Jump to content

No deal - where’s Simeon?


Fleer

Recommended Posts

I'm really sorry Simeon. I hope things get sorted soon. Owning a dot com myself, we get thousands of hack attempts every week. There's no shortage of malicious people in the world. But there are many of us who appreciate you and, don't worry,  we're not going anywhere. I wish you the best. 

Link to comment
Share on other sites

Hello everyone,

I am sorry for not chiming in sooner, it has been a bit of a mess to say the least. In short, I fell prey to a classic collaboration phishing attack, the most convincing I had ever seen.

The hackers were posing as Lichty Guitars and wanted me to select one of their custom made instruments to inbox and share my experiences in a video. The communication looked legit and did not give me a reason to doubt the authenticity, but their trap was about to be sprung. 

Thursday about 12:00 pm EST, I opened an application from them (the impersonator) that was able to steal what I believe were my SESSION COOKIES, giving them a way to bypass the usual Two Factor Authentication I had set up. Things happened very quickly from there.

After closing my computer we went out and on our way I get a Two Factor Prompt that someone was trying to log in from the Netherlands. I clicked NO This Is Not Me, but the damage was done. I tried pulling over to try and change my password but they had already gained access and locked me out.

The next thing was my wife gets a notification that “I” just started a livestream, but it was “TESLA” and something to do with cryptocurrency. Needless to say I turned the car around and headed back home to see if there was anything I could do. I immediately started to try and change passwords for other sensitive accounts using the Gmail account associated with my channel.

I also made contact by phone with the real Lichty Guitars (which I should have done in the first place) and verified that this was indeed a scam and that they have been targeted before.

I also Tweeted my situation tagging YouTube Creators as that was really the only option to get any type of support. Email, chat, of course phone options were non existent. After a little while, I received a direct message on Twitter giving me a way to submit an account recovery form. I filled out the information and then all I could do was wait.

Time passes (it is later Thursday), and I get an email saying my account has been recovered. So I immediately go and change passwords and work on doing malware scans to eliminate any possible threat that might still be on my system. I then see that I could now login to my channel to start cleaning up the mess.

When this type of hack occurs, usually nothing on the channel is deleted, they will set all of the videos to PRIVATE and change other meta data, channel icon, and channel name. I did a bulk edit to mark my videos to public again and tried to get my channel name and icon set back to normal.

Things were looking fine UNTIL I get an email from YouTube saying that now my channel had been TERMINATED! This was something I never expected but now it seems that this was possibly in response to viewers seeing something was wrong on the channel earlier and reporting it to YouTube as a precaution.

So back to Twitter as well as following up with replies to earlier emails from YouTube partner support. Now I wait……..

I did get a response from YouTube late last night assuring me that they are working on getting things resolved, so I am hopeful that will be soon.

In the mean time, I ordered a YUBIkey which is a hardware two factor device that ironically was what the hackers were using to prevent me from logging in or regaining access to my account. I am also working through making sure I changed passwords on other platforms that might be vulnerable.

So, many lessons learned and wake up call received. The biggest one is not fully trusting that little voice saying, why would a guitar company want you to do a video, you don’t even play guitar ???? I laugh a little now but with a deep regret that this happened in the first place, costing me a lot of lost time trying to fix a mess that could have easily been avoided.

I have to say that I have received so much support from the community and that has been such a comfort and encouragement. Also, by sharing what happened to me maybe someone will be spared the headache that I am dealing with now.

I will keep everyone posted as the events continue to unfold. You can follow me on Twitter @praisetracks if you are on that platform but I will be here as well.

Staying joyful,
Simeon

  • Like 26
  • Sad 1
Link to comment
Share on other sites

Thks Simeon for the feedback ...

Nice infos , bad news ... 

Keep us informed  ... for my part someone regulary trying to change waves account password  , contacted waves , the say anybody with can create a password reset request simply by entering an email ...so somebody with my email is playing , they told me no need to stess just ignore it. ....

For youtube , maybe there s more sensible infos ? 

  • Like 1
Link to comment
Share on other sites

Sorry to hear you got hacked Simeon.

27 minutes ago, Simeon Amburgey said:

Thursday about 12:00 pm EST, I opened an application from them (the impersonator) that was able to steal what I believe were my SESSION COOKIES, giving them a way to bypass the usual Two Factor Authentication I had set up. Things happened very quickly from there.

What happened when you opened the application? I don't mean how did it steal credentials; I mean more like, was there any clue that it was malware?

  • Like 1
Link to comment
Share on other sites

Wow,  Simon, that is a really awful and incredibly  frustrating experience. I appreciate your sharing tips to help ensure  that others won't go through the same thing. Rest assured that the community here is solidly behind you and cheering you on. 

Last year my business's site was hacked. I was up the entire night working -- stressed -- and waiting for everything to be restored and additional security measures to be implemented.  I actually wrote and recorded a song while waiting that doesn't sound like it's about getting hacked because I used metaphors. Perhaps you might take this experience and do the same in a new video?

In any event, rest assured we're all eager for you to get things sorted and be back and hanging out with you (virtually) while you get so inspired by the beautiful sounds you're hearing that you find yourself improvising beloved songs and melodies from years past and we all join you for the journey. The kind of people that did this can ruin a day or so, but they can't steal our resilience. Our victory is in learning something new and returning stronger,  not bitter, but wiser.  

Like everyone else here, I'm eager to see you back up and running and entertaining us with your talent and storytelling. 

All the best,

Peter

Edited by PavlovsCat
Link to comment
Share on other sites

@Simeon Amburgey I just wanted to say how sorry I am this is happening to you. I'm glad to see you're trying to stay positive, proactive and learn from the experience. A "growth mindset" is such a powerful thing in contrast to the "fixed mindset" approach. 

Despite decades of experience in IT, I'm sure if I was dealing with offers to feature things on a YouTube channel I'd also be an easy mark with a well-coordinated and convincing hack like this. Like so many things we're learning about now such as the dangers of social media for teens, this digital age is presenting many challenges along with its opportunities.

Thank you for sharing the insights along the way. I'm wondering if I should be looking into a YubiKey now myself! 

  • Like 1
Link to comment
Share on other sites

2 hours ago, Zo said:

Went to their website , hard to believe /... what those guyz in south carolina making guitar have in interest to hack the channel ?

They were being impersonated by the hacker in a fake collaboration scheme,
I spoke to Jay Lichty by phone and he verified that his company was targeted before.
The weight of responsibility falls entirely on myself for overriding my gut. I have a lot to share on this once things are up again. In short, the hackers have to hack you first before they can hack your system.

Jay and his wife at Lichty guitars are doing some amazing things for musicians and their community. It is very sad to see them exploited and misrepresented like this,

The story continues and I am praying for a happy ending soon. Seeing this is over a weekend I do not expect much movement until Monday.

Until then, stay joyful ? 
Simeon
 

  • Like 6
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×
×
  • Create New...