The Linus Tech Tips X/Twitter account was hijacked, and the details were explained on the channel’s podcast, “WAN Show.”
The hack was a pretty basic email scam: Linus received a warning that X account had been accessed in Russia, so he quickly locked it down.
But as Linus points out, he was pretty distracted — he was at a pool party and had just fired up the grill — and the page he found looked like the official password reset screen for X and Twitter.
Article continues after ad
This method just captures your current password by having you fill it in the “old password” box – resetting it to a new password doesn’t actually do anything, it just gives the scammer access to your password.
A big part of modern hacking is social engineering. Research by cybersecurity expert John Hammond found that sites will offer up “wrong passwords” even if you get them right.
Article continues after ad
This ensures that the victim will be more likely to carefully re-enter the password the second time, ensuring that the hacker gets the correct password.
Article continues after ad
A detailed analysis of Hammond is presented in the dedicated video or in the thread on X.
Linus Tech Tips considered abandoning Twitter
The hackers temporarily took over the X account, which Linus himself had announced was his retirement.
“I don’t really care about Twitter accounts,” Linus interjected.
“We’ve had a lot of conversations over the last six months about not caring about it anymore.”
Since Elon Musk bought Twitter, the social media platform has come under fire from some big-name creators, with some people who switched from Musk’s app finding their homes elsewhere, like Linus Tech Tips.
Related:
Linus Tech Tips controversy explained: Gamers Nexus video, ex-employee accusations
Article continues after ad
“There’s not as much engagement there compared to Instagram or TikTok.”
Linus also revealed that the company’s social media team has been reallocated to other areas of work, citing, for example, the incredibly low number of “referrals” to links they post.
Article continues after ad
While LTT was successful in re-securing the X account, it did highlight the issue of modern email apps hiding sensitive information, such as email addresses. Hiding your email behind a tiny drop-down menu, like the Gmail app does, can make it easier for bad actors to trick you.
Article continues after ad