- Several massive Twitter accounts were hacked Wednesday by bitcoin scammers asking for money, claiming they would return senders double the amount in an effort to provide financial relief during the coronavirus pandemic.
- Compromised accounts included those of Barack Obama, Joe Biden, Kim Kardashian West, Kayne West, Jeff Bezos, Bill Gates, and Elon Musk.
- Hackers reportedly gained access to an internal tool by bribing a Twitter employee with money. They were then able to change emails associated with the accounts and reset passwords.
- The hack has prompted many to ask how general privacy and even United States national security could potentially be affected, with Senator Josh Hawley (R-MO) asking Twitter CEO Jack Dorsey to provide more information about the attack.
- Thursday, the FBI and the New York State Department of Financial Services both opened investigations into the hack.
Bitcoin Hackers Gain Control of Huge Accounts
Twitter suffered its largest hack ever on Wednesday, which some fear could have far-reaching national security implications.
In fact, on Thursday, the FBI opened an investigation into the hack. The same day, at the direction of Governor Andrew Cuomo, the New York State Department of Financial Services launched its own investigation.
“The Twitter hack and widespread takeover of verified Twitter accounts is deeply troubling and raises concerns about the cybersecurity of our communications systems, which are critical as we approach the upcoming presidential election,” Cuomo said.
The list compromised accounts include those of Kim Kardashian West, Kanye West, Elon Musk, Jeff Bezos, Apple, and Uber, It even includes those of former President Barack Obama and presumed Democratic presidential nominee Joe Biden.
Most of those accounts, which were all hacked near-simultaneously, tweeted some variation of the same message: “I am giving back to my community due to Covid-19! All Bitcoin sent to my address below will be sent back doubled. If you send $1,000, I will send back $2,000! Only doing this for the next 30 minutes! Enjoy.”
Shorter messages were posted on accounts like Kardashian-West’s.
Though it’s highly unlikely that such wealthy and high profile figures would directly ask their followers for money in this way, the requests were coming from their personal, verified accounts (AKA, accounts with that coveted, blue checkmark next to their names). Thus, many fell for the scam, and hackers are estimated to have stolen as much as $120,000 as part of the scheme.
As the hack was happening and more verified accounts were compromised, Twitter became so worried and concerned that it did something unprecedented: temporarily disabling all verified accounts from directly tweeting.
While that prevented hackers from continuing to post tweets asking for money, it also had some unintended consequences. For example, the National Weather Service in Lincoln, Illinois was tweeting about a severe thunderstorm at the time, however, the verified account soon found itself unable to post updates. That then forced it to resort to retweeting its bot account, which is not verified.
How Did the Hack Happen?
If reports about how hackers breached Twitter’s security system are true, that exposes massive security flaws at the company.
According to Motherboard, which is owned by Vice Media, hackers convinced a Twitter employee to help them hijack the targeted accounts. In fact, according to leaked screenshots and two anonymous sources who took over those accounts, Motherboard alleges that the employee in question was bribed into—at least indirectly—handing over an internal tool that allowed them to hack into the accounts.
“We used a rep that literally done all the work for us,” one of the sources told Motherboard.
In a statement on Wednesday evening, Twitter Support said, “We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
According to a Twitter spokesperson who spoke to Motherboard, the company is also investigating whether that employee hijacked the accounts themselves or if they gave hackers access to the tools.
As to how those hackers actually gained access to the accounts, Alan Woodward, a cybersecurity expert at the University of Surrey, told Business Insider, “It looks like the way this was done was by using the tools inside Twitter to reset contact details and then trigger password resets.”
Essentially, those hackers likely gained access to the internal, high level tools then used them to change the email addresses associated with those accounts. From there, the hackers would have sent password reset requests, granting them full access to the accounts.
Such a strategy is difficult to counter (How many times have you reset your own password just because you couldn’t remember it?).
Twitter could always get rid of the internal tool that allows employees to reset passwords, but as Woodward noted to Business Insider, if the company did that, people might end up getting locked out of their accounts forever.
He suggested having Twitter require more than one employee to sign off on the password reset function.
“If you allow such tools to exist (and it’s difficult to see how you’d not) then the only way to stop them being misused by an individual is to have a process in place to make sure you need two people internally to make it function,” he said.
