My Channel Was Deleted Last Night

Thank you ALL for your constant support! And thanks to dbrand for sponsoring this video. Use code FIVEFOOTONE at shortlinus.com for 15% off everything site wide.
► GET EXCLUSIVE CONTENT ON FLOATPLANE: lmg.gg/lttfloatplane
► GET LTTSTORE MERCH: lttstore.com
► GET LTX 2023 TICKETS: lmg.gg/ltx23
► SPONSORS, AFFILIATES, AND PARTNERS: lmg.gg/partners
► OUR WAN PODCAST GEAR: lmg.gg/wanset

Tech tip: don’t get hacked

In a healthy organization, sh!t actually rolls up the hill, rather than down. Beautifully said, Mr. Linus

I like how Linus owned himself by spelling ONE in the code as O W N E

I'm a security data scientist for a bank, which most of the time makes me feel pretty paranoid about the level of care I take when dealing with digital content, but stories like this make me feel a little less crazy.

I love the fact that despite someone on your team making a mistake, you guys are using this to better the company instead of hurt it.

Geez, what a mess. Glad you guys are handling it. I have to say this is the most sincere I feel I've ever seen Linus. This authentic display of feelings was nice to see for a change.

As someone who had a channel deleted (albeit in a different way), I sympathize. Glad Google had your back and I wish they were as responsive for me (took a week, but at least they restored it).
- It's good to own up to mistakes; others will learn from this
- Perhaps link to the advice you quote in the video and not just a shout out to ThioJoe?
Keep up the good work.

Love the fact that the wife was down there in the trenches with you. What a team you are.

This is very eye opening not only for UAclipsrs but also for common internet users. It is also an important lesson for web developers. Session hijacking is often an oversight by many developers. In some cases like social media, as you mentioned, they deliberately skip out some measures to make the UX less confusing. It would be nice to see if these companies at least add those advanced security features configurable. It would make the balance between UX and security.

You know, the fun thing about DBrand as a sponsor is it is so much fun watching them troll linus and linus whine about it (I know it is marketing) that that, all by itself makes me want to buy something from them.

Another good rule of thumb, when all else fails call your contact at a vendor/sponsor directly before opening anything. If you don't have a contact with said vendor/sponsor call their customer service line and ask to speak to the person that sent the email.

I am glad that the community has the back of LTT. You guys have earned a place that deserves recognition in the face of struggles. It shows your strengths through the frays. You have a solid team that faces issues day in and day out. It is the unknown challenges that come out of left field, that you never see coming that turn things upside down. And they could happen again, but you guys are wiser from this. You may take a look at all your procedures and refresh the teams about how this transpired for future booby traps.

Really appreciate your honestly and candor here. A huge problem that needs to be fixed.

Gotta love dbrand! Glad you guys were able to recover!

This is incredibly valuable to ALL of us. We spend so much of our lives creating content and investing in our channels. If YOU can get hacked, anyone can be hacked, and that's very scary! What about music claims that aren't correct, yet earn big $$$ for those bots that claim content and just hope that the channel doesn't challenge that. Please do more Crime Related protection content. We are all VERY INTERESTED. Thank you.

What's wild is that this can happen to literally any of us.. but when it happens to us, we (the average person) probably won't ever get our stuff back because we're nobodies in the grand scheme of things.

Really sorry this happened to you mate. Great to see your community getting right behind you. Also, don't blame yourself for this. It could happen to anyone and we're going to keep on seeing more and more victims of this kind of thing. It's just the world we live in unfortunately.

I really appreciate the honesty and transparency. Such a crazy event, and something to look out for.

I feel bad for the poor editor who had to blur out his boss’ junk today.

Linus didn't deserve to be hacked, he clearly respects his staff, and thats rare.
He's taking full responsibility, and I hope this works out for his benefit
God Bless you all 🙏

His approach is very commendable and respectful, in most companies they would just blame a certain person and that would be the end of the story, without improving the initial problem and let the cycle rinse and repeat, also Steve is a real one for informing at 3AM xD

Love your sense of accountability - it's a great model of reflecting on systems and training. I'm glad you got everything back

Sorry to hear this happened to you guys, but glad you guys got it under control again fast :)
Just laughing my ass off for the end of the video, the best sponsor link and code ever! haha

This community cares Linus. We, even the noobies, we are ALL in this together. We LOVE this shit as much as if not more than you do. Thank you.

Good to see you back Linus!

