You have heard the name hacker multiple times. Ransomware is a typical method of hacking, which exploits the lack of security to make money. When it comes to Google products, we haven’t heard the word hacking very often.
Yesterday (10/04/2017), we witnessed one of the major security breaches in the history of YouTube. Truth be told, it’s not the issue of the world’s second popular search engine’s end. A few Vevo accounts on the platform had been compromised.
Despacito Disappeared from YouTube for a Few Hours
You know Vevo, which is a US-based joint music venture between Universal Group, Sony Music Entertainment, and Warner Music Group. They managed to rope in multiple singing celebrities under their belt. However, Tuesday turned out to be a day they want to forget.
Yesterday as we tried to find the size of the attack, we found out the hacking group got the access to the channels of DJ Snake, Drake, Iggy Azalea, Katy Perry, Maroon5, and Shakira. What they did at first was changing the video title, description, and thumbnail.
For some videos, the thumbnail was a scene from a Spanish TV series named Money Heist, in which over a dozen masked people pointed guns at the camera. Some other videos, they changed the thumbnail to an image that said CLIKE.
Of course, it isn’t an attacked targetted the whole platform. Even Vevo has admitted that their security has been compromised. It is logical to believe that the attacked channels come from the same Google account.
Despacito faced the brutal situation of all the compromised videos. At first, the attackers changed the title to “Hacked by Prosox & Kuroi’SH & Shade & Akashi IT & KiraRoot & Xepher & SenpaiWeb & Misao…”. Not to mention, they have altered the description and the thumbnail as well. It first came to our attention by 13:45 IST in the noon.
About an hour later, the hackers have removed the video from the platform. When we tried to access the video, all we got was ‘This video has been removed by the user’ flag.
You can see the screenshots I managed to take when the videos were compromised.
After a few hours, everything went back to the normal state. YouTube responded to the issue saying ‘after seeing unusual upload activity on a handful of Vevo channels, we worked quickly with our partner to disable access while they investigate the issue’.
On the other hand, Vevo has admitted the security breach and they said the issue is under investigation now.
Prosox tweeted that he/she/they did the hack for fun and he/she/they used a script to alter the titles in bulk.