestly, I think it will take him a while to recover from this. Not just because of his 10+ yrs worth of work gone for a day, but also because all unlisted and privated videos are shown for an hour. Enough time for some people to download all of them
@@jimbobcheezeburger2020 no, check his channel. All the videos that were posted before the hack are still there
What's wild is that this can happen to literally any of us.. but when it happens to us, we (the average person) probably won't ever get our stuff back because we're nobodies in the grand scheme of things.
I really appreciate you verbally clarifying that no disciplinary action will be taken against your employees. Whoever it is, their world must have come crashing down when they realized what they'd done. I wouldn't be able to sleep at night. Being a calm, understanding employer is something the world needs.
Yeah, the last thing you need for better cybersecurity practices is a culture of blame and punishment
even then, how some of these scams work is by the scammer pretending to be a legitimate sponsor, with either a spoofed or faked address and a link to download some info on the sponsorship deal/contract, which is actually a Trojan horse that then uses your computer to hack the channel.
pog alter bridge profile pic
Yeah
They don't let their employees share wage info.
Man, huge props to the people sending superchats to alert people that the stream was bs. Y’all are amazing for real
Idk man if you're a tech guy and you believe that elon musk is hosting a stream on LTT's channel and doubling your bitcoins, you deserve what's coming to you tbh... I mean come on, that's some runescape-level scam.
The irony is that superchats are principally a scam in their own right.
This comment deserves reply :) ...exactly :) they are amazing for real :)
@@roflmagister5 unfair may be, but a scam? no
@@Lightn0x They renamed the channel to Tesla so gullible people would've seen a channel called Tesla with 16million subs which adds to credibility
Steve from GN is a solid dude for going out of his own way to inform you.
"Thanks STEVE!"
We’re back to you Steve
I've been looking for this 😂
"Thanks Steve"!
Back to you Steve!
Thank you papa... yeah...
Steve is always there to help. You can literally see it.
1 year later and this is STILL happening.
Because it's almost impossible to block it
yeah, they powerless google 😩😩😩
Dbrand is like that friend who constantly teases you but would get in a fight to protect you.
Glad to see the channel is back & thanks for being so transparent
Five foot one 😂
100%
Dbrand would hunt down your stalker for you. Then go back to razzing you once it was done.
They’re brutal savages and it’s hilariously amazing 😂
They got your back... Unless you own an LG phone :(
Kind of amazing to see that you've got yourself to the point where you could post this calm analysis and reflection already. Lots of good stuff in here - especially:
Get a breach response plan together - it doesn't need to be all that complex - (Prepare), Identify, Contain, Eradicate, Recover, Review. Knowing that you know the steps to work through is a HUGE benefit when you are up against an emergency.
Your considered approach to disciplinary action and further training. The person who slipped up this time is now *far less likely to do that again* and may actually be an asset in working to prevent future breaches. Battle Hardened.
So you're telling me I DON'T need to send a shady stranger $5000 via Western Union to get my account back?
It’s seems John Warosa/Barosa has upped his game from simple billion dollar widower funds
Hey im atomic im a huge fan of yours
Hey its so funny where you will find people on youtube like you
I randomly had a video of you open on a other tab, scrolled through these comments and saw your comment, the coincidence...
Linus being more or less calm and taking responsibility for his employees' lack of training is refreshing and a sign of a great boss for the long-term. He realized that his org needs more help in training and prevention, and takes ownership that the buck stops with him. Kudos on handling a super stressful situation with naked-grace lol.
If you wanna hear about when Linus went off the deep end, look up the clips from they’re podcast of when they moved his furniture.
It’s nothing bad. Linus is about as wholesome as you can get as a boss
The best company I ever worked for, had a similar thing happen to them.
A phishing scam to accounts and £48,000 lost in minutes.
No repercussions against the employee, apart from their own self imposed trauma, just a re-evaluation of process' to avoid that and similar events from happening.
A good management team learns, a bad one blames.
@@Youchubeswindon But in the case where it is drilled in to employees heads and they still fall in to such a trap, they should definitely be blamed.. most companies do make their employees aware of phishing and similar scams, malicious emails, it's pretty basic stuff. If you're not competent, and they could replace you for someone who is or might be, that's what a successful business needs to do.
