They delete all the videos from the YouTube channel of the ‘streamer’ Ibai Llanos after the theft of his account

June 12 (Portaltic/EP) –

He YouTube channel of the ‘streamer’ Ibai Llanos has been ‘hacked’ this sunday by a group of cybercriminals who, following their modus operandi, have eliminated all posted videos in the account and has exchanged them for a Tesla presentation with Elon Musk.

Although the well-known ‘streamer’ uses Twitch as the main platform for broadcasting his content, his YouTube channel has 10.5 million subscribers and, until this Sunday, he had multiple videos that he was posting from the start of his channel in 2015, adding a total of 2,845,058,371 views since then.

Now, all videos on the channel have been removed for group of cyber attackers who have stolen the account. As has happened on other occasions, for example, in the case of the ‘hacking’ suffered by the ‘youtuber’ Atlas in January, after deleting the content they have replaced it by videos of the electric car brand Tesla.

In the new content, its CEO, Elon Musk, also appears and is deal with issues related to cryptocurrencies, among other things. This was confirmed by the ‘streamer’ through a Twitter post in which he complained about this cyberattack and accused Elon Musk himself.

The fact that you have hacked my youtube channel is something that touches my balls @elonmusk you fucked up my sunday asshole pic.twitter.com/NZzu5Y51Yt

— Ibai (@IbaiLlanos) June 11, 2023

That is, the group of ‘hackers’ is dedicated to impersonate channel and uses it for expand cryptocurrency content. Specifically, in the case of Ibai Llanos, they have changed channel name to ‘Tesla’, as well as the cover image and logo, which also featured Tesla-related content. In fact, at the time of the ‘hacking’ a message began to be issued direct assumption about the Tesla Cybertruck model.

Currently, the Ibai channel no longer displays any content related to the brand of Elon Musk’s cars, but it does keep the name ‘Tesla’, and the videos and content of the ‘streamer’ continue to be deleted.

At the moment, only the logo image and the main image of the channel appear, as they were before the account was stolen.

HIDING OF THE ACCOUNT THROUGH ‘MALWARE’

How they have ‘hacked’ the Ibai Llanos channel is the great unknown. However, as explained by senior security researcher of the cybersecurity company Kaspersky, Marc Rivero, in a statement, in these cases it is usual to resort to the hijacking of the account through the use of ‘malware’.

In other words, in cases of theft of YouTube channels, a session theft is being carried out and, with it, the hijacking of the account and the making of fraudulent transmissions related to cryptocurrencies. All this, through the use of ‘malware’ that infiltrates the victim’s device.

This ‘malware’ can infect someone on the computer or anyone else have access to YouTube account of, in this case, Ibai Llanos. Thus, through the ‘malware’ the malicious actors They gain access to browser data, including passwords and login cookies.

According to Kaspersky, the attacker gets exact copies of Chrome and Edge and other browsers, including the session tokens for all websites in which the user was logged in, like YouTube account. In this way, the attacker can access the account without the passwords, and can even enter without the need for two-factor authentication.

In the event that the The perpetrators of the attack were the same as those who ‘hacked’ the ‘youtuber’ channel Atlas in January of this year, the theft was carried out based on an alleged advertising offer, as explained the ‘youtuber’ himself through a video.

That is, the malicious actors send an alleged advertising offer to the ‘streamer’ by email. After several conversations between the supposed client and the ‘youtuber’, the cybercriminal sends files related to the advertising campaign to be downloaded to be able to view or use them.

These files can be anything from documents to advertising videos, programs or game tests. In addition, many related files are often sent at once so that the infected file goes undetected.

Once all have been downloaded, the infected file throws an error notification and, while the user tries to fix the errorhe virus is installed and malicious actors take advantage to take control of the computer from distance. In this way, cybercriminals access the sessions that the user has open and that is when the YouTube account is stolen.

Thus, their deception is based on contacting the ‘streamer’ posing as a client interested in an advertising agreement that ends up being a cyberattack with which they manage to gain control of that channel and even the computer. After that, he they change their name, delete their content and post a video or content with which they try to scam more victimsfor example, related to cryptocurrencies.