Back in November, we covered a story where MacroStyle's YouTube channel got hijacked. It turns out, there's a bit of a trend of that going around and the problem is even more widespread.
On January 21, YouTuber Dmonty Gaming posted a video titled “How my Youtube Channel was Hijacked for 3 weeks” telling his story and explaining what happened. He was approached by a sponsor with a link to check out their product before promoting it on his channel. Upon clicking the link, he said his account was taken-over and that allowed the hackers to transfer ownership of his YouTube channel – exactly what happened to MacroStyle last year and is happening to more and more YouTubers each week.
While most takeovers are due to simple phishing attempts, hackers are now increasingly using cookie theft techniques that allow them to clone a user's browser cookies and allow them to be logged in to the target's YouTube account without having to enter a password.
This is why YouTubers are calling on YouTube to end the practice of allowing channels to be transferred to a new user without a password and two-factor authentication.
Dmonty Gaming realized that the channel was compromised and his channel was uploading hundreds of Judge Judy episodes, which were being flagged as copyrighted content on YouTube and adding strikes to his account.
He said he contacted YouTube asking them to at least prevent uploads to the channel until it is recovered and they said they were “working on it.”
Over the next 24 hours, 2,800 copyrighted videos were uploaded to his channel. He lost 30k subscribers during that time which he says is completely understandable, as subscribers would be annoyed at the number of irrelevant notifications.
After receiving 67 copyright strikes on his channel, YouTube Creator Support flat out refused to offer him support since his account was now too far in jeopardy to be part of the YouTube Partner Program.
On January 22, Jon Prosser of Front Page Tech, tweeted a warning to other creators about “an antivirus company called AnyDefender offering good money to get you to promote them. They ask you to demo their software — which secretly records your password data, allowing them into your YouTube account and more. DO NOT FALL FOR THIS.”
“They offered to pay us crazy amount and luckily, we tested the software before accepting the deal and caught what it was doing. Scary to think of how many other creators they may have reached out to that just took the deal because of the money. Be careful out there,” Prosser said.
The company is even using the design of a legitimate anti-virus software as the basis for their download page.
Many replied to Prosser's tweet claiming they too had been approached by the company. Some even shared screenshots of the communication.
It's worth noting that AnyDefender isn't the only fake software that's causing YouTubers to lose access to their accounts and creators should know that there are several of these fake software companies popping up each week and their names often change. We recently reported on account takeover hackers who were targeting YouTubers by pretending to have new streaming software to test.
In an additional twist, Dmonty claimed that, upon retrieving his channel, all his private videos went public somehow. “So that was cool.” And his subscribers got notified for each of his 200 videos that were now back up.