@@otallono Big names also have someone, or several someones that deal with nothing but security. Git good applies to more than just video games.
@@otallono I don't think thats a good way to see the situation. If you owns a big company you MUST provide excellence training for everything is important in there. Social Engineering is something really underrated, as phishing and other hacking tools aswell. There are ways to hide malwares even in images, so yes, you need to make sure every of your employees, mainly those who have enought access to cause a problem, knows whats he is doing and to recognize problems when them happen (ie: if Linus' emplyee had noticed the redflag when opening the malicious file, they could act fast and solve the problem in its root)
At least you got your channel back. I lost my channel permanently after it got hacked, I think it had a name change too. Ever since that incident I started using Security Keys.
so pleased everything is okay.
Mhm
@Computment Don't worry People probably downloaded them.
Fire Colton
same
No
The way you've taken full responsibility and stood by your employee is truly commendable. More employers need to take a leaf out of your book.
Agreed, mine would be throwing tantrums, cursing screaming, and blaming everyone else.
Then why did he mention a name. That was unpleutoo watch. 😡
@@MortenPejterRoitmann Bro 😂. That was clearly a joke, Linus always digs at Colton.
Him also owning that when shit hits the fan it must to upstream instead of down to a poor employee is a top tier move
The whole firing Colton thing is a long term joke from the channel.@@MortenPejterRoitmann
The guy at DBrand that came out with this deserves a raise
It clearly worked, since project Killswitch is now out of stock until June
What about Steve at GN?
I'd value this video more as PSA than sponsored but I guess the hustle is real..
If they had even one thing I had even the slightest interest in or use for, I'd probably have bought something.
@@tntuofthat guy has a payroll that is amazing to behold, get out there and get yourself a DBrand skin for something to keep it all together.
Lots of youtubers are being hacked as well. I hope youtube does something about all this.
Thank you for turning a terrifying event into an educational video! I am glad that everything worked out and this community's response was just as incredible 🎉
Hi.
"It's all Content Baby" Linus Sebastian
Glad you got this sorted! You can actually disable all forms of two factor other than a security key by enrolling in the Advanced Protection Program. I’d highly recommend all UA-camrs do so. There does need to be changes for this type of thing though. Even to start there could be more limited channel permissions, it would be a quick change but go a long way.
Hey judo
Lmao hey Judo
Judo sloth from Clash of Clans??😮
Hello Judo, big fan.
❤
"Shit rolls uphill"
There are a multitude of reasons you and your team are so successful, but this statement on its own is most certainly one of them. That mentality CANNOT be overstated. Bad stuff inevitably happens to everyone, but good things happening to good people makes it all worth it. Thank you for sharing, Linus.
This isn't a mentality you can teach. Great leaders will always fall on grenades for their team. Even when, objectivity, the team is truly at fault. They never seek blame; they seek resolution.
I can't for Linus' kids to get in trouble at school and they tell him -- "Dad, shit rolls uphill" 😂
@@fredwerza3478 🤣🤣🤣
@@BobSentell 🙌🙌🙌
Yeah, what a great attitude, and attribute for a leadership role!
Everyone who has ever had to jump out of bed to solve a crisis and done it naked can relate so hard to this..
Huge respect for taking accountability and pledging to train newcomers instead of blaming them and taking disciplinary action. LTT seems like a great place to work - keep it up, very mature leadership :)
Get the whole channel and subchannels hacked: i sleep
Scratch my floor: REAL SHIT!
Ehhh pros and cons
punishment is cybersecurity training at 3am with nude linus
As someone who works at a company that was recently hit with a major cyber attack, I have some gut churning empathy for you and your team
cybersecurity is becoming a growing problem
@@ran160 It's a matter of "when", and not "if" nowadays.
