Hello Reader,

Why this Alert?

What started with a YouTube Creator who contacted me to say their channel got hacked, ended up with us busting an entire Hacker ring!

This is what happened:

Many YouTube Creators get together on Discord where they share YouTube tips, discuss video ideas, and give feedback on thumbnails. They also recommend services such as Thumbnail designers and video editors as good ones are hard to find.

When I was contacted by a YouTube Creator who had their channel hacked, we couldn’t figure out how they got in.

I started to look at the various services they use and that is when I saw that they used “Kahil” as their video editor.

Kahil, not their real name, was based out of the Philippines. He would edit this Creator’s video and upload it to the Dropbox folder.

So far so normal. Many YouTube Creators do the same.

HOWEVER, here is where it goes horribly wrong.

I asked to see the videos that Kahil was working on. This was a Finance channel and it was mainly screen recording of financial trades.

I noticed that in one screen recording, it showed the Creator’s screen while logging into their Google account where you could clearly see their username and password! (the Creator clicked on the “show” button forgetting it was being recorded.)

Kahil could see the info.

However, this alone doesn’t mean that Kahil hacked their channel; especially since Kahil has been working with them for weeks on several videos.

So I needed more to go on…

The Plan

What I did was create a fake Crypto website. I created one username and password and gave that to the Creator.

He created a Shorts video where he screen recorded and “by mistake” showed his username and password as he logged into the website.

This was sent to Kahil to edit.

I was monitoring the activity on the site and a couple of hours later, there was a login.

It wasn’t from the Creator. It was from India!

So now we knew that Kahil was involved. But since Kahil lives in the Philippines, why was the login from India?

I can’t get into those details, but it turns out that Kahil was innocent. Well, sort of.

What he did was sell a video editing service. However, what he was actually doing was subcontracting that editing to a person in India. And that person sold the login info on the Dark Web.

But it gets worse…

The person in India was actually part of a hacking ring made up of at least 3 “video editors” that we know of. They sold their editing service to middlemen who then sold Editing services to Creators.

The hacking ring was basically waiting for raw videos that had confidential info. While they waited, they were getting paid to edit (and they were actually pretty good at it too🤦‍♂️).

As a side hustle, they would sell anything that others could use and even gave video ideas to other Creators in India so they could make the video before their “client”.

What should you do?

This is still going on so there is limited info I can share, but it turns out that Kahil’s service was rapidly being shared on Discord and he had many YouTube clients, which put them all at risk.

And there are many “Kahils” out there too…

So if you work with an outsourced editor, make sure you have a document that specifies what they can and can not do.

Make sure they are committed to having a secure system and are not allowed to share your videos with anyone else.

Of course, we need to be able to trust our team, but I would highly advise not to include any sensitive information in the video and just rely on the note to the editor to “take this bit out” or “blur this bit” – they will be able to see it.

We go in-depth into this in the YouTube Security Course in the Working With A Team Module and I provide some templates for on-boarding a new team member and an off-boarding form when they leave.

Keep safe out there,

The Security For Creators Team

Was this sent to you? Sign up here.

Want to secure your YouTube channel? Start here.