What Else Did Those Hackers See While in the Accounts?
The idea that hackers could make their way into the account of a former president or that of a major presidential candidate is scary in itself, but it also raises several key questions: What else did they see? What information did they manage to access?
For example, Twitter does not encrypt private messages. Anyone who logs into an account can see the messages sent to and from that account. That’s not to suggest Obama or Biden have something to hide, but such a fact is a gaping privacy concern.
As Woodward noted, even for regular users, there’s currently no way to defend themselves against this type of attack.
But it’s not just privacy. The people behind the accounts that were hacked have massive influence and sway. While his account did not appear to be hacked in this attack, many have raised concern about what kind of power hackers could exert if they were able to comandeer President Donald Trump’s Twitter account.
On top of being the leader of the country, Trump is frequently known to attack political enemies—including foreign leaders. Many, including Senator Josh Hawley (R-MO), fear the national security implications Trump’s Twitter account could pose in the wrong hands.
“I am concerned that this event may represent not merely a coordinated set of separate hacking incidents but rather a successful attack on the security of Twitter itself,” Hawley said in a letter to Twitter CEO Jack Dorsey as the attack was unfolding.
“As you know, millions of your users rely on your service not just to tweet publicly but also to communicate privately through your direct message service. A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security.”
Hawley asked Dorsey to provide detailed information on the attack, including information regarding Trump’s account.
“Did this attack threaten the security of the President’s own Twitter account?” Hawley asked in a series of questions.
So far, it is unknown how or if Dorsey has responded to Hawley, though Dorsey did make a personal statement on Wednesday.
“Tough day for us at Twitter,” Dorsey said. “We all feel terrible this happened. We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened. [Love] to our teammates working hard to make this right.”
This isn’t the first time the accounts for high profile names have been hacked on Twitter. In fact, even Dorsey’s account was hacked last year. That same hack also targeted other massive online personalities like James Charles and Shane Dawson were also hacked last year.
See what others are saying: (Business Insider) (Axios) (The Verge)
Child Influencers on YouTube Are Increasingly Promoting Junk Food, New Study Finds
- A new study that looked at food promotions among the top five kid influencers on YouTube in 2019 found that 94% of food featured on the channels were junk food items.
- The study is the first-ever done regarding kid influencers and food product placement.
- Among other influencers, the study found that Ryan Kaji of Ryan’s World has often promoted unhealthy food, sometimes without properly disclosing that the content was an ad.
- Numerous studies have found that children are much more susceptible to advertising. According to the new report, coded advertising that blends with the show is especially effective, a practice seen in many kid influencer videos.
- The kinds of advertising noted in the study have long been banned on children’s TV programs, and now some are calling for similar regulations on YouTube.
New Study Findings
YouTube’s top child influencers have been increasingly promoting and marketing junk food to their young viewers, according to a new study published Monday by the journal Pediatrics.
According to the authors of the study, it is the first-ever of its kind that has examined “the extent to which kid influencers include food and beverage product placements in their YouTube videos.”
To conduct the study, researchers identified the top five most-watched kid influencers in 2019, and then searched for “50 of their most-watched videos and 50 of their videos that featured food and/or drinks on the thumbnail image of the video.”
In the sample of 418 videos met the search criteria, a total of 179 — nearly 40% — featured food or drinks, and of those products, the vast majority were unhealthy.
According to the study’s findings, 90% of all food and drink shown in the kids’ videos were unhealthy branded items like McDonald’s, followed by 4% of unhealthy unbranded items like hotdogs. Both healthy branded and unbranded food and drink composed just over 5% of all products featured.
Those numbers are particularly concerning because according to the researchers, just the 179 videos that featured food racked up 1 billion views and over 16 million impressions for those food and drink products.
The findings of the study are highly significant, especially as the videos cited come from kids who have a massive influence on the platform, like 8-year-old Ryan Kaji of Ryan’s World.
Not only is Ryan easily the largest child influencer on YouTube, he is also one of the largest creators on the platform period. According to Forbes, he was the highest-earning YouTuber in 2019, bringing in an estimated $26 million last year alone.
In addition to his nearly 27 million subscribers, according to the Pediactrics study, his videos also account for over 64% of all views on every video ever produced by the top five child influencers analyzed.