This entire video is golden. Your candor is astounding. Your relationship with Dbrand is perfect. And your responses to your community and staff are unprecedented . I couldnt be happier to have you as one of the few people im subscribed to. Proving every post why it was a good decision. Please keep being the awesome person you are Linus

Im truly glad you guys were able to bounce back! I remember waking up super early to the notifications of the live streams, there were so many of them, which was odd to me. Then later on, on Facebook I see a post from a friend saying "Linus Tech Tips got hacked" and I was kinda like "huh? no way, it happened once already, there's no way.." Now 5 days later, I'm seeing this.

Glad to see you guys got your channel back so promptly! Lessons like these are always rough in the moment but hopefully it helps give you some good changes in mind for the future.

Much love for you guys I am glad you guys got this fixed couldn't live without your guys help when it comes to tech you guys rock

Just want to say thanks for showing the world that you can not only make mistakes, but own up to them, be transparent about them, not scape-goat them, and _still_ be not only successful as a company, but _thrive._

Glad you got this sorted! You can actually disable all forms of two factor other than a security key by enrolling in the Advanced Protection Program. I’d highly recommend all UAclipsrs do so. There does need to be changes for this type of thing though. Even to start there could be more limited channel permissions, it would be a quick change but go a long way.

Sorry that ya had that happen, Linus. Your channels are so good for knowledge. I sure hope that nothing bad like this happens again. Thanks for keeping your videos posted. I use the Brave browser to run all my items. So far it is 100% secure for any browsing of data. I don't use chrome unless on a smartphone. Chrome is Google's gateway & sadly it is much like Internet Explorer use to be with Microsoft & gets hacked open often. Still. Glad your channel is up again. Keep it real Linus and keep those awesome tech tips coming. Even though not I don't have a youtube channel, I still do feel for ya that all 3 were tampered with. In conclusion, super glad ya were able to post this insightful video about the hacks that hit your channels & glad things could be resolved. There is a reason you have over a million followers and support through the community, it is all due to your technology tips. Stay strong and wishing you the best of luck.

I love how DBRAND jumped at the chance to completely troll Linus in his hour of need.
Whomever is in charge of their social media must be an epic troll.

Very grateful that you publish this content that you make a us aware of these situations. I was never aware that this could happen and really need to be so cautious with opening anything from email

I'm glad you managed to restore your channels! Even if you're not the first to have suffered from those attacks i'm sure you won't be the last. These are sneaky techniques not easily detected.
As a software developer myself I run my entire development environment on a virtual machine. And also my enterprise email client run on it's own VM. It's definitely wasteful in terms of hardware resources, but in terms of security and isolation it's another world.

Thank you Linus for spreading the word on paramount details that impact everyone.
You really dig into that things that I have questions about in regards to Google’s credibility*.
Glad things are back.

I have so much respect for Linus. Glad you're back!

Like you talked about on WAN show, this was bad but in many ways not only LTT but the creator community as a whole will benefit from this. You've raised awareness on something that had been lurking in the shadows. Keep fighting the good fight! Now I'm off to LTT Store to buy something...

I dont know if you'll see this since this video was posted last week but i wanted to let you and your team know how much of an impact LTT has had on me. I started watching about 8 or 9 years ago and got inspired to keep learning. Now I'm coming up on 1 year at my first IT job. Even now when i watch your channel I always learn new things almost every video. Thank you LMG and keep up the great work :)

Seems like a valuable (if painful) lesson for all involved. It sucks that (survivable) failure is often the best teacher, but that seems to be Darwin's (or maybe Nietche's) way....
I'm appalled that this happened, but I'm glad that you survived it - and are big enough to get the attention of the powers that be. The best thing that can be wrung out of this debacle is ways to improve the process to prevent future exploitation.
.....Until the resourceful baddies come up with a fresh way to subvert the system.... (It's their nature 🙄)
"The cost of liberty is eternal vigilance" (sigh)

Glad you were able to recover without too much pain or damage.

Kudos for being open and honest about this. Kind regards.

Glad you’re back! It’s great that UAclips can restore the channels. As few people as possible should have access to the admin privileges of the channels. It was amazing to see those super chats warning people! I’m glad it’s all sorted now. Welcome back ❤

Thanks for being so sincere, helps a lot to understand how they gain access. It would happen to anybody.

