How my YouTube channel got hacked!
HTML-код
- Опубликовано: 8 сен 2024
- If you would like to support the channel you can do so via the links below :)
✅With a tip :)
bit.ly/3gtFAg8
✅Be a member of the Cam Fam!
bit.ly/3gn1vqv
✅iRacing referral link -
www.iracing.co...
Below is a list of the current equipment on my rig and what I consider to be my dream setup!
Rig 1
✅Sim-Lab P1X Pro Cockpit - simlab.prf.hn/...
✅Asetek SimSports Invicta Wheelbase (5% discount with this link) ✅www.asetek.com...
Asetek Quick Release (5% discount with this link) - www.asetek.com...
✅Grid by Sim Lab Porsche RSR Wheel Rim - prf.hn/l/pmwqWge
✅Sim Lab XP1 Pedals - simlab.prf.hn/...
✅Fanatec Shifter - fanatec.com/eu...
✅Grid Brows - prf.hn/l/vyAjqeJ
✅PSE Pro Switch panel - www.precisions...
✅Grid by Sim Lab Porsche Cup button Console - prf.hn/l/yOw5p0e
✅Orouge Cold Fusion Seat - o-rougeshop.co...
Rig 2
✅Sim Lab P1X Cockpit - simlab.prf.hn/...
✅Asetek SimSports Forte Wheelbase (5% discount with this link) - www.asetek.com...
✅www.asetek.com...
✅Heusinkveld Ultimate + pedals - heusinkveld.co...
✅Sparco R333 Seat - www.sparco-off...
✅I am now partnered with the amazing Coach Dave Academy! Get your setups below!
ACC Setups - coachdaveacade...
iRacing Setups - coachdaveacade...
✅Like the overlays I use on screen? If you would like to check out Racelab, you can do so on the link below.
Sign up with the code DAVECAM and get 10% off your first 3 months!
racelab.app/
✅iRacing liveries supplied by the super talented Tam Livery -
tamliveries.com/
Socials -
✅Dave Cam Facebook Group
bit.ly/2TyTW7e
✅Join our super friendly Discord Server
bit.ly/2TyU4Ug
✅Follow me on Twitter
DaveCamYT
✅Follow me on Twitch
bit.ly/3gn9yn4
Some of the above links are affiliate links which means I get a very small commission every time someone buys via these links at no extra cost to you. This all helps keep the lights on and the wheels turning :)
You may have noticed, my channel name is still Ripple. The 'hackers' changed my channel name twice in the 24 hours they had control which means I can't change it for 14 days. I've emailed Google 👍
Have you tried contacting them on twitter? They seem to respond better on social media than through emails.
Uhm, so thats what happened. I saw a video that this channel, Ripple, posted and I thought, Ive never seen this channel, why am I subscribed to it? So I immediately unsubbed.
Glad you could recover the channel mate and I already subscribed again👍
You didn't loose much content did you? Glad your back mate. As soon as you shared the email (and I've not gone past 1:40 yet - ) The very first and only needed Red Flag was the email address of the sender. Domain is incorrect. Dave, If you would like - I would be more than happy to chat with you and your audience on basic cyber security practices we should all follow to improve our lives. I've been a CISO for many organizations and serve as a consultant for this very purpose (this is for the benefit for all of us, not reaching out for financial gains).
No worries Rip! 😁 Seriously sorry you have to go through that.
Ahh ramn
So glad you got it back Dave! My heart sunk when I saw what happened 😢
Also, I'll definitely be checking emails 3 times over from now on!
Thanks Matt 😁
On Windows folder view options, make sure you turn on "Show hidden files, folders, and drives" as well as unchecking "Hide extensions for known file types". This could have helped you more quickly identify the PDF was an executable.
Given how Microsoft keep banging on about security and keeping PCs up to date, having file extensions turned off by default is the worst security flaw
But also remember that LEGITIMATE PDF files can have malicious JavaScript payloads. (Thanks Adobe 😬😶🌫️)
Beyond that email address which to me was a HUGE red flag, the other thing you could have picked up on is the grammar of the first email which was terrible. That will NEVER EVER happen in an OFFICIAL corporate communication. I worked in Banking for over a decade so I am HYPER vigilant about security and fraud prevention. I hope this isn't received as critical as all I want to do is highlight more red flags for yourself and anyone else seeing this to avoid more people getting done. Glad you're back Dave and I have resubbed today as well. 🙂
email grammar isn't really a giveaway but the email domain could of been and also the files. He was good to message the actual company about it but should of refrained from messaging the orginal email until he could confirm it indeed was legitimate or not.