I have empathy but I also have more empathy for the sole sysadmin they hired only in January, someone who probably has been pulling their hair out trying to improve security in an organization full of people who are usually the most dangerous, the tech nerds :P
@@ran160 It gets will get worse now that AI is developing at this rate
@@Redhawk_CS Yes, everyone needs to treat security as they would a fire drill, and practice what to do when it happens. The most obnoxious part about security is most of us have at least 50 accounts that all work completely differently and have unique security policies/changes in place. Security is in nowise standardized so what you might do for a Google account can be completely different from say a Microsoft account, or some random other website that implements their own security practices. This makes training for it hard, when you essentially have to have several if not hundreds of different types of accounts that work differently from each other. Perhaps its going overboard to expect individuals to do this for every personal account, but at the very least we should be practicing this with the accounts we use for our businesses and livelihoods.
Glad you’re back! It’s great that UA-cam can restore the channels. As few people as possible should have access to the admin privileges of the channels. It was amazing to see those super chats warning people! I’m glad it’s all sorted now. Welcome back ❤
H
You can see how much he cares about the organisation by the emotion in his voice, especially when he expresses his gratitude. No wonder he turned down 9 figures for it all - this is his baby and he cares about his team. Even had me a bit misty.
Verified!
Super crazy seeing you here.
No
Same thing happend to me last night. So Thankful for UA-cam Partner Support for helping me out.
The most impressive part of this video is the line: "Shit actually rolls up hill" in the organization. So many teams play the blame game of "whose fault" rather than take responsibility and build processes to learn from real mistakes and prevent future ones. Super impressed to hear that.
Employee of an tech channel opened a "presentation.pdf.exe" . My mom is 74 and she doesnt fall for that since 2000.
@@filipen.9522 he stated it was an .pdf and in .pdf there can be scripted macros you dont see.
@@filipen.9522 tell me you’re an easy target without saying you’re an easy target.
my favourite is the companies that say this UNTIL something goes wrong and you find not only does shit roll downhill those downhill get blamed for any thing they can't quantify.
@@filipen.9522 its not an exe file, there are ways to bypass that now. it seems to me you're still living in the 2000 era.
Your wife helping you at 3am while you’re in your birthday suit is pure gold. Glad you’re back
Ya she seems to be the greatest sucess of his life :)
The kind of woman who pushes you forward to success, we all deserve one.
That's a high value woman
don’t forget the other wife Luke was ther 13:28
There's no way he was completely naked. But still funny. xD
Good to see you back Linus!
Oh hey, I enjoy the things you do.
Hi
Just saw your video 😂😂😂
@@usagamer9834 samee
Hi
I love it that even you getting hacked is a fun video topic to watch.
All due respect admitting your mistakes and still making it a great video
Fun wat the f
I feel sorry for what the editor had to see to blur everything.
Linus Sex Tips
Linus nude tips
if that was me id personally blur the video, export it, then and only then give it to the editors lol
I’m sure Linus or Yvonne did it because I’m sure one of them had to dig up and clip the home security footage
Wishing I was an editor rn
Man you can feel Linus still hasn't fully recovered from this.
I am so happy to see you back. Your channels are just great and I appreciate your work.
His family weren’t taken hostage - Jesus Christ you fucking nerds make stuff like this seem like the apocalypse. You gonna say he got PTSD from it next?
It literally happened 15hrs ago of course he’s not fully recovered
You just feel this pain from the very beginning and man does it not feel good at all. His eyes tell the whole story
Thank you for addressing the issue of smaller channels not getting the help they deserve from UA-cam
Exactly this, I know of two that suffered the same fate, from the same vector of attack, but only restored their channels because of others in the UA-cam partnership program
Unpopular opinion: What is UA-cam supposed to do? There have to be like two billion accounts on here. Are they going to hire 100 million account managers?
@@yrobtsvt They dont need to hire account managers.
Just revert that account to a previous state, invalidate the session token by forcing all devices to log out and change the password.
@@yrobtsvt Or come up with an actual ticket system so people can at least get their problems looked at eventually rather than relying on friends and Twitter? Or some better security features?
You're talking like it's unreasonable they would have to actually help their users just because of their size. Even the biggest corporations in the world have customer service lines where you can call and get help eventually.
@@OrbObserver To point out how it's entirely possible to implement something like this, Steam support used to take IIRC about a week to get back to you. I remember because my account got locked in 2010. But once they did they were very prompt about helping me. Was it really annoying it took so long? Of course, but it's far better than nothing, which is what UA-cam creators seem to typically get. And if a smaller company like Valve can offer such customer service (they're actually far more prompt now days), then a monstrously huge company like Google has no excuse.
