Pages:
Author

Topic: Supreme Court of India YouTube channel hijacked to shill XRP (Read 353 times)

hero member
Activity: 2520
Merit: 783
I believe most of these hacks going on always have an insider. How come a sim swap was successful without the notice of the agency if nobody internally is somehow involved in this

This has nothing to do with insiders, as I pointed out earlier this specific kind of hack is happening via cookie stealers which is just when someone click the phishing link the malware will steal the logged in cookies of youtube account then the hacker will launch the attack which will just mimick logged in from different browser so the attacker will do every possible changes in the account from email, passwords and contact information in just matter of minutes so the actual owner has no way of recovering the account on his own.

As tranthidung pointed out this has existed for very long period.


The picture is clearer now and this is the reason why we should be careful how we click links that pops up all in the name of ads and cookies, these are what hackers and scammers use to get at their victims. I almost fell for this trap last year where I received a mail from a source that looks similar to my expectations at that moment. When I opened the mail immediately I got a warning so I had to check the source of the mail properly to be sure but I was not convinced and had to call for verification only for them to tell me that they are yet to send me a mail which means the mail I received was not from them, I deleted the mail and blocked the source. What baffles me was how they got my mail and know I was expecting a mail from that source and they sent me their scam mail. If I did not have called to confirm maybe my account would have been hacked and possible used for fraudulent activities.

Usually I don't allow those cookies and always clicking not allow when there's something like that popping up. People should be aware clicking those things since maybe this is another reason on why their accounts might get compromise. But in the case of Youtube hacking I guess the hacker use tricky actions that able to get those victim thru phising or other there's instances that the keeper of the account download something from unknown sources. Reason why we we should not immediately get curious on what mail we receive since there huge chance that we might experience this same cases if we are to curious to click anything we see online.

This sticky thread WARNING Beware investors from Telegram, and Youtube scams! by NotATether he owns is somehow helpful for people to know on how they can report if they see similar situation happened.
full member
Activity: 420
Merit: 120
I don't know how it works when someone wants to change their email address on YouTube, but from experience in other services, in order to change your email address, aren't you supposed to receive some kind of confirmation from your existing email address for security purpose and to ensure that it is truly the account that wants to make the change. Or do the scammers also compromise the victims email address?
You only can change your email address on Youtube if the registered email is not gmail.
How to change your Youtube email.

Change the email address for your account
And the confirmation link will be sent to your new email address, not the current one. With this procedure, if a Youtube account was hacked, it's possible to change its email address.
hero member
Activity: 3080
Merit: 603
Another serious concern is how an account that an individual followed for a particular purpose just turned and started doing something that it had not posted or done before without even giving it a second thought and just jumped into investing in it.
Two things here;

1. Youtube channel manager/social media manager clicked on the phishing link that's sent by the hacker through email.
2. Hacker gained access to the Youtube channel and able to get its credentials.

And that's how the hackers are playing these scam videos. The trick isn't a hidden one but because of the negligence of the victims.
I thought the hacker needed to gain access to the email of the channel owner first, and from the email they can be able to get access to the channel's self as each YouTube channel is linked to a Gmail account
You're not wrong, that's also can be part of the process. They're changing the gmail account that's registered on that Youtube channel and then that's how they take over the account and once they do, they're streaming some videos to make the viewers believe that it is for real and will put captions about the scam.

or are their other means and patterns that they use in accessing channels that don't require the hacker to access the email first? 
AFAIK, that's only it through phishing. Other than that, maybe an inside job.
legendary
Activity: 2184
Merit: 1302
Playbet.io - Crypto Casino and Sportsbook
YouTube should be the one to increase their security system and atleast give some cook-off period when someone wants to change their primary e-mail that holds the ownership but they still are not doing anything to stop them once and for all.
I don't know how it works when someone wants to change their email address on YouTube, but from experience in other services, in order to change your email address, aren't you supposed to receive some kind of confirmation from your existing email address for security purpose and to ensure that it is truly the account that wants to make the change. Or do the scammers also compromise the victims email address?
sr. member
Activity: 686
Merit: 398
Another serious concern is how an account that an individual followed for a particular purpose just turned and started doing something that it had not posted or done before without even giving it a second thought and just jumped into investing in it.
Two things here;

1. Youtube channel manager/social media manager clicked on the phishing link that's sent by the hacker through email.
2. Hacker gained access to the Youtube channel and able to get its credentials.

