Thursday, January 5, 2012

So, what happened to the TheMaritimeMan?

A question I still have to answer once in a while is, what actually happened to the TheMaritimeMan YouTube channel in May of 2010? I thought I would take the time to answer that, in full, here.

It was in May of 2010 when I had recently hit 800 subscribers, and was in the process of editing and uploading my 200 video special. One day, a YouTube user subscribed to me, sent me a friend request, and sent me a personal message all in a very short timeframe. The personal message was your typical spammer, "Hey, I really like your videos, click this random malicious-looking link!" ... the person said it was a video tribute they had created for me.

Of course, I was suspicious. Especially because the person who sent the message also said that I needed Java installed and that the tribute only worked on FireFox. However, I bit the forbidden fruit.

I clicked the link for two reasons: First off, I thought I recognized the YouTube name as someone who had been subscribed to me for quite some time. I didn't know they had actually just subscribed minutes before sending that message. Second, I was running Windows 7 with all the updates, the latest version of FireFox, the latest version of Java, and the latest version of Avast Antivirus with the latest definitions circa a couple of hours ago. Surely to God any sort of attack wouldn't phase me, right?

Wrong.

When I clicked the link, I was brought to a very cryptic looking website with a Java window of some sort loading in the center. Then Java gave me an error saying that the program was asking for an older version. That's when I knew whoever sent that message was up to no good. I still wasn't too worried because I believed I was protected from whatever sort of attack this might be.

To be safe, I changed the password to TheMaritimeMan. I also decided to play dumb and message the user back saying the link wasn't working. I also posted a similar comment on their channel. I looked at their channel a few minutes later, and my comment was gone. I posted it again. A few minutes later it was gone. At this point I knew I was on a channel belonging to a spammer (or so, I thought). I posted a less-than-tasteful comment, blocked them, and left it at that.

A couple of days passed with no adversity, so I changed the password back on TheMaritimeMan, as I was tired of having to remember the new password (at the time I had the same password for all of my accounts on the Internet, something I know to avoid now).

Minutes after I had changed back to the old password, TheMaritimeMan was suspended. I thought I must have been legitimately suspended, perhaps because of background music in my older videos. I was devastated, to say the least.

For the next few days I somberly refuged on CPQ5360, keeping you guys updated whenever I could. I sent in many suspension information request forms, where YouTube would supposedly email you telling you why you were suspended. I never got a reply.

A couple of weeks passed, and I began to wonder if TheMaritimeMan's suspension had anything to do with that link I clicked. Then I got a huge hint when my Facebook account was hacked.

I logged onto my Facebook one morning to receive a popup box that read something like the following: "Did you log on from the United Kingdom on May xx, 2010?" Hell no! I answered as such, and I was logged on with everything intact, and without any messages from my friends asking what was up. Someone logged onto my Facebook, but didn't cause any damage. Phew!

While this certainly had no hard evidence of being related to TheMaritimeMan being suspended, I had my suspicions. I decided to go back to the channel of the person who sent me the message. They listed another YouTube account in their channel description. I visited that channel and sent them a message saying that a channel related to theirs had sent me a malicious message. The feller said that the account was being used by a friend of his, as that person's account was hacked, and he was trying to get it back. Okay, so his friend who is borrowing that channel sent me a bad message? The guy said he would check it out.

A few days later, the account that sent me the malicious message was terminated.

At this point, I was pretty sure TheMaritimeMan was hacked, but I wasn't sure why it would have been suspended. I could only guess that whoever hacked it caused some pretty terrible stuff using TheMaritimeMan, which got it suspended. I began sending account compromisation forms.

In June, exactly one month after the day TheMaritimeMan was hacked and suspended, the hacker finally came to light. He sent CPQ5360 a message, saying that he was the hacker of TheMaritimeMan, and that I could get the account back by performing one of three deeds:

1. Make a video defaming myself.
2. Hack another YouTube user for him by sending them a message with the same link that got me.
3. Buy the account back through PayPal.

He had the courtesy to provide a couple of example videos, should I choose the first choice. In these videos, the victims talked crap about themselves, calling themselves all sorts of hurtful names, how stupid they were, and the like. From what I could tell, neither of those people had ever got their accounts back. I wasn't going to do that, or any of them. I would let TheMaritimeMan fall into a black cyber-hole before reducing myself to do any of that stuff. I replied to the hacker, asking him to prove he was such. What came next was one of the most frightening things I had ever read on a computer monitor.

The hacker replied to me with the usernames and passwords of every single account for every website I had ever accessed on the Custom-Built computer. You should've seen the mouse on the CB move. I couldn't - I was blazing through every website I knew of and changing my password!

It all came together at this point. The person who messaged TheMaritimeMan with the link was someone who had been hacked, and decided to choose option #2 as their method of getting their channel back. I fell for it, and now the cycle was repeating with me. I was dealing with a big-time serial YouTube hacker.