My 33k sub channel got terminated 3 months ago with the same Tesla scam. It took a week to get out google account restored but we still haven’t gotten anything other than “it will be reviewed” on our YT. Very frustrating
Keep fighting it and you’ll get your account back.
The fact that Linus and his team were dealing with being hacked and still managed to crank out this long and in depth of a video that's well edited is seriously underappreciated. Big props to the team for filming and the crazy fast editors for this video. Glad you all were able to get the channel back so fast.
Love that Steve reached out to you at 3am to make you aware. Truly a good dude.
That is a TRUE FRIEND !! ❤
Of course it had to be Steve at 3 am, who else is awake and working at this hour!😅
Well to be fair it would've been 6am in NC where Steve is but still not surprised Steve is up doing stuff at that hour
Classic Tech Jesus
i think it was his wife
That was OWNE heck of a story. Thanks LTT and dbrand.
😂 was coming to the comments to see if just owne other person noticed
lol came to comments when i heard W in the spelling of ONE.... but lets give it to the guy... getting Linus back is one big W.
I was wondering about that, too hahaha
@@FroobTubeLIVE ownedering, even?
Came to the comments for this.
One of my friends worked on his channel for over 5 years and had it going good. Later it was hacked by someone in Bangkok and Google never responded to his emails because he was only at about 100k subs I guess. Not a big channel but 5 years of work all gone! Google needs to do something about the lack of service support.
I'm most impressed by your willingness to turn this into a teaching moment for that employee rather than pursuing disciplinary action. It really says a lot about the work culture you've been able to build at LMG.
UA-cam needs to be taught a lesson about hiring scammers/hackers
@@carsnob youtube didnt hire hackers/scammers tho?? what are you talking about?
Oh that employee is getting disciplined or fired. Don't think that's not happening.
@@RamonathoWhy, its a honest mistake that the employee made.
@@Ramonatho as they probably should be yaya
It makes me really have some respect for Linus that not only did he not blame that employee, he said there would be no punishment or reprimand. What a class act
I was literally just about to comment exactly this lmao it’s so true
@TehPh1L yeah, this shit is affecting both big and small UA-camrs with seemingly no problem.
Well a quarter of their content is about how they sc**up and how they fix it. But this is a new scale.
They should give them a raise for the extra content.
yeah man having worked in SRE it's a process issue not an individual. You learn nothing just through apportioning blame.
Well this is an eye opener. Thanks for sharing.
hope more youtubers don't end up like linus.. otherwise...
This attack really sucks
@@demo_niic the scary thing is how this could hit smaller creators aswell. Thankfully Linus got this squared away. But imagine some poor soul with 10k subs or something and having this happen. Without having an agent or anything I feel like it could be way harder to recover...
This can be easily avoided by not using cookies, or getting an anti-virus scanner.
whaaaaaaaaaaaaaaaaat are you doing here my friend Engineering Mindset
Sad that 10 yrs after this has happened to channels before UA-cams customer service and urgent reaction is still crap.
five foot..owne? hmmm
I'm seriously glad that everything turned out to be okay for everyone at LMG. Amazing job everyone in response to this. Looking forward to more content in the future.
You can bet the man has had zero hours of sleep since the incident.
Tired Linus haha
Thank goodness u posted something I was going to he spelt it so wrong
Nice Freudian slip.
i thought i was the only one
DBrand, even in the worst of times, never skipping a beat to sponsor and troll Linus 😂
Go back and listen to him read the promo code
Lets be real, this is a huge story and will be huge PR for dbrand, easiest marketing decision ever made!
How did it all start? 😂
That extra W where it matters.
Mad props for Steve for alerting Linus and to the guys sending superchats to viewers!
OF COURSE at 3am it was Steve the one woke up and doing stuff to notice... 😂
Tech Jesus saves!
I find it extremely in-character for Steve to both be a total bro and not be sleeping at 3am
The superchat messages were so nice!
Tech jesus doing tech miracles yet again!
I love the honesty and sharing with us that your organization also got hacked (just like many big organizations). Theses tips are extremely valuable and should be implemented by everyon.