And that's how the hackers are playing these scam videos. The trick isn't a hidden one but because of the negligence of the victims.
I thought the hacker needed to gain access to the email of the channel owner first, and from the email they can be able to get access to the channel's self as each YouTube channel is linked to a Gmail account, or are their other means and patterns that they use in accessing channels that don't require the hacker to access the email first? 
hero member
Activity: 3080
Merit: 603
Account hack on X were common, but other social media and platforms like YouTube are not also safe against these scam. Scammers will compromise the YouTube channel of people that has high subscribers, delete the videos on the channel, changed the URL and changed the name of the channel. Then they will post their scam video.
It's also the other way around that, YouTube isn't safe for scammers and so as the users aren't safe with YouTube. And this change of name of the channel, deleting videos and playing a continuous livestream done a such known YouTube channel is always the tactic of these scammers.

Another serious concern is how an account that an individual followed for a particular purpose just turned and started doing something that it had not posted or done before without even giving it a second thought and just jumped into investing in it.
Two things here;

1. Youtube channel manager/social media manager clicked on the phishing link that's sent by the hacker through email.
2. Hacker gained access to the Youtube channel and able to get its credentials.

And that's how the hackers are playing these scam videos. The trick isn't a hidden one but because of the negligence of the victims.
sr. member
Activity: 686
Merit: 398
So many prominent individuals and institutions get hacked and the scammers use their accounts to promote their scam, but people still fall for it, it raises the question: didn't these victims read about these previous cases, cause if they did, it should have aroused their suspicion.
Another serious concern is how an account that an individual followed for a particular purpose just turned and started doing something that it had not posted or done before without even giving it a second thought and just jumped into investing in it. 
 
The fact that there are people even if you just give a warning about how they scam someone using a particular method that will still fall victim to the same pattern of scam is the reason why these scammers can never rest because they know that in each trying they will always end up getting someone to fall for their trap.
hero member
Activity: 910
Merit: 507
Many of the highly influncial and government institutions have the verified tag on their page and this method is adopted to add some extra layer to the security of the accounts, but even with that we still see many hacked verified accounts on X and other platforms, this show's that those individuals and institutions are likely not taking their security serious because there is no way that can be such an activities on a verified account without the ability of the owners to quickly recover and take down the scam posts or even report the accounts.


So it baffles me so much to see many hacked prominent accounts still being used by the scammers to carry out their scams, without any attempt to take them down, and sometimes this make me feels if the owner of the accounts even care about their followers Safty at all.
sr. member
Activity: 728
Merit: 421
I believe most of these hacks going on always have an insider. How come a sim swap was successful without the notice of the agency if nobody internally is somehow involved in this

This has nothing to do with insiders, as I pointed out earlier this specific kind of hack is happening via cookie stealers which is just when someone click the phishing link the malware will steal the logged in cookies of youtube account then the hacker will launch the attack which will just mimick logged in from different browser so the attacker will do every possible changes in the account from email, passwords and contact information in just matter of minutes so the actual owner has no way of recovering the account on his own.

As tranthidung pointed out this has existed for very long period.


The picture is clearer now and this is the reason why we should be careful how we click links that pops up all in the name of ads and cookies, these are what hackers and scammers use to get at their victims. I almost fell for this trap last year where I received a mail from a source that looks similar to my expectations at that moment. When I opened the mail immediately I got a warning so I had to check the source of the mail properly to be sure but I was not convinced and had to call for verification only for them to tell me that they are yet to send me a mail which means the mail I received was not from them, I deleted the mail and blocked the source. What baffles me was how they got my mail and know I was expecting a mail from that source and they sent me their scam mail. If I did not have called to confirm maybe my account would have been hacked and possible used for fraudulent activities.
hero member
Activity: 2366
Merit: 793
Bitcoin = Financial freedom
it raises the question: didn't these victims read about these previous cases, cause if they did, it should have aroused their suspicion.

Well, this hacks are bit complicated but yet executed via simple malicious links and these youtubers often receive such mails from people as well as from YouTube team for reasons like promotion and a moment of ignorance is what causes all these. YouTube should be the one to increase their security system and atleast give some cook-off period when someone wants to change their primary e-mail that holds the ownership but they still are not doing anything to stop them once and for all.
legendary
Activity: 2184
Merit: 1302
Playbet.io - Crypto Casino and Sportsbook
Real Madrid's superstar, Kylian Mbappe's X account was also hacked last month and the scammers used it to promote a fake Mbappe coin that scammed people as well, now it is the Supreme court of India that is "losing" its YouTube account to scammers.

