It has been reported that popular streaming service YouTube has been hacked. More than a dozen other artists, including Shakira, Selena Gomez, Drake and Taylor Swift are also affected. The original clips had been posted by Vevo. Despacito has been removed, but its cover image had shown a group of people wearing masks and pointing guns. The hackers, calling themselves Prosox and Kuroi’sh, had written “Free Palestine” underneath the videos. Several of the clips remain live at time of writing. IT security experts commented below.
Mark James, Security Specialist at ESET:
“The details currently are sparse so trying to figure out what they did or how they did it is not something that’s easily done. The problem with these types of hacks is the potential for damage caused. For YouTube it’s a brand and PR issue. For the artists it’s the personal damage of their brand being used for nefarious purposes.
Some YouTube videos collect hundreds of thousands or indeed millions of views. The ability to push information to all those viewers is massive and in some cases we could even see actions to trick the user into going to websites or following link.
For the end user it’s about having the security measures in place in case you are involved in a phishing attack or online scam. Utilising a good multi-layered internet security product and applying awareness when browsing web pages or clicking any links associated with the internet. The end user may be influenced by the information they see, if they trust the digital persona like a pop star or “Youtuber” they may be more likely to be scammed or tricked into going somewhere that may be malicious.”
Lee Munson, Security Researcher at Comparitech:
“The recent hack of popular music clips on YouTube seems to be relatively benign in nature, featuring a fairly tame political message and motivated by the ‘fun’ of the challenge.
In that respect then, it is in itself, nothing much to worry about for the video hosting site, though it does suggest that the defacement of videos is not technically difficult to achieve, given the number of high profile artists that have been targeted.
What exactly YouTube is doing to prevent content like this appearing via Vevo is unclear but it will be interesting to see whether other hacktivists jump on the bandwagon and use such sites to make their points in the future.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.