@@cobblett could have, or could've, never could of.
Dave - don’t forget to set up Multifactor Authentication for your Google Account.
2FA is important, but this method of hacking can be accomplished regardless of having 2FA or not. It's gotten some big RUclipsrs, such as Linus last year. There's some videos that discuss it, but as Dave said, it basically copies the environment of which you are using with everything currently logged in over to their system.
That's the same way LTT was hacked. Glad your getting it under control Dave. Love your channel.
Appreciate your honesty Dave, its pretty embarrassing when you get fooled by these complex scams
Scariest I've had was from a bank phishing scam, they'd contacted me about fraud and included my last 3 purchases. Fortunately I'm paranoid when it comes to PCs so phoned the bank rather than click the link.
LIKE A PHOENIX RISING FROM THE ASHES!!!!!!! 🙌🏻🙌🏻🙌🏻🥳🥳🥳
So happy you got this all sorted Dave! The community would be a darker place without you.
Great to have you back 💪🏻💪🏻💪🏻
Mate And you SCOTT! :) nice to see you here!!
Sorry to hear about this, but it looks like you got it back and you're alright with your content all being there, we have to be grateful!
Please continue posting amazing content and stay alert!
Thanks mate 😁
This is literally my worst nightmare from a RUclips business perspective, glad you were able to get the content reinstated. Did you have 2FA enabled? I'm wondering if that would have kept this from happening.
Yes as far as I'm aware 2fa was enabled 🫤
This attack steals the cookies not the actual password so it doesn't need to bypass 2FA to function as it just uses your saved browser session
That's smart but you'd think Google / YT would force re entering your PW if any drastic changes to the account are being made like changing the name or email etc.
@@cr7pt0pl4gu3You're missing the point. 2FA is not important/relevant to the session hijacking. The issue is that Google does not enforce 2FA 100% of the time when you (or the hacker who has access to your account until the session expires) request changing an account password. Simple as that! If they did, ie you ALWAYS get a confirmation SMS, the hacker cannot take over your account.
@@cr7pt0pl4gu3 The real issue is google do not enforce 2FA 100% of the time when you (or the hacker who hijacked your session because you ran an dubious exe) change your account password. So 2FA is central to the reason people actually lose their account and google could easily fix that. But I guess they decide if people are stupid enough to run an promo executable they deserve to be hacked. I can think of no other reason why this exact hack is still happening a year later.
I don't watch Sim Racing videos much anymore, but I'm giving you a subscribe to help build your subscriber count back up. Hope everything goes back to normal or even better, Dave.
Ditto, just subscribed, best of luck buddy, can happen to the best mate 🤷♂️
Actually it's not very helpful. I mean from youtubes algorithm perspective dead subscribers (those who don't watch content from the channel) are not very good as well.
@@here2race you must be fun at parties.
@@MarkoFavre at times yeah
Sorry to hear this man. The SAME EXACT thing happened to me last year. It was a freakin nightmare.
You’re lucky they didn’t delete your community posts. I seem to be one of the very few that had my community posts deleted 😢
Yes it was truly awful, but I guess it could have been so much worse 😁
@@davecamyt Yeah for sure man!! Glad to hear you’re back up and running though 🙂
Happened to me years ago with my email adress. I was a freelancer back then.. and they sended out spam mails with viruses inside to every contact in my email account, so also to every client too. That felt very embaressing in that moment.
"No one is going to steal anything from me" -Dave. Thinking you have the 'bad guys' figured out will actually leave you a step behind. I am glad you got all your content back, stay smart!
All the best to you Ripple, I'm glad you're back. You're one of the good ones
That sounds like a nightmare Dave. Fortunately for me stuff like that will soon be a thing of the past when I get £500,000 for helping out a Nigerian business man who needs help overcoming corrupt officials.
Give me a shout when you get it. I've got a lady from a church in the states who wants to help me out too 😁
Dave, loads of alarm bells ringing on that email, the email addy alone is suspicious in itself. Additionally the vagueness in their email structure and not being specific to you is normally a dead giveaway. It’s all automated hence the dear content creator and follow up email just saying hello. Glad you got it sorted and lessons learnt mate. Now show us a master class in racing ❤
That sucks Dave, but I'm glad you are back and thanks for the info.
Thanks for the update Ripple, hope its all resolved soon.