So many prominent individuals and institutions get hacked and the scammers use their accounts to promote their scam, but people still fall for it, it raises the question: didn't these victims read about these previous cases, cause if they did, it should have aroused their suspicion.
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
This has nothing to do with insiders, as I pointed out earlier this specific kind of hack is happening via cookie stealers which is just when someone click the phishing link the malware will steal the logged in cookies of youtube account then the hacker will launch the attack which will just mimick logged in from different browser so the attacker will do every possible changes in the account from email, passwords and contact information in just matter of minutes so the actual owner has no way of recovering the account on his own.
Reasons are different such as actual hacks that we're discussing here, but other times, reason is not hack but it's about money incentivized. Influencers, celebrities sometimes care more about money, not about their reputation or moral principles. When they fall to money incentivized traps, they will cooperate with scammers. We are not them in these specific situations to know that they actually did not see people and projects they're cooperating with are scam and scammers. Maybe celebs are like us, when it relates to money, they will be more vulnerable to "too good to be true" offers, and don't see any scam.

The key is we can not trust others, and can not say if words come from mouth of person A, B, this celeb, that celeb, it's automatically true and safe. When we do things with our own money, we have to verify and double check many information, if we're careful and don't want to lose money. Youtube channels are hacked or not, it's their problems, not ours, and we only need to protect our money.
hero member
Activity: 2366
Merit: 793
Bitcoin = Financial freedom
I believe most of these hacks going on always have an insider. How come a sim swap was successful without the notice of the agency if nobody internally is somehow involved in this

This has nothing to do with insiders, as I pointed out earlier this specific kind of hack is happening via cookie stealers which is just when someone click the phishing link the malware will steal the logged in cookies of youtube account then the hacker will launch the attack which will just mimick logged in from different browser so the attacker will do every possible changes in the account from email, passwords and contact information in just matter of minutes so the actual owner has no way of recovering the account on his own.

As tranthidung pointed out this has existed for very long period.

legendary
Activity: 3318
Merit: 1185
Playbet.io - Crypto Casino and Sportsbook
From the title above, you can understand that this recently happened to Supreme Court of India YouTube channel. The channel was hijacked. The contents on it were deleted and the name and URL were changed. The hackers used the channel to play a fake livestream video featuring Ripple Labs CEO Brad Garlinghouse. It also urged potential victims to invest in the scam, promising unrealistic returns.

That hack is insane, and I’m sure a lot of people fell for that scam. There was also a similar hack here in the Philippines, targeting artists with a huge following, and the same coin was involved - they were running an XRP scam.

Filipino artists hacked to promote XRP scam

Quote
Ben&Ben, a nine-piece pop band with over 3 million followers on YouTube, announced on July 15 that their account had been compromised.

On their official Facebook page, the band said their YouTube channel was hacked, and their team was working to recover the page. While the band tried to recover the page, the account livestreamed a common XRP scam.
full member
Activity: 196
Merit: 91
nowadays, many social media accounts of public figures are intentionally hacked to promote these scam projects, it is certainly quite worrying because these accounts contain real followers, meaning there is an opportunity for these followers to see the promotion of the project and follow it. even this is the account of the supreme court of india, this is a pretty bad incident, because surely they are followed by many people and they also have an it team that manages the account, this will be a pretty serious problem and they should fix it so that incidents like this will not happen again.
It's not surprising that these hackers will target the accounts of celebrities, influential people and government agencies because they have many followers and majority of people will trust and follow whatever these people says. The lesson to learn from this India, YouTube channel hack is that we should not be too quick to trust any information on the social media no matter how influential or highly placed the account is because it might have been hacked. Secondly people should not be too quick to believe any investments on social media that promises very quick returns on the short term, it should be a red flag for scams. It has become very important for people to verify information thoroughly on social media before believing anything that is said.
hero member
Activity: 602
Merit: 543
For whatever reasons the hackers had in mind for their actions, it will do nothing than make the government of India become harder on cryptocurrency. Several social media hacks I have seen in the past aimed to extort money from people through cryptocurrency so I wonder why this one is to shill XRP. This activity will never help XRP in anyway, so the job of the hackers will be totally counterproductive.  Just like many people have said, these hacks is an indication that social media handles are not safe in anyway so one must be careful of the level of information they keep there.
sr. member
Activity: 728
Merit: 421
The rate at which social media accounts of reputable personalities, celebrities and influencers get hacked these days is alarming. Last month it was France player and now India Supreme Court account hacked and used to promote fake project.