Ryan’s scope is specifically relevant when it comes to the promotion of unhealthy food. According to The New York Times, some of the brands Ryan has been paid to promote include fast-food chains like Chuck E. Cheese, Lunchables, Hardee’s, Carl’s Jr., and others.
For example, both The Times and the Pediatrics study noted that one of his most popular videos shows him pretending to be a cashier at McDonald’s. In it, he wears a hat with the McDonald’s logo, serves plastic McDonald’s products to one of his toys, and then eats a McDonald’s Happy Meal. That video alone has been viewed nearly 95 million times.
Notably, Ryan’s World has been accused of not properly disclosing sponsorships in the past– including fast-food ads. Just last year, several senators accused the channel of running ads for Carl’s Jr. without disclosing that they were sponsored commercials and called on the Federal Trade Commission (FTC) to investigate.
Other groups have also made similar accusations against Ryan’s World, but it is by no means alone. To make matters more complicated, the authors of the Pediatrics study were also unable to tell when child influencers had been paid to promote the unhealthy products because they were not always clearly disclosed.
The FTC requires influencers to disclose any and all paid promotions, but as The Time’s notes, “critics say the policy is rarely enforced, and that influencers often ignore it.”
When it comes to kid influencers, the lack of proper disclosure is distinctly alarming because of the way these promotions are already ingrained in these child-targeted videos.
“The way these branded products are integrated in everyday life in these videos is pretty creative and unbelievable,” Marie Bragg, one of the authors of the study explained. “It’s a stealthy and powerful way of getting these unhealthy products in front of kids’ eyeballs.”
Other experts also noted that the power of these stealthy promotions is also amplified by the fact that parents may not realize or understand that their children are watching advertisements for fast food.
“These videos are incredibly powerful. Very busy parents may take a look at them and think that it’s just a cute kid talking enthusiastically about some product and not realize that it’s often part of a deliberate strategy to get their children excited about toys, or in the case of this study, unhealthy food,” said Josh Golin, the executive director of the Campaign for a Commercial-Free Childhood.
“Young children view the stars of these videos as peers and friends and don’t understand that the reason YouTube stars like Ryan are so enthusiastic about products featured in there is because they are stealth marketers,” he added.
That last point is particularly noteworthy because young kids are especially susceptible to marketing. Studies have shown that children cannot distinguish between commercials and cartoons until they are eight or nine years old and that they are more likely to prefer junk food after seeing ads for them.
So when those ads are integrated into the videos kids are watching without any kind of disclosure or differentiation, everything just gets blended together even more, which can be especially potent when it comes to YouTube videos.
“My concern is that these ads may be like TV commercials on steroids,” said Bragg. “Kids watch on autoplay, which means they’ll see the same type of programming over and over again. Instead of 10 minutes of ads throughout a 30-minute TV show, they can end up seeing the same product over and over again.”
The idea that products promoted by children on YouTube could be an even more effective marketing technique than normal television ads targeted towards children is specifically distressing because that kind of advertising is in fact illegal on television.
For years, the FTC has long banned what is known as “host selling” on children’s television, which is where characters or hosts on a show try to sell products in commercials that air during those programs. However, those rules do not apply to YouTube, where hosts and characters can promote products during their shows.
While that practice has become commonplace, the issue becomes stickier when it comes to kids.
With these growing concerns, many people — including the authors of the study — have been calling for more regulation.
Some have specifically pointed to a piece of legislation proposed in March by Senators Ed Markey (D-Ma.) and Richard Blumenthal (D-Ct.) which, among other things, would limit what they called “manipulative” advertising, like influencer marketing aimed at kids.
Even without legislation, the authors of the study also hope that the new awareness around kid influencers and junk food product placement brings change to the industry.
In a statement to The Times, Sunlight Entertainment, the production company for Ryan’s World, said that the channel, “cares deeply about the well-being of our viewers and their health and safety is a top priority for us. As such, we strictly follow all platforms terms of service, as well as any guidelines set forth by the FTC and laws and regulations at the federal, state, and local levels.”
“As we continue to evolve our content we look forward to ways we might work together in the future to benefit the health and safety of our audience,” the company said, adding that Ryan’s World welcomed the findings of the study.
However, without set regulations in place, it is unclear if Ryan’s World and other kid influencer channels will be held accountable, especially given their alleged track record of disobeying existing rules.
