Linus Gabriel Sebastian & Linus Media Group / Linus Tech Tips - Narcissistic corporate shill YouTuber driving his media empire into the ground. KILL COUNT: 2

quaawaa · Mar 24, 2023

Chief Nigwelfacheqee said:
Really was a phishing scam lmao

Tl;dw if it somehow goes down again (can't archive right now): someone on the team opened an attachment in a fake sponsorship deal email (greedy goys), didn't think it was weird when the attachment did fucking nothing, and just shrugged and moved on with their day.

Linus seems to mostly be blaming Google.

TaterBot said:
He mentioned a guy named Colton. And he opened a "random email attachment", that's stupid.

Muu said:
A guy named Colton must have been a zoomer hire who is so fucking fired

At 9:10 in the video, Linus says:

[YouTube] figured out that the attack came from one of our non-video production teams pretty quickly and then actually banned that Google workspace account almost immediately.

Why does someone who doesn't work on videos even have access to the YouTube channel? Did he give access to everyone who worked there?

JT Marlin · Mar 24, 2023

quaawaa said:
At 9:10 in the video, Linus says:

Why does someone who doesn't work on videos even have access to the YouTube channel? Did he give access to everyone who worked there?

Why would Linus leave personal videos unlisted under his business account for years instead of stored on a NAS and keep another backup encrypted on the cloud?

The sooner you accept people are not 100% rational 100% of the time, many of these mysteries become solved.

Miller · Mar 24, 2023

Chief Nigwelfacheqee said:

Even the LTT-focused video is sponsored... Jesus.
Also the fact that he has CCTV cameras in every room of his mansion is fucking creepy.
9:41 Wait, that's what I said. Does Linus have this thread on his browser all the time?

Linus seems to mostly be blaming Google.

It's never his fault.

The Wokest · Mar 24, 2023

BTW if someone manages to execute a cookie stealing script on you changing you passwords is not enough, a lot of fucking sites don't automatically end your session and force you to log back in using the new password, so you can still get session hijacked even if you changed your pass.

What I'm trying to say is... If you clicked on the link on that nigerian prince email, change your password and also log out, that should close the door for good.
Also it's never one or the other (cookies/credentials) if you're making a script you make it so it grabs both, it's pretty easy.

reptile baht spaniard rid · Mar 24, 2023

The very first rule of security is limiting access and blast radius. Even Linus himself shouldn’t be using an account that could nuke his whole channel; that should be a separate master account nobody uses.

But I bet they all have access to everything.

Also @quaawaa you broke KF with too many gay vidoes, the file server got aids and died

Most things like google and friends have a “log out all sessions” button. Learn where it is NOW in case you need to use it.

Agamemnon · Mar 24, 2023

He handled it relatively well. He assumed responsibility (not to have trained his employees against phishing) and suggested a good faith criticism of Google's security policy around session tokens.

Homoshrexual2 · Mar 24, 2023

Smaug's Smokey Hole 2 said:
Could be a text message thing. Notice how you can get messages from a company with a name instead of a number despite them not being in your contact list?

That's called caller ID you stupid zoomer.

quaawaa · Mar 24, 2023

Homoshrexual2 said:
That's called caller ID you stupid zoomer.

No, it's not:

iOS - Business Chat

Business Chat lets you easily connect with companies to ask questions, schedule appointments, and make purchases right from the Messages app.

www.apple.com

Business Messages | Google Developers

Enable meaningful interactions between consumers and businesses.

developers.google.com

Very_sad_man · Mar 24, 2023

MembersSchoolPizza said:
I somehow doubt it actually was Colton. I don't think Linus is the sort to actually name-and-shame the real culprit. I think that's just meant to be a joke to deflect the question of who it actually was.

It's their inside joke. Whatever happens, it's his fault. He also "fires" him for the lulz.

Punished Wankula · Mar 24, 2023

quaawaa said:
Why does someone who doesn't work on videos even have access to the YouTube channel? Did he give access to everyone who worked there?

The attack came in the form of a .pdf(.exe) which pretended to be from one of their sponsors, so it would have been handled by someone who deals with that stuff.
Also, it's a running joke that Colton is responsible for every fuckup, and gets fired every time he's mentioned.