Sorry to hear this Linus. That's terrible. You guys also need to check for any backdoors they most probably have hidden on your network. You may need to get a security expert to take a look for you. Hope you get it all sorted and it doesn't repeat itself.

Nah, my heart goes out to you. I really enjoy your channel and I'm sad this happened to you.

you guys have been so much support to me I got to know how to deal with stuff

You've got a very loyal fan base..
Truly a treasure to have

so pleased everything is okay.

Hate that it happened to you guys, but grateful for the insight that was gained because of this!
You guys are awesome, keep up the great work! Also, shout out to Chris Titus Tech that gave me the heads up on what was happening to you!

Great work acknowledging the whole of the problem and not the specific incident. Failure is inevitable, the lessons you learn from them are invaluable but you have to be willing to change and adapt with one and not live in denial.

You sound like great boss, I appreciate how you take accountability for policies.
Good job, sorry you had to go through this.

Linus was going through a lot of tough times. I can see in face.

Sorry this happened to LTT, but thanks for sharing your learnings - this is a real eye-opener!

Can we take a moment and send our condolences to the poor LTT video editor that had to add the blur effect.

Jealous people will always find a way, to ruin for others.
I do hope this works out for you & thank you for the info.
And 11:44 - 11:47 I agree XD.
Have a good one Linus & thank you for the kind words.
And *Dbrand* believing your 5foot-1 under the strawberry, got to be a huge honor!
CSL & OUT!

Some larger multi global companies should take note of this video when there is a hack or data breach, this is how you do it, its all about transparency and speed is of the essence, bravo Linus Team!

That was absolutly intense listening i ever had on UAclips. Happy that you got your channel covered with just a finger snap!

Love your channel, and ill be a subscriber for life, very sorry to hear you were hacked, and what a great video to explain the issue. And good to see you got some cloths on, especially with them drive to the office.

Man, It must be really tough! But im glad you got your channels back!

Most impressive part of all of this is how the company took responsibility instead of throwing an employee under the bus like SO MANY OTHERS DO.

I had the same problem 10 years ago, maybe a little bit longer. I had a gaming channel called game labs reboot. Which I put my life hard work into it. I only had 5000 subscribers, but I lost everything on the channel was completely lost so I completely understand how you must’ve felt. I’m only now starting again, so I wish you the best of luck.

Thanks for the technical details of the incident. I appreciate you're doing a constructive video out of this misery.

This is why having windows default to not show file extensions is the biggest security problem since the internet has existed.

OMG I KNEW I WASN'T TRIPPING! ThioJoe really did release that video before this happened, so it was actually just a coincidence! Also, love that he's getting mentioned here, dude's one of my fav UAclipsrs nowadays, along with LTT

well glad to see you back , the channel is part of life keep it up and be careful

Your wife helping you at 3am while you’re in your birthday suit is pure gold. Glad you’re back

Mad respect to Dbrand here and the team as well!

I REALLY LIKE YOU, anyone that gets to work with you is very lucky, props to all your success.

At least you got your channel back. I lost my channel permanently after it got hacked, I think it had a name change too. Ever since that incident I started using Security Keys.

Hey Linus, the worrying thing is that even checking the file extention is not enough. ThioJoe made a video about how file extentions can be spoofed.

One of my friends worked on his channel for over 5 years and had it going good. Later it was hacked by someone in Bangkok and Google never responded to his emails because he was only at about 100k subs I guess. Not a big channel but 5 years of work all gone! Google needs to do something about the lack of service support.

I really appreciate you verbally clarifying that no disciplinary action will be taken against your employees. Whoever it is, their world must have come crashing down when they realized what they'd done. I wouldn't be able to sleep at night. Being a calm, understanding employer is something the world needs.

Yep… just had this happen to my main channel, and now I’m praying Google will actually be willing to help me recover everything. I’m hoping 15K subs and monetization is enough to get them to take this seriously. I’m so heartbroken right now.

UAclips doesn't need to make your suggestions default to make it easy for most users but it should definitely be options for larger channels or users that want the added security.

Lots of youtubers are being hacked as well. I hope youtube does something about all this.

for not holding tht employee accountable and blaming training linus seems like a great boss to work for

4:29
I knew that already and I'm eating a cookie atm lol
Also it's great to see a boss that doesn't just make an employee take all the blame when it was in part caused by management failure

Session tokens should be reconciled with IP address. Google engineers have just prioritized inflating engagement KPIs cause that’s how they move up in the organization.