It's such an important message. I work in IT Security and our number 1 message to everyone in our organisation is "be wary of emails, if you're even a little bit unsure, check". This is pretty much the way the vast majority of hacks happen now, so thank you so, so much for sharing this Dave.
I do as well.
Emails are always such a vulnerable point of malicious activity.
Scary how quickly an executable can snag a session token.
First line of defence:
If the @THIS does not match or come close to "I AM THIS"... They are NOT THIS...
This goes back to the 90's!
Sorry you got hacked.
Glad you’re back Dave, these mails are NOT easy to spot. I work in IT and have regular training to avoid such things and even then some come close to getting me.
Yesterday I looking for your latest Mac from the back video, I started to worry about you when I couldn't find that video and then none of your other videos, glad to hear you got everthing sorted and you're back online.
I had the exact same email sent to me, however because of work and lifestyle changes I've not been able to keep my channel going and not uploaded a video in over a year. So for me I smelt a rat straight away, and yes I avoided it by looking at the e-mail address. This is what I do with any email I receive these days and have done for just over 6 years.
The internet is awash with scammers and hackers these days as there is a lot of money to be made, social media platforms being the worst overall, but you just need to be mindful whenever you get an email/text etc. Glad you got everything sorted though, boy it's good to have you back Dave!
Everyone will be back Dave then some. You do a ripper job and we all love what you do
Just noticed I was unsubbed. I went ahead and smashed that button all over again, my friend! Sorry to hear this happened. Happy to have ya back!
Better still ... don't open the email and contact the company directly. Always scan all files and keep protection software up to date. But very happy your back online and doing what you love to do and share :)
Sorry about that brother. Glad everything is back to normal!
Wild. Happy to see that you’ve got it back under control.
I just subbed after seeing GP Laps comment on Twitter to you. Glad you got things back!
So sorry to hear this happened to you, but glad it got resolved quickly. I can only imagine the nightmare it put you through.
You are a great human being Dave. Thanks for sharing and caring. Glad to see you are on the sunny side of this. Love your work.
I was one that unsubscribed when I saw that I was subscribed to Tesla. I'm glad you're back and I'm resubscribed!
Hi Dave, I am sorry you had to go through this. It must have been absolute torture. I know trying to build subs in sim racing is tough as hell. Glad to hear it's all sorted now. I just wanted to say thank you for doing this video. My channel is now at the point where I am having company's contact me and it's served as a reminder to be cautious and not everything is as good as it seems. Again thank you for doing this video.
GL, be safe. Invest in a password manager like 1password, don't stay logged in, and learn from the mistake! Surprised even Microsoft Defender didn't pick up the executable. Glad you're back!
Dont put your passwords in someones hands if you cant know what they'll do with it or how its protected.
Better look into open source software like keepass. There are a lot of ways to get it synchronised with your devices
@@I_Like__bananas 1Password's security is pretty well-documented. While storing stuff locally in some manager may seem safer, one of the problems becomes how do you safely sync across devices while ensuring that you don't fall into some of the original problems we're attempting to avoid, like password sharing. Certainly it can and is done, but the bar to entry becomes well-above the average computer user's technical know-how or willingness, sadly.
Good to have you back Dave! I was a little bit puzzled when your account was gone today...
This explains why I was confused yesterday as to why I was subscribed to the Tesla US channel! Glad to hear you've gained control, and it'll slowly come back! I'd hate to think about the hard work you've accomplished just disappearing!
Im glad you’re back! And I’m glad they didn’t wipe your existing content!!!
Lost me Dave, was unsure what or how I had a sub to the false chanel. Glad you posted an hosest report of the incident. Now you're back, I'm back. Keep the great content coming!
Dave, horrible situation. Glad you got this sorted out.
Thanks for sharing your experience Dave. Glad you are back and okay
Crazy, I was looking for your channel today about the triple monitor stand review you done a while back, I finally found ur channel but yes it read ‘ripple’ I fought was strange, anyhow good to see u back! 👏
Sorry you had to deal with that Dave, thanks for sharing the details!
Sorry to hear this happened Dave but so glad people acted quickly to get it all back to you. Top channel from a top bloke. Keep doing what you do 🙏🏻
Good to have you back Dave! Usually a fake email is easy to spot, no spelling mistakes in that one though made it look legit. Unfortunately you probably won't be the last person to fall for these scams but good on you for acknowledging your error & highlighting for all of us that unless we're more careful it can happen to anyone, even ex-cops
Geez Dave, I am really sorry that you had to go through this. I am also sorry about the subscribers you lost but I think that is a small price to pay to be back and running. Let’s get you to 100k! Looking forward to the REAL DAVE content. 🙏
Sorry to hear that, but glad you sorted it out, and back on track again 👍
One of firsts steps for me, when reinstalling Windows, is to to tick that button in FileExpoler, Always Show The Extensions, amd for known file types. Then you should noticed it too it's an EXE actually.