Mad props to Dbrand, not afraid to troll a guy when he's down. 😂
Their website is hilarious. I literally have no use for any of their products, but would buy if they had something.
Edit: grammar
....." f-i-v-e-f-o-o-t-o-w-n-e" -linus
Their marketing finally got to me. Fivefootone got me the deal on some joycon wraps.
Five foot oWne! You've really had a long day Linus!
This was quite a shock to hear about, I was quite upset as I've been a fan for many years now & loved the content. I'm glad you were able to resolve the issue so quickly without any long term damage or loss of content. Thank you for spreading a bit of awareness & giving some tech tips to help others try avoid the same scam.
I thought I was the only one that noticed, lol
The lack of sleep and stress got to him LOL
I had to play it back and make sure my mind didn’t say “w”
I was thinking, is that how they spell it in Canada?🤔
he forgot the d at the end, but you know.... we all make mistakes
As a tiny ittly little channel who got hacked a couple of months ago it was SO scary and SO hard to resolve. Its crazy that this can happen to even a tech monster like Linus. I'm glad you got to resolve it quickly enough!
It got resolved quickly because LTT channels generate a lot of revenue vs. your tiny ittly little channel that isn't of high priority. LTT actually have a UA-cam rep to contact directly and your UA-cam rep work in the mailroom who periodically checks their emails.
Backups, backups, backups! It applies to so many situations.
How did you get them to resolve it. The same thing happened to me & they just wouldn't help..
One Year Later. Google still hasn’t done any of these things that this man has suggested… that I know of. Getting hacked scares the bleep outta me.
I'm admittedly extremely envious of how fast your account was resolved. I mean, I get why - but for me, it was over 2 weeks of no channel and no idea what was going on, because the youtube team had next to no helpful responses the entire time. welcome back (and welcome to the hijack club)... maybe this will put more of a fire under UA-cam's ass?
probably not
Imaging UA-cam being run by one of the biggest tech companies that has direct control over the one browser engine used by most of the leading web browsers.
I am puzzled.
lizard man
@@sarowie I find it particularly weird because, while all of my tokens were hijacked, youtube was one of the only sites where they *actually* gained access. Everything from facebook to evernote to yelp to coinbase realized something was up and locked my account. Meanwhile, my entire google account was just like "nah, seems fine".
@@sarowie, there’s many more UA-cam creators than Google employees. Hope that explains it.
@@sarowie Welcome to capitalism; Profits over People!
DBRAND...Like a bestest friend.
Always pulling jokes, poking fun and doing crazy stunts just to keep your life interesting. But like a true friend is always there to help.
We can all use a friend like DBRAND
It was hilarious but don’t make it more than it actually is: a business. This is a business agreement with LTT to make money.
This has happened to tons of content creators at this point. UA-cam keeps ignoring the issue. This is unreal.
Look, this isn't UA-cam's fault... no wait... it's totally UA-cam's fault! Carry on...
Yeah, UA-cam has been going downhill for awhile.
the easiest solution is to have the session token confirm the device it is on. If different, force a relog
But at least it still has all the great ads we love and need!
This honestly isn't youtubes fault given the session token issue. They need an EDR solution if they're going to have proper InfoSec... like Crowdstrike or SentinelOne, or Carbon Black. These softwares would've stopped any of these attacks in their tracks. Source; I'm a SOC analyst and systems engineer.
It's crazy how extremely tech savy channels and people can still get hacked like this.
Ah yes, O-W-N-E = ONE.
Glad that your channels are fine. I didn't hear about it until now but it's great to know that the LMG crew still has channels to create awesome content to (:
he is probably super tired honestly
It's cause they got... owne-d.
@ imagine if that was dbrand promo for this video
@ damn, you beat me to it
Now Dbrand is gonna make fun of Linus for not being able to spell O N E correctly 😂
(Use code ‘LINUSCANTSPELLONE’ / ‘LINUSOWNE’)
Thank you for not blaming Colton. He probably feels bad enough about it. But I'm glad you fixed it easily. And thank you to Stephen from Gamer's Nexus, you really had Linus' back. His buck naked back
He didn't have a pair of shorts to throw on so his kids didn't see the bits if they walked in?