Sorry to hear about all the unneeded stress, you and your wife, had to deal with because of this. I can empathize because I know, what being under a stressful situation can be like and know that it can be traumatic or at the least, ruffle your feathers for a prolonged period and turn your chin hairs grey (I know that stress isn't linked to grey hair, it's a joke).
Glad that everything turned out "good" and hope we can see some changes, implemented, a.s.a.p. Sure, it was a malicious file that sparked everything but Google shouldn't leave, so many doors open and unlocked, in their system. It's not like you can just implement more security features, yourself, Google has to be willing to make these changes...otherwise they are stupid.

Loved this video and..... honestly.... the OCD vacuuming pattern in your office carpet.
Thank you for sharing your pain, the effort and the story to help teach others so that they can avoid this.
Honesty and Conversations are the keys to better learning!
And yes, when you are the top of the totem pole..... how you treat those underneath you as well as not denying that no matter good or bad, the bad always sits on your shoulders.

I like how you are dealing with this! The employee made an honest mistake

I learned about this attack from Paul Hibbert (Hibbert Home Tech)'s channel when his channel got attacked the same way. It seemed to be getting around and I was surprised that LTT got hit by this. But kudos to Linus for not imposing any disciplinary action on the staff.

Hahaha I loved the sponsor's hits at you, made me check them out and I've actually wanted to buy this kind of products, so for you Linus, I'll get a phone case ;D

As someone in the cybersecurity industry, thanks for being so open about what happened, and bringing awareness to the technical elements involved. It CAN happen to anyone, what really matters is how you react.

Really informative, thanks Linus. Sorry its caused you so much hassle but it's started a useful security discussion. One more thought would be to have an account kill switch, perhaps accessible by a separate link known only to the channel creator (perhaps via a trusted device), with OTP/2FA etc. Activation of said switch would immediately lock the channel, deauthorise all sessions and report automatically to youtube. Would save much hassle at 3am... I know it wouldn't have helped the LTT hack, but as a result of watching this and recent events I've been taking security more seriously and setting up yubikey on my accounts, as it appears hackers are just getting smarter all the time. I'll also be extra careful with pdfs and file extensions now too.

From a person working with information security awareness: Least privilege access, zero-trust and more are important to implement. But proper training is essential, as anyone can become targets. Anyone can be victims, no matter how skilled they think they are.

Sad that 10 yrs after this has happened to channels before UAclipss customer service and urgent reaction is still crap.

I’m glad you got recovered. I hate that only big fish like you actually get support from google/UAclips.

Thank you for this honest and open discussion about this important issues. I really think this is something that could happen to any of us. Hackers are very aggressive. We all need to be extremely careful online. I try to be very careful about what I install on my computers. You have to even be careful with files that don't seem like they could be dangerous. Word documents can have dangerous scripts hidden in them. Operating systems are not always as secure as they should be. There is so many ways for malware to sneak in.

In my line of work we are trained on cyber security and are regularly sent spoof emails that emulate scam emails. A security system is always as strong as its weakest link, which tends to be the human element.

people don't take phishing emails nearly as serious as they should imo. It's one of those things where everyone thinks it won't happen to them. They think their too smart, or it would be super easy to catch. But scammers aren't all stupid, and their scams are always going to keep getting more and more sophisticated.
I hope this brings light to the fact that it can literally happen to anyone. And people take their training on safeguarding their company and personal data more seriously.

Dang good looking Linus hope you get back up and running w/o too much headache 😮 love your channel!

Linus, I'm so sorry this happened to you. Thank you for drawing from your experience with this hack to make this helpful video.

Glad you recovered Linus.
I do think attachments can be bad especially with wrong sources and everything but you gotta open some from credible ones as well.
Can you teach us how to prevent this from happening as well from user experience? It looks like you've mentioned how UAclips can add additional measures but what about pdf side?
Is there a setting in pdf readers to prevent links from running or things to auto run? Not sure if it's Javascript or what code snippet is run when opening pdf but this should be stoppage from this aspect as well. Or maybe only open pdf that only reads text from it? (Limited functioning reader)
Let us know Thank you.

The best part of this is the fact that dbrand not only jumped at that chance to help Linus, but is also roasting him at the same time.

What a stressful situation, thanks Linus for the lesson!!!

As you said, hindsight is 20/20, and I wouldn't be surprised if you started having your teams open any docs in VMs first.

😂😂😂 shorty lmao, I am glad you were able to get your account back. Love your channel