I saw this Ripple channel on my RUclips yesterday and was wondering why, so I deleted it, but I didn't notice your channel disappeared. This morning while looking for new content to watch I noticed that there was nothing from you and then I saw that your channel was missing. so don't worry, I'm back as a subscriber and I'm sure many of them will join us too
You're literally one of the most genuine dudes on RUclips and it's a shame this happened to you. I'm glad to see you got your channel back and you're using your platform to spread awareness about this scam.
You’ve got our support from Western Australia, Dave. Unfortunately you’re still ripple but will support you all the way. Great channel shame about the bastards
You're still called Ripple to me.
yeah Ripple for me too
Same
Same
I've heard Ripple is an animal on track. Drives like a proper dick apparently 😁
Hahaha, lovely..😄
Hi Dave, glad you've got it under control! Last night I got a notification from Tesla US, so I clicked and there was a video of Elon talking about something, I thought what the hell is this and then saw I was subscribed to that channel, I thought how odd, so first thing I did was to unsubscribe. After watching this video you've just put out, it's all making sense now what's happened and I will re-subscribe right now, probably those 1700 or so subscribers you lost, did the same as me.
Thanks for the update “Ripple” 😂 hope you everything back to normal.
I'm happy you got your channel back mate!
And thank you for the information!🙌
wow, that's a nasty incident. Glad it seems to have worked out, and thanks for sharing your experiences. Now keep up the good work with simracing.
Glad you were able to recover from this quickly. Maybe it’s a good idea to verify such attachments from a device which is not logged in to anything, preferably also not a device running Windows.
Thankfully RUclips acted quickly. It took another channel which I'm subscribed to about 3 months to regain control after his account got hacked. Glad you got it all sorted. 👍
Glad everything worked out for you Dave!
Hello Ripple AKA Dave cam. Sorry to hear that you got hacked. Let this be a warning to all RUclipsrs. Your content is excellent please don’t get hacked again. 👍👍👍👍
Awful experience Dave, glad you got things sorted and it didn’t get worse than this.
Probably you can state you got even lucky it was ‘only’ this.
It feels terrible indeed….
Happy your back in business though and looking forward to your next video.
What a nightmare Dave, luckily you are up and running and let the subscribers come back and even more
Thanks Dave, appricate the hard work to keep the channel up. Saw it go down yesterday and wondered what happened.
Sorry to hear Dave, always good to double check those email addresses as I’m sure you know lol also as I saw others mention turning on file extensions and hidden files in windows helps a ton
Thanks for taking the time to do this video, this is very important info.
so glad you got it back mate . i had to resubscribe i hope everyone who was unsubed by this can get those numbers back
I'm just glad you're back dave.
So glad it worked out for you Dave! Give my regards to your partner, she rocks.
So glad you are sorted Dave, great to see you back on line 🎉😊🇬🇧👍🏻🏎I did message you on X BUT I’m not a Bot 😂
All this talk of Cookies has made me hungary! Don't worry Dave i'm gonna pop down Tesco to get mine, because i'm a decent human being.
Chin up mate! Always good for your viewers to learn this lesson. Thanks you
I was one of the 1700 😊 woke up this morning with a YT notification from Tesla, unsubscribed immediately. Don’t worry, I’ll be back! (for a small fee, of course 😊😊😊😊). Very useful video, thanks Dave!
Glad you didn’t dramatically retire but what a shame you got hacked!
My favorite sim racing legend, Ripple Corporate
Glad you got sorted Dave. Was happy to see you had it back this morning. Though my 2 year old daughter was less than impressed seeing your mug instead of Blippi 😂
keep your head up! you got our support!
Wow that is terrible - I was one of the people that unsubscribed since it showed up as something else but this showed up in my recommended videos anyway so hopefully you get everyone back!
Hopefully you’ll be back to old numbers, the community doesn’t just go away c: 10K views in 3 hours, not too shabby!
Glad you are sorted Dave - kudos to you for being bold enough to tell the story as you can feel very stupid when things like this happen. The fact you have told your story means you will have stopped other people making the same mistake.
I almost called my wife crying when I heard the news ! Glad you got it back Dave. Stay strong mate we love you !