The next couple of weeks were kind of painful. Before I had received the message from the hacker revealing himself, I had been receiving occasional emails regarding TheMaritimeMan that I thought were from YouTube, which was uplifting. After the messages the hacker sent me via CPQ5360, he sent me a few emails containing very hurtful words and revealing that he had been creating the emails supposedly from YouTube, using a fake emailing website. He had also decided to have some fun by disrupting a live UStream broadcast I was performing. You might have been watching me live when I discovered that the emails supposedly from YouTube were fake.

At this point I allied with a couple of YouTube users dedicated to the reduction of hacking on YouTube and to the aid of victims. Every day for the next couple of weeks I sent multiple account compromisation forms to YouTube, and even made a telephone call to Google by pressing 0 to get to their switchboard (thanks to the person on the live UStream broadcast who suggested that!), which was useless.

By late June I had lost hope. I made another YouTube channel called TheMaritimeMan2 and started uploading videos, starting with my very first video.

On June, I think 27, TheMaritimeMan was unsuspended and restored to my ownership, with everything in place except for my videos.

**********************************************************************************************************

What I now call the Great YouTube Hacking Crisis spanned the majority of 2010. Accounts were being hacked left and right by various hackers, from small channels with no videos to YouTube partners with 100 000 subscribers. The worst part was, Google pretended it wasn't even happening. I estimate that a good few hundred channels were compromised before it died down around the beginning of 2011. Most of the channels in question posted videos related to video games, the furry fandom, and yes, electronics and computers.

TheMaritimeMan's videos should have returned along with the channel itself. According to what someone told me on the YouTube forums, when YouTube unsuspends a channel, they must click a button to restore the videos, as well. YouTube FORGOT to do that. All 202 of my videos are still actually on YouTube's servers. If I go to my "My Videos" page, they are all listed, and I can watch them. No one else can.

I originally decided to re-upload my videos, starting with the first one, incorporating the original title, description, tags, and any annotations for each. But, I simply don't have the time anymore, nor will I ever probably. I don't really have the will either. So, I've decided to just continue on and start, very slowly, making new videos.

Looking back at the incident now, I realize that no matter what I did to appease that hacker, he could never have given me the account back, unless he had as much power as to hack Google's servers themselves and manually unsuspend the channel. Had TheMaritimeMan not been suspended, he probably would never have given the account back anyway.

Finally, here is the preaching part of this little blurb:

1. NEVER assume you are safe on the Internet, even if you got the most expensive security software package money can buy.

2. If you get an email, message, etc. containing a link that's not from a domain you recognize, do NOT click it.

3. If you get a suspicious email, but with a link that looks legitimate, look at the properties for the link anyway - it might be masked to look like a different link than it is. If it's a link from a service such as bit.ly, use the preview feature of that site, where you can paste the link, and it will give you the full address.

4. If an email as a whole looks suspicious, look at it's source (articles online will tell you how to do this for your particular email client). An email might say it's from a certain address, but actually be from another.

5. If you believe your computer or an Internet account of yours has been compromised, change the passwords for ALL of your Internet accounts. Disconnect your computer from the Internet and run a virus scan.

6. If a hacker or another unsafe person contacts you, do NOT respond. Block them. If they keep making accounts to contact you, don't respond still and keep blocking them.

7. If the person just won't stop, or starts making threats, or if you believe you, someone you love, or your personal information or there's is at risk, contact the police. I know that sometimes the local authorities just aren't helpful in situations like this, but it never hurts to try.

8. If the contact between you and the unsafe person is taking place on a website (owned by a company other than Google, who actually cares), contact customer support for that website.

9. If the end result is the loss of something like your YouTube account, don't take it hard. Be glad you and your loved ones are safe. It's an impeccably small loss.

The Internet is a very dangerous place, and it's only getting worse as we spend more and more time on the Internet, now that we can get it anywhere, anytime, such as through the cellular phone system. I have little hope that it will get better, especially with this cloud thing becoming popular, but if the message of Internet safety and how to take advantage of it can make it to even a few people, at least that's that many people who hopefully won't be sorry in the long run. For like many things - cars, fireworks, and the like - the Internet can be a very fun place and an incredibly useful tool, when it is used responsibly and safely.

-Trent

Friday, December 2, 2011

First post. Hello?

So I created this blogger account a good few months ago with the intention of moving my longer computer-related Twitter posts such as those from #TalesfromTheComputerLab to a more suitable home, where they could be (hopefully) easily viewed in their entirety without hassle. Then school started, and it all went in a handbasket. lol

But I'm now posting this initial blurb as a test, and hopefully all goes well. Here I'll probably post everything that I would normally post on Twitter using Twitlonger, and hopefully I'll get a little viewage!

The only reason I am posting this right now and not a few months ago is because right now, thank heavens, I don't have a crapload of homework to do over the weekend. So who knows how often I'll actually be able to post here.

I'll kick things off after this with an update of what's been happening in the dark depths of the computer lab at school since last year.

-Trent