@@michaebr Yvonne would have herded the kids out before they saw cracks and bits. He explained it better on WAN show.
Big thumbs-up for the response, transparency, and recovery. I've been working in IT for almost 25 years now and I've seen this sort of thing happen far too often when something as simple as what looks like a broken link ends up crippling an entire business for days or weeks. Big shout out to your team for helping you get things back together.
I know I’m months late, but good job getting this under control. Good job admitting where you went wrong, and I completely agree that these companies need to offer better security measures. For example, my bank (yes, my BANK) doesn’t even have MFA as an option.
My BANK has no app 2fa, and requires SMS 2fa...
This video gives off the same feeling as after a good cry session. Like the stress is passed and dealt with but left with an almost uncomfortable level of clarity
2FA are annoying as hell, sure for some accounts I have it on, but damn...all the mails, texts, authentication app, qr codes, having to have a lock on your phone etc etc
It's uncanny how accurate this description is
I think Linus deciding not to blame the new members of his team really shows how understanding he is
I think he would be a fucking terrible boss.
@@Theharrizable "fucking" wow really emphasised that didn't you...
@@Theharrizable Linus is probably a great boss but no one is perfect so I'm sure he has his short comings and as with every leader there's always something to talk about
he should've grew balls and fired someone
@@SPECTRA890 hah, short comings
Welcome back - I was really worried for you!
Love your videos!
What a time to be alive!
Poop
Love your vids
Hold on to your UA-cam channels!
5:47 , OMG this same thing happen to me. I was downloading a mod for a game, then the file kept closing and wasn't running. So then I decided to uninstall that mod. The next day all my accounts were hacked, Epic games ,google, riot games, steam and twitch. The only thing they did was change my Epic games email. When I manage to get all my accounts back they haven't stolen anything.
The fact that they even cram out a video about this on the same day. Mad respect.
Kinda suspicious almost
@@ModishShrink get laid
i'm more impressed at Dbrands level of spine to even do this. KEKW XD
Might as well channel all that residual adrenaline into a short PSA. Still, that's an impressive turnaround time considering all the scripting and editing that went into this.
Never underestimate a man who's *P I S S E D.*
I love how Linus puts in the fact that no one is getting fired for this and that it was simply a matter of the knowledge his personnel has and actually takes accountability for his own mistakes. Really goes to show how good of a boss he is and that he's willing to take responsibility and better train his employees so things like that don't happen again. Props to you Linus 🙏
LMG has been setting the bar since basically forever.
Nah it was the loop hole in the system 😞. If they use different email contact than the one that linked the youtube or maybe use 1 special computer to check the email only shouldn't that be resolve? The internet nowadays getting scarier with only opening PDF or any untrusted file can just copied our stuff in the background
agreed Linus is awesome, mistakes simply happen
He says no one gets fired, but he obviously didn't have proper anti-virus like Sophos or Webroot on his employee's machines, so even if someone did click on something dumb it's his fault for not properly security his devices. Linus has the security know how of a home user, but at least he does seem to be a chill person. He should hire an IT professional to oversee his environment and save some headache... Or maybe he is happy stuff like this happens because it gives him things to make content about?
@@Darksteel165 and how do you know that so confidently, do you have inside knowledge of what antivirus they use on their employees' PCs?
7:47 bet Steve is regretting that text rn
No, how else was he supposed to get views?
???
I like how Linus owned himself by spelling ONE in the code as O W N E
i thought noone else noticed
But you remember the code now, don’t you? 😂
@@pepegaprofessor3324 lol. i said.. w? hahahaha Love you Linus
damn i commented about this when the video came out. 0 likes.
@@lzxty6024luck of the draw
I can’t imagine the stress you all felt. So glad you got it all back.
Publicly stating that, no matter what who or why, sh*t rolls uphill and taking that responsibility is an impressive thing and just adds to the respect you have as a boss. Kudos.
Not just as a boss - but as a business owner, as a content creator, and so on. That willingness to take ownership, and ask "what could I do, to improve the situation" is such a good attitude for becoming successful.
Very respectable
@@formes2388 Absolutely right. Every part of the success is thoroughly deserved and becomes more so as time goes on.
