YouTube Hackers Bypassed Two-Factor Authentication

We’re all still reeling from the recent hacks that are affecting YouTube accounts. Someone is infiltrating notable YouTube accounts and posting videos advertising cryptocurrency on them. If that isn’t scary enough, the hackers bypassed the creators’ Two-Factor Authentication.

Here’s a rundown of the situation

A hacker is posting weird and creepy videos shilling different crypto-coins on several YouTubers’ accounts. Creators like Arun Miani (Mrwhosetheboss) logged on to their accounts only to see a strange video posted. Along with tech YouTube channels, these attacks also targeted at least half a dozen cryptocurrency YouTube accounts.

The videos have text on the screen showing the advertised coin, the contact address, the pre-sale price per token, and the chilling words “One World Cryptocurrency.” After that, there’s more advertising copy for the coin. There’s a consistent beep going on in the background with the word “Preview” repeating.

The creep factor is high with these videos, but none of the users reported any of their content being taken down or altered. The hacker doesn’t seem to want to do any real damage, but that doesn’t make the situation better.

No one caught the person (or people) responsible for this just yet. Fortunately, YouTube took down the video on Floyd Mayweather’s channel. This means that YouTube is taking action against these videos. Since the company knows about the videos, it can take down future videos that the hacker tries to post.

The hacker bypassed the creators’ Two-Factor Authentication

What makes this story especially scary is that the hacker was able to get past the creators’ Two Factor Authentication. Many services across the internet use Two-Factor authentication from YouTube to Twitch. This means that if someone manages to get your username and password, there’s still another barrier to cross. Your phone will get a special code that you need to enter in order to sign in.

Whoever hacked these accounts was able to gain access to that code and slip right into the accounts. A Reddit user gave us a hint as to how this happened. It’s a technique called “SIM Swapping” and it’s been around for some time. Basically, the hacker convinces your phone carrier that they are you. Then, they’ll request that your SIM card number be transferred to their phone. When that happens, they will get that special code on their phone.

Right now, that’s just a theory, but more information should come out as this story develops. Right now, we only know of a handful of YouTube accounts that have been hacked, but as time goes on, we expect more to be hacked. Hopefully, Google will make some sort of statement on the matter.