Cheers from Paris
It completely ruined my afternoon yesterday I couldn’t watch your videos after work!!!!!!
I’m so glad everything is all good Dave!
This makes some sense now - I noticed last night that I had a Tesla channel in my subscription list, which I thought was odd because I have zero interest in Teslas. Tbh, I put it down to the algorithm trying to push it on me, and ignored it! Never thought it would be the hacked face of an actual RUclips channel!!
Really glad you got it back so quickly! It's terrifying how far they'll go with this sort of thing!
Hey man I'm Glad you're back! I was worried about it!
Ah man, sorry to hear this! The same thing happened to me after I gained my first few thousand subscribers. Thought I'd made it to have a sponsorship offer... Shouldn't have clicked the exe file! Fortunately all the hackers managed to get into was my Facebook account. They tried to run ads of thousands of dollars, but thankfully the credit card linked to my account had expired. My youtube channel was luckily untouched.
This tactic is commonly known now and humongous RUclipsrs have shared this knowledge months ago. I'm glad you've been honest and shared your experiences. Your video can add to the many others - hopefully it'll help raise the awareness of this technique since not everyone knows about it.
If i was a RUclipsr, like yourself, i would set up another user account on your computer, one that doesn't have admin rights to read these. Or i would have a laptop/computer just for reading these emails. Obviously in either method, you wouldn't be signed in to any accounts so when someone like this happens (again) then they can't steal anything. You can use an email client to read your emails instead of reading them in a web browser like Chrome - as in your account credentials is in a piece of software (the email client) that the info stealer is not looking at.
Hey Dave, great you got the channel back. For reference always check the sizes of pdf files if you suspect something. These supposed pdf files tend to be huge in size compared to normal pdf files. Always check that if you're unsure
I was wondering where you went, glad your back though!
Hang in there Dave! Were here for you, I actually did have my house broken into, closed the door and changed the locks behind my back with my belongings in there (Sim included), horrible feeling, i hear and ache for/with you. Keep up the epic content! See you on the grid.
Hi Dave. Wasn’t a subscriber before, but seen you on Basic Ollie’s channel and you always seem so decent. Now subscribed to help you get those 1700 back
Thank you David, appreciate it 😁
Hey Ripple! Glad you got control back!
Hey Dave, I unsubscribed at first because I had no idea what Ripple was. But now I'm back! Glad you got everything back.
I hate that had happened and I didn’t realize that it did but I’m glad it got sorted out for your sake.
Just a shoutout to Windows Sandbox - by enabling this feature you can start a sandbox within Windows (basically a virtual machine) with one click in which you can check files or links that you are suspicious about. Afterwards, just close it and everything that happened within this sandbox is removed.
It takes seconds to start - fully worth it to make sure your system does not get affected by things like this!
Exactly the same method of cookie and session hijacking that Linus Tech Tips went through. Really glad you're back!
Glad you're back Dave! I had unsubscribed and now I've re-subscribed.
I though something was funky when when I saw a RUclips channel notification about Tesla going live. Last time I saw that was when Linus Tech Tips got hacked. When I realized that it was your channel, I hoped that you would be able to get it back soon. I didn't unsubscribe because I had faith. Glad things worked out for you though. Cheers 👍🏾
Gotta be more paranoid Dave! 😁 I wondered why I hadn't seen a video from you for a day or so 😛
Best wishes getting everything sorted; nuking the infected computer after you realized what'd happened was a pro move. However, if it was connected to your home network, you might want to make sure everything else is clean. The program you were infected by might not be that advanced but an ounce of prevention prevents a ton of pain. *Be Paranoid*, because as you just found out, they are in fact out to get you 😝
Glad to have you back, Dave. ✌
Got your back Dave. Thank-you. Great tips.
Glad you got your channel back Dave!
I was almost hacked this way; I got an email offering a sponsorship, but luckily I double checked by calling the company who the scammers were pretending to be.
I later learned that password protected files are essentially always malware.
Although I'm passed my simracing itch (for now), I still watch your channel from time to time. Sorry you went through this mate, but big respect for sharing this for general awareness. Just to chip in on this, for more awareness I guess:
On the first email...
If they're serious, they would have used their own domain and wouldn't be using some random email provider - strike one (a big one, I'd stop there already and report it to surfshark tbh)
On the second email
Dropbox link for providing documentation (why wouldn't they publish this as a webpage in this day in age) - strike two
Password in the clear (internet security company breaking one of fundamental security rules) - strike three (or black flag! :D)
WinRAR as a zipping tool of choice - strike four