Downhill buddy 😂
@@Lynn-mc9zk Ummm, nope.
i had a similar hack done to me in december 2021, i had about 800-900 subscribers, i had my channel back in less than 48 hours, youtube's process is very good and works for smaller creators too
I'm a security data scientist for a bank, which most of the time makes me feel pretty paranoid about the level of care I take when dealing with digital content, but stories like this make me feel a little less crazy.
your not crazy enough
You should get even more paranoid depending on your levels. Keep your nogging working and thinking about ways to avoid trouble. (Of course, only if you can deal about that. No use stressing over things you can't deal with.)
@@mattsopiratoso790 Oh I have to be plenty already. I don't know whether it's because of my job or just really advanced data mining, but I've had emails and texts sent to me that used very tangential details about my life to sell the illusion, and my employer has told me straight up that they've found bounties on me and my whole team on the dark web. And I don't even have any real power or anything lol. I'm just a convenient potential entry point, like a lot of others. It's creepy to think about, but that's where we are today. The sophistication of black hats has increased to an almost unbelievable degree.
Not a data scientist, just a lowly sys admin, but I completely understand. Security is such a fragile thing and we are never in control.
@@jamesstack7237 Oh come on now, some of my best friends are sys admins 😁 Actually, I would think your value as a target would be even higher than mine. My code runs over sensitive datasets, but I myself don't even have access to them. Typically I only have access to extracts in dev and it's our devops guys and gals who have access to silver and gold that place my code in production.
In a healthy organization, sh!t actually rolls up the hill, rather than down. Beautifully said, Mr. Linus
I've never had a job where shit didn't roll downhill, I think shit only rolls uphill in tech because the people are smart enough to own responsibility. In Healthcare it is all about liability which leads to fingerpointing and the people at the bottom take the blame for failure even when there is poor management and lack of training
Already one of my favorites, respect grew immeasurably by owning up and taking responsibility.
@@elijahdungan3612 Haha, that's a very interesting take on the healthcare industry. That means the only ones who rise to the top are the ones who manage to keep themselves clean. Ofc, nobody is perfect, so who did they blackmail to get where they are? amiright?
@@davidsauve7794 absolutely.
@@elijahdungan3612 nah, I've seen plenty of healthcare organizations that own their shit at every level. It's not just tech.
I love the fact that despite someone on your team making a mistake, you guys are using this to better the company instead of hurt it.
It's like you need a separate computer with its own address to be in contact with sponsors , totally isolated from other computers .
Yeah its a pain in the back , but when there is no access ever made to the creative part , there is nothing anyone can use .
@@pete_lind hacked by downloading a file. That no one thought about that...
That trick is as old as computers itself. Seeing my work tasting it's employees on it regularly.
But yeah besides the extra security. Separating prevents a lot. Excellent tip in general, even it's just for yourself,
those who blames mistakes are fools
Linus know that, so instead of punishing the guy who made the mistake he uses it as a learning factor to better secure and improve the company
@@pete_lind We have that in our firm, actually a cheap setup but a pain for us employees ... we can´t goof around in the internet. I have no internet access, I am only allowed to use the software intended for my work plus the fact that the server my work is stored on isn´t connected to the internet either. I think we only have two computers with internet access and they are both strictly regulated .... and we are nobodies in the big picture. I think my boss is paranoid.
@@pete_lindI know multiple smaller creators who claim to do that. But its the Work computer (business) main (upload)
I wonder if a similar hack happened with Twitter.
I feel bad for the poor editor who had to blur out his boss’ junk today.
see the boss himself naked lol
Hopefully it was his wife
The best form of punishment
He surely got him covered
Seems like a pretty small job tbh
I would love to see a follow up analysis of the infected PDF. I think it would be a useful tech tip for viewers, particularly if you work in an office environment which is where this kind of attack would be more likely to happen. Glad you guys came back so soon.
Yes! Also a deep dive to where the info was send etc would be a good watch, collaboration with @JimBrowning or @markrober ? Would make good content i think
Sounds like a task for John Hammond... :P
@@NerdOllie spared no expense.
Here’s a video on it ua-cam.com/video/jnhzMLBq1VM/v-deo.html this shit has been happening for a hot min
ua-cam.com/video/QpnqeOqb4cc/v-deo.html another one about it
As a Cybersecurity engineer, I appreciate the openness and willing to accept blame and understand you are only as good as your weakest link.
Why they allow using session keys from any ip address, why not only from the address when the key was created? I am thinking about it when I program my own server, its just common sense.
@jungervin8765 mobile devices such as laptops. However I agree. It should be a user decided option.
@@jungervin8765 This is complicated because it can quickly become a user impact scenario. And user education is the hardest part for these authentication schemes.
CG-NAT, VPNs, change of routes, load balancers, reverse proxies and several other networking changes can easily become an issue for the average user when they need to constantly login again.
I think an approach like Microsoft's Conditional Access would be an improvement: Have user-configurable limitations on locations (which are geo, wide ranges and not specific ones), devices and configurable session length would be ideal. Also, having seemingly risky logins undergo a new MFA challenge also help.
But in the end all of these can be bypassed one way or another; the actually ideal scenario is to have several different checks and security features combined - the general idea is to have defense in depth, assuming everything can be breached one way or another and reducing the likelihood of the event to be like a plane crash: several things need to go wrong in sequence for something to happen.
I really appreciate the honesty and transparency. Such a crazy event, and something to look out for.
"Shout out to Steve from Gamers Nexus for alerting me at 3am." Can we all agree that this was worthy of a little bit more attention? Out of all the staffers that Linus has working for him, out of all the sponsors Linus promotes on his channel, and out of all the people that have his cell number or know someone that does, who is the one that alerts him of the hack at 3am?... a competing youtuber. Mad respect Steve.
No… no attention… UA-cam/Google don’t wanna hear about this.. only bothers them since they are the ones allowing it
Steve is in a different time zone. Yes, they're competitors, but tech tubers always have each other's backs. Also I don't think any sponsor or even all of the employees have his personal number, and I'm sure Linus has to have his workphone on silent at night. Don't get me wrong it's great that Steve did this, but I wouldn't expect any less from him, nor would I blame anyone else with Linus's cell for not being there first.
The true meaning of friendship.
you understand it was in the middle of the night, right? People were sleeping. How would they know? Personally I only knew because I woke up at that time and i'm in a slightly different time zone. Had it been the middle of the day or a few hours later it would have been seen a lot sooner. FFS Linus himself didnt know since HE was sleeping too...
People think it’s a joke but Steve is actually tech Jesus, sent to us from above to do good for all of the community.
Joking aside, you’re right, but I’m not at all surprised it was him who got to Linus first. Dude is a rock star.
The fact that so many people joined floatplane to support LTT is a testament to how much we appreciate your work. The people that did super chats deserve something special
I think people more just wanted to know wth happened
They literally paid to hackers for superchat bruh
@@Steph.98114 they'd subscribe for that reason alone? i don't think u waste money if ur just moderately curious
@@certifiedbruhmomento the superchat money still will go to LTT... the didn't miraculously change all the banking info.
@@certifiedbruhmomento here's the thing, the hackers couldn't take that money, that money still went to LTT. The hackers couldn't access any sort of financial information in this scenario, only the basic level tasks like uploading/deleting videos which don't have additional security past the session token
Can we take a moment and send our condolences to the poor LTT video editor that had to add the blur effect.
F
F
F
F
F
I really feel for you, as someone that had to play "Log in whac a mole" with a IP address logging into all my accounts from RUSSIA a few years ago it is truly devastating. I was never concerned with online security until I got hacked and all my accounts even a roblox account I forgot about was stolen from me in a matter of minutes. I was at the store getting groceries then all of a sudden I got new login notifications from all my gmails. Now I have 2 factor on everything. Not after playing log in whac a mole with a ip address from russia for 3 days straight .
The fact that Linus was naked, got out of bed, and thought of nothing else during this trying time, shows a lot about his dedication and focus on his work/channel.
Now there is a shit stain on the chair
Oh boo hoo hoo a multimillionaire had a rough few hours...
He’d prob stop mid-coitus if his YT channels went down
@@righteousone1 true cause everyone knows when you get some money your problems are invalid and things can never be "rough" for you since you don't work in the coal mines breaking your back
Someone should get the man a robe