TheOtherSideofMakeBelieve · Mar 24, 2023

He used to fire Luke all the time before Luke actually left to take control of Floatplane. Colton was the replacement. I guess there's no reason to go back to Luke even though he's officially part of LMG again, but I would assume that's who he'll go back to when Colton is gone

Lost Soul · Mar 24, 2023

Talmanes said:
They are what now, a 100 men strong company? How do they not have security measures in place? If this was a mom an pop cocking channel I could understand this, but for a tech focused channel this stuff is baffling to me.

Tech and security are not the same. Many IT teams ignore and/or bypass security because it "gets in their way" is "inconvenient" and "takes too much time to consider and set up." Even if a company has a security team there are tons of exceptions in place and tons of bypasses. This is why so many companies have breaches because it is a money sink, takes too much time, and "gives too many people a headache." Then they only "care" once something bad goes wrong, blames the sec department, starts sinking money into it to fire everyone and hire a new team, and then starts all over like they are doing something right, but really they did nothing at all. It was all for PR and things keep going the way they always have been.

The amount of PR they even get from the breach (even though negative) is still PR at the end of the day. Bad news is still news. The tiny slap on the wrist companies get for a breach is far smaller than putting money into a proper security team, training, and monitoring.

quaawaa · Mar 24, 2023

Punished Wankula said:
The attack came in the form of a .pdf(.exe) which pretended to be from one of their sponsors, so it would have been handled by someone who deals with that stuff.

Yes, but a business person doesn't need access to upload and delete videos. If Linus only gave people the permissions they need to do their jobs, this wouldn't have happened.

Reverend · Mar 24, 2023

quaawaa said:
Yes, but a business person doesn't need access to upload and delete videos. If Linus only gave people the permissions they need to do their jobs, this wouldn't have happened.

This requires maturity, accountability, and acceptance of risk. LTT staff lacks all 3 and it's the reason shit like this happens constantly.

Punished Wankula · Mar 24, 2023

quaawaa said:
Yes, but a business person doesn't need access to upload and delete videos. If Linus only gave people the permissions they need to do their jobs, this wouldn't have happened.

You also need access to do things like upload thumbnails and change the names of videos, which someone has to do repeatedly with every upload.
They'll swap thumbnails and video names 4-5 times until they get a combination that sees lots of clicks.

You also need people moderating the comments due to the massive amount of bots, people managing scheduled uploads, ect...
There's probably more people with access to channel credentials than you'd think.

However, we see in the explanation video Linus uploaded that he also logs in from his own home, so who knows. Could have been him.

Cubanodun · Mar 24, 2023

Why im not surprised he got fucked by Session Hijacking, was the exact same method hackers used it to compromise lastpass

BowsersRectum · Mar 24, 2023

I feel like LTT's security setup must be a nightmare. While no amount of real setup can prevent one dumbass from clicking a link, there are a lot of things they could implement that would help. I'd love to see an actual analysis of their security.

SilentDuck · Mar 24, 2023

100 soygoys and techcucks working in the building and not a single one running Qubes. Sad!

oramge cat · Mar 24, 2023

Talmanes said:
They are what now, a 100 men strong company? How do they not have security measures in place? If this was a mom an pop cocking channel I could understand this, but for a tech focused channel this stuff is baffling to me.

That's probably what fucked him. They're a 100 person strong company, that's 100 potential idiots who might fall for a phishing scam or plug in a USB drive they found in the parking lot into their workstation. There are probably a dozen people at that company who have to know the login to the account for work reasons and not all of them are going to be tech-savvy.

tehpope · Mar 24, 2023

Why did Linus need to tell us he sleeps naked? Did he have one of his editors see the uncensored footage to censor it? Never wanted to see any of my bosses I've worked for naked.

Linus Gabriel Sebastian & Linus Media Group / Linus Tech Tips - Narcissistic corporate shill YouTuber driving his media empire into the ground. KILL COUNT: 2

quaawaa

JT Marlin

Miller

@Grok is this true?

The Wokest

Diversity is our strength

reptile baht spaniard rid

witless witness schema iguanas

Agamemnon

Homoshrexual2

Wow, what a faggot

quaawaa

iOS - Business Chat

Business Messages | Google Developers

Very_sad_man

Hello there

Punished Wankula

TheOtherSideofMakeBelieve

C'mon, juggle these knives, don't be gay

Lost Soul

It's a desert of snow.

quaawaa

Reverend

Avatar of Change

Punished Wankula

Cubanodun

Chaos Engine Operator

BowsersRectum

SilentDuck

oramge cat

Neow!

tehpope

The Far-Out Son of Lung