Names like Andreas Antonopoulos, Nicholas Merten and Ivan on Tech had their YouTube channels attacked by hackers over the weekend. According to Twitter profile Mr Whale, the attack promoted a series of cryptocurrency donation scams.
The scammers took control of the accounts and then posted fake videos asking followers to donate cryptocurrencies. However, the wallets belonged to the hackers and not the creators of the channels.
Big names were affected
Immediately after the attack, several YouTubers in the cryptosphere reported that they had their accounts hacked. The youtuber Boxmining, for example, even identified the IP number of the attackers, who used a server based in the Philippines.
I checked all my personal accounts for recent logins – there are none. HOWEVER, my Youtube brand account has a login from the Philippines ??? pic.twitter.com/CUtChNEz2D
— Boxmining (@boxmining) January 23, 2022
In response, developer Ivan on Tech also confirmed the attack on his account. “The same IP hacked me”, he said, asking the YouTube support team for help.
Who also had his account hacked was Nicholas Merten, cryptocurrency analyst and creator of the DataDash channel. According to Merten, the hackers managed to bypass the security of two-factor authentication (2FA) and publish a fake video.
Apparently, the hackers managed to clone the cellphone’s SIM cards to hack the accounts, thus circumventing the 2FA. In this scam, the hacker clones a user’s phone number and puts it in another SIM, gaining access to authentications.
The wallets used in the scam are Binance Smart Chain (BSC) addresses, and hackers managed to get 2.2 BNB.
Common scams: how to protect yourself?
The scams in sequence involving famous profiles on social networks have become common. The biggest recent attack of this type took place in 2020 and resulted in the hacking of dozens of Twitter accounts. Cryptocurrency exchanges and major investors were affected.
In this sense, it is important to be careful when dealing with this type of scam. Always enable 2FA recommendation on mobile via an external app such as Authy. Avoid performing authentication via cell phone as much as possible, as the theft of the number can leave your account vulnerable.