Crypto YouTubers fall victim to hacking and scamming attempt
Hackers attacked a number of popular crypto YouTuber accounts at some point during the afternoon of Jan. 23. The accounts posted unauthorized videos with text directing viewers to send money to the hacker's wallet.
Accounts who appear to have been targeted by the attack include: ‘BitBoy Crypto’, ‘Altcoin Buzz’, ‘Box Mining’, ‘Floyd Mayweather’, ‘Ivan on Tech’, and ‘The Moon’ among others.
BREAKING: Dozens of Crypto YouTubers have had their accounts hijacked by hackers promoting a fake crypto giveaway scam. Hacked accounts include:@IvanOnTech@boxmining@aantonop@themooncarl@Bitboy_Crypto@mmcrypto@Altcoinbuzzio@FloydMayweather@crypto_banter@CoinMarketCap pic.twitter.com/ykXkZUh9cO
— Mr. Whale (@CryptoWhale) January 23, 2022The Binance Smart Chain wallet address that was listed on the fraudulent videos only had a total of 9 transactions in BNB at the time of writing, with a total value of around $850.
Michael Gu told Cointelegraph that his YouTube channel Boxmining posted a video without his permission. “Luckily we caught it within two mins of the video going live and managed to delete it,” he said. “By that time there were already views and comments from my community.”
He added that he had done an internal sweep and found no viruses or bugs that may have given the hackers access to his account. “Seems like YouTube might be responsible,” he said.
Many Crypto Youtubers (including me) got hacked today - all publishing a scam video at around the same time - @IvanOnTech @aantonop @Bitboy_Crypto @Altcoinbuzzio @FloydMayweather @crypto_banter @CoinMarketCapI have 2FA enabled. pic.twitter.com/c8z5qmJ3bT
— Boxmining (@boxmining) January 23, 2022One Reddit post by user “9Oh8m8” suggested that it appears as though the hackers were able to gain access to the accounts using a SIM swap scam, which would have enabled them to bypass two-factor authentication (2FA). They added:
“They are all posting with a title like "ONE WORLD CRYPTOCURRENCY". They have an address in vid and description to send your USDT/USDC/BNB/ETH to receive a new crypto called OWCY.”However, Gu wasn’t convinced that the hack was a result of a SIM swap, telling Cointelegraph that there were no logins on his personal Google account. “If it was a SIM swap I would lose access to my phone etc and that didn’t happen,” he said.
“What we noticed was on the BRAND account (which doesn’t have a login. YouTube brand accounts are connected to personal) there was a login from the Philippines. Very likely this is either a hack on YouTube side or a rogue employee. That’s how they got so many people at the same time.”Founder and CEO of the Altcoin Buzz YouTube channel Shash Gupta added that they noticed something was amiss at around 1 AM Singapore time on Sunday night when an unauthorized video was posted to their channel.
“It’s pretty unclear what happened. I’m talking to Youtube to get to understand the matter and avoid such further breaches.”Related: YouTube channels hacked and rebranded for livestreaming crypto scams
Another crypto YouTuber Richard Heart tweeted at 9:30PM UTC that his channel had been banned during the middle of a livestream, indicating that YouTube was probably aware of the event.
Hello again @YouTubecreators My channel was just banned in the middle of a livestream. I think it might have to do with all of the other youtubers that were hacked at the same time today. Could you check please, thanks! @YouTube @YouTube
— Richard Heart PulseX.com! Called the Bitcoin top! (@RichardHeartWin) January 23, 2022Cointelegraph reached out to YouTube and a number of other crypto content creators who were affected by the hack but had not received any additional information at the time of writing.