Last year the US Security and Exchange Commission's Twitter account was hacked and used to announce the approval of Bitcoin Spot ETF. This single news brought a massive change in the crypto market. It was later confirmed that the account was compromised through a SIM swap. One will begin to wonder how a reputable and heavily funded organization like the SEC will not put the right security systems in place.

Days are gone when you will just believe any information because it is from the verified social media platform of an organization. You need to verify and cross-check the validity of such information because failure to do that will have dire consequences. There is also a need not to be greedy and make hasty decisions since it will make one a cheap prey to these bad actors.

I believe most of these hacks going on always have an insider. How come a sim swap was successful without the notice of the agency if nobody internally is somehow involved in this or would they say that they do not have the power to investigate and unmask the people behind such crime? They are always active to investigate and get information on everything but how come they never said anything about the sim swap that led to the wrong information disseminated to the world on crypto.

These days, it is not even advisable to depend on one source for information. One would have to be very sure of information they receive by doing verification from other source to confirm how reliable that information they got is real.  Even after you have done that and just as you have said about being in a haste to absorb such information, one would need to take their time to see turn of events as it relates to the update relating to the information if it would be in tandem or they would need to discard it so as to be on the safe side if it happens that such information could be harmful to them.

I believe the situation might have been handled urgently but I think the government need to do something about it because this might not be an actual hack but an attempt to delete contents from the channel and makes sure that the team is not able to make use of the contents or access the channel again making it irrelevant even if it's finally recovered. Sometimes those contents that was deleted might be lost forever if the team does not have a backup of every videos on the channel. Scammers and hackers are doing more bad than good these days when artificial intelligence could help to write scripts and programs with ease that will make the process very easy them.

There is a news circulating online with respect to the hack and it states that the page have been taken down (here.)
and I must commend the government for such quick intervention  because it would have caused a major damage to the people of India and the crypto community at large.  These are the things that makes people have negative mindset and thoughts towards crypto which  the government does not hesitate to use as facts when hitting hard on crypto.

Your Idea is quite interesting as I see the possibility of what you have said with respect to deleting the contents on the channel. Maybe they did that for some certain reasons best known to them and they deleted everything they had in mind to do and they already have their plans and intentions to cover it up saying it was a hack. Maybe there is a particular content that they feel might be used against or targeted at some certain aspect of the law which might be used against them or some certain sets of individuals of the elites which might have prompted such actions.  These days judicial system is very funny though and can not be trusted looking at their actions in most cases.

Unfortunately activating 2FA won't help in these specific hack because they use cookie stealers for this attack which is obvious sent to multiple emails at once and those who clicked them will become victims. The only way to recover the account after these particular hack is from intervention of YouTube support which may take days to week depending upon the channel priority and in this case this looks like official channel of government entity so they can contact the YouTube official in the country and resolve the situation as soon as possible.

They were actually fast in this as it has to do with the Indian government and You tube did the needful to help take down the channel  very fast in other to forestall any future or unforeseen events as it relates to the channel hack. However, such scenario could have caused a very big damage if the people of India had no prior knowledge of the account and the originality of its content. Now that is has been deactivated, the Indian government can do their work to see what really happened.
hero member
Activity: 938
Merit: 765
I stand with Palestine.
When famous people social media accounts get hacked it is serious. Hackers use these accounts to scam people with fake giveaways. Government should quickly warn public to stay safe. People managing these accounts should also be more careful with security. Social media companies need to improve safety measures and teach people about online dangers. Governments and social media companies must work together to stop hackers and protect users. If they will comtrol them or make high security which is not hackable so this can be good for everyone.
sr. member
Activity: 910
Merit: 284
Update:

The hacked channel was recovered just after few hours of this incident and now it claims to be in complete control of the original owner. I added the official statement from the Supreme court of India regarding their current situation.



And you can see the date and time on the sign which is on the same day itself so I hope not much damage done due to this incident but the sad thing is the recovered youtube account lost it's entire followers count despite restoring all the deleted videos which is a sign that those users are aware that this account is hacked and time to unsub.
hero member
Activity: 686
Merit: 403
DGbet.fun - Crypto Sportsbook
This is not new anymore, I trust the Indian people they will understand that this was an attack by scammers, it is not as if it will give XRP bad name, the aim of those scammers are the followers of the YouTube account.

You can't trust anything online anymore, there is nothing that scammers can't use against people to rob them, even if popular figures are asking for something they shouldn't be asking you just have to trust your instinct and run.

The newbies who are just starting to get used to crypto will face a lot, because lack of knowledge will likely make them not to question everything, it is a shame. I hope newbies will have the time to look things up before doing anything they are been asked to do..
Pages:
Jump to: