{"id":18717,"date":"2022-04-08T10:10:12","date_gmt":"2022-04-08T18:10:12","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/04\/08\/news-12450\/"},"modified":"2022-04-08T10:10:12","modified_gmt":"2022-04-08T18:10:12","slug":"news-12450","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/04\/08\/news-12450\/","title":{"rendered":"YouTube channels of Taylor Swift, Justin Bieber, Harry Styles, and other musicians compromised"},"content":{"rendered":"

Credit to Author: Christopher Boyd| Date: Fri, 08 Apr 2022 17:38:10 +0000<\/strong><\/p>\n

Some of the biggest stars around have seen content placed on their YouTube accounts without permission over the last couple of days. Taylor Swift has around 40 million subscribers. Justin Bieber? 68 million. Harry Styles, a respectable 12 million. You can even add Eminem and Michael Jackson to the list of those taken over.<\/p>\n

Big names, and even bigger numbers.<\/p>\n

The last time I can remember an all-out targeted attack on social media musicians was way back in 2007<\/a> during Ye Olde Myspace days. While the threat for mischief there was big, this new attack far surpassed it in terms of people seeing dubious content.<\/p>\n

Using Vevo as a stepping-stone to musician channels<\/h2>\n

According to The Record<\/a>, the attack specifically targeted accounts using Vevo<\/a>. The people behind it didn’t promote malware links, or spam, or phishing. Instead, they opted to post about a bizarre scam<\/a> involving a security guard.<\/p>\n

The scam involved a man claiming to have “2,000 tumours”, sentenced to 2 years in jail for grabbing around $319,000 in donations<\/a> for his non-existent terminal illness. The group claiming to be behind the compromise demanded he be set free<\/a> via their Twitter account.<\/p>\n

If you\u2019ve ever watched a music video from a major artist, there\u2019s a good chance you\u2019ll have seen the Vevo logo in the bottom right hand corner. This is the Vevo channel<\/a>, where content is uploaded. As Gizmodo notes<\/a>, videos are merged with the musician\u2019s separate YouTube channel. Existing YouTube accounts can also be merged to create Official Artist Channels<\/a>.<\/p>\n

Speaking to The Verge<\/a>, Vevo said \u201cSome videos were directly uploaded to a small number of Vevo artist channels earlier today by an unauthorized source.\u201d<\/p>\n

This is what Vevo\u2019s FAQ page<\/a> has to say on the subject of how uploads work:<\/p>\n

\n

Vevo does not provide access directly to artists. If your music videos have been delivered to Vevo, you must work with your existing Content Provider\/Label who will have access to perform these updates.<\/p>\n<\/blockquote>\n

What about your<\/em> YouTube security?<\/h2>\n

You may not be a multi-million album seller signed up to Vevo on YouTube, but you still need to lock down your YouTube account. Any compromise can lead to masses of spam or videos leading users off-site to phishing or malware.<\/p>\n

Signing into YouTube requires a Google account. As such, good Google security hygiene means good YouTube security hygiene too. We\u2019ve covered many Google-centric security concerns previously, but here\u2019s some things you can do now to lock down your account:<\/p>\n