Linus got hacked!?!?!? - Honest Answers Episode 3
0 up · 0 down · 0 ratings
Promos
What's up with Amazon Associates, the hack, and more here on Honest Answers Episode 3! iFixit link: Use offer code LINUS to save $5 off a purchase of $10 or more at ifixit.com Massdrop link: dro.ps Buy Amazon Prime: geni.us Discuss on the forum: linustechtips.com Affiliates, referral programs, & sponsors: linustechtips.com Join our community forum: bit.ly twitter.com @LinusTech Intro Screen Music Credit: Title: Laszlo - Supernova Video Link: youtube.com iTunes Download Link: itunes.apple.com Artist Link: soundcloud.com Outro Screen Music Credit: Approaching Nirvana - Sugar High youtube.com Sound effects provided by freesfx.co.uk
Linus Tech Tips acknowledges a complex continuity of events around mid-2016 where the LinusTechTips ecosystem faced a security incident involving both the Amazon Associates program and social media accounts. The video opens by addressing multiple rumors about a hack and the abrupt branding change on the LinusTech Twitter account, alongside the termination and reapplication of an Amazon Associates account. Linus explains that Amazon warned about non-compliance and that the process to rectify the issue was hindered by limited communication channels and the large backlog of older videos. He clarifies that the old tracking IDs and links remain inactive but hints at a strategy to update videos to reinstate affiliate links under a new tracking setup, ensuring revenue channels can recover. The discussion then pivots to a broader lesson about security hygiene and the reality that large brands can still fall prey to targeted social engineering, emphasizing that the breach did not stem from weak server defenses but from account-level compromises through identity fraud and SIM swapping. In the middle section, Linus recounts the social engineering and SIM swap attack that affected his own personal accounts and the LinusMediaGroup domains. He describes how an attacker manipulated phone providers and registrars to forward calls and texts, thereby gaining access to multi-factor authentication channels and control over critical accounts. He stresses that the attacker did not access Linus’s servers or customer data, but exploited weaknesses in identity verification and phone-based verification. The narrative places a strong focus on the cascading risk of single points of entry across email, registrar, social media, and phone services, urging viewers to conduct comprehensive security audits and to demand robust identity verification processes from service providers. The segment closes with a practical pivot: Linus announces concrete steps to strengthen security, including moving the official LinusTech Twitter handle to a dedicated corporate outlet and launching a new personal account to better manage communications, while continuing to leverage the team to improve response times and product showcases. The closing portion highlights a plan of action and community engagement. Linus congratulates the Tech Quickie team and teases future content, reinforcing the notion that transparency about business operations strengthens trust with their audience. He uses the incident as a teachable moment to advocate for stronger multi-factor authentication practices, balanced with common-sense reminders about not relying on a single verification channel. The video ends with promotions for sponsor links and product recommendations, but the core message remains clear: security is an ongoing, shared responsibility, and the Linus team is committed to improving practices while keeping viewers informed about changes in their social media footprint and affiliate strategies.
Topics · technology · security · transparency · business · social-media
Questions answered
- What caused the Amazon Associates account to be terminated and what steps were taken to recover revenue channels?
- Amazon notified non-compliance with the operating agreement, leading to termination. Linus described reapplying for a new account and keeping inactive old links while pursuing a method to update old videos to use the new tracking ID for reinstated affiliate links.
- How did the Twitter and email accounts get compromised, and what broader risk does this illustrate?
- Attackers used social engineering to take control of the Twitter handle and registrar email, then gained access to phone-based verification, enabling call and text forwarding. This illustrates the risk of single points of entry across accounts and the importance of robust identity verification and alternative verification methods.
- What security steps does Linus recommend to viewers?
- Conduct a security audit to remove single points of entry, verify who is authorized to change accounts with providers, strengthen multi-factor authentication, and avoid relying solely on SMS for verification. Create separate emails for valuable accounts and maintain good password hygiene.