See what others are saying: (The New York Times) (CNN) (U.S. News & World Report)
Mr Beast Defends Charli and Dixie D’Amelio Following Tournament Win Backlash
- Mr Beast held a trivia tournament Saturday where creators competed against each other for $300,000 to give to their fans.
- Charli and Dixie D’Amelio won the competition, however, many accused them of having an unfair advantage because they were allowed to compete as a team and had their parent’s beside them as well.
- Some online even suggested that the family may have been cheating through the use of phones or people off-camera.
- Mr Beast said fans should be mad at him, not the family, since it was his decision to allow multiple people on a team. Still, he noted that the tournament was just for fun and promised to make teams equal in future competitions.
Mr Beast Hosts Creator Tournament
Internet users lashed out at TikTok stars Charli and Dixie D’Amelio on Saturday, accusing them of cheating in YouTuber Mr Beast’s trivia competition.
Mr Beast, whose real name is Jimmy Donaldson, held his latest influencer tournament that same day, following the success of his Rock Paper Scissors charity steam earlier this year. During the trivia event, 24 creators competed against one another for $300,000 to give to their fans.
Contestants included the likes of Addison Rae, Bretman Rock, KSI, Safiya Nygaard, Jaiden Animations, and tons of others, with the D’Amelio sisters ultimately being declared the winners.
However, many were unhappy with that, saying they cheated and had an unfair advantage. This is because the sisters were allowed to compete as a team and also brought their parents along with them.
It is worth noting that only Dixie competed in the final round of trivia against comic book artist and YouTuber ZHC. Still, many felt like the 4 on 1 match-ups weren’t fair and even suggested that the family was cheating through the use of phones or people off-screen.
Not just that my guy, they were using phones pic.twitter.com/cJmYlLQps4— mbdtf (@saintmankind) October 18, 2020
Mr Beast Defends D’Amelio Family
Mr Beast eventually had to try and diffuse the situation after seeing the family faced a slew of backlash online.
“I see some people mad that I let multiple people compete on a single team in the trivia tournament!” he wrote. “Honestly, the tournament was just for fun and to bring the community together and I’d appreciate if you were to get mad at anyone, get mad at me. It was my decision lol”
“The criticism is noted and I’ll definitely keep all the teams the same size next time! 100% my b Red heart,” he continued.
Fellow YouTubers expressed a similar sentiment about the competition being all for fun, with the money ultimately going to fans in need.
Tana Mongeau’s “Booty for Biden” Promotion Sparks Legal Concerns
- YouTube star Tana Mongeau has come under fire for offering nude photos to fans who proved they voted for Democratic presidential nominee Joe Biden.
- Some said it could be considered vote buying, which is a felony. Others said it encourages fans to take ballot selfies as proof, which are illegal in several states.
- Mongeau eventually added, “by proof I just meant tell me,” before ultimately deleting the post and writing, “in all seriousness if you can vote please do.”
- She did, however, claim that she received “tens of thousands of messages” from people telling her they voted for Biden.
Tana Launches #BootyForBiden Campaign
YouTuber Tana Mongeau promised to send nudes to Joe Biden supporters on Wednesday as part of her “Booty for Biden” campaign, which has now raised legal concerns.
Mongeau advertised the strategy in a Tweet, writing: “if you send me proof u voted for Biden I’ll send you a nude for free.”
That post, of course, was accompanied by a link to her OnlyFans page and the hashtag #bootyforbiden. However, the problem is that people said she was breaking the law and asking her fans to do the same.
Some say what she did could be considered vote buying, which is a felony punishable by a fine and up to two years behind bars. Because she was asking fans for proof of their vote, others said she was also encouraging ballot selfies, which are illegal in several states.
Tana Deletes Post
Mongeau eventually clarified what she meant by proof, saying, “I just meant tell me.”
She then ended up deleting her initial offer altogether, following up with, “in all seriousness if you can vote please do… not voting is voting and the world is scary.”
It’s unclear what the response to her post was like on her end, but she did later claim that her campaign “broke Tana Uncensored,” in an Instagram post that featured a NSFW photo of her with the Democratic candidates face photoshopped over hers.
“Tana Uncensored messages are broken, and the point has been made: I got tens of thousands of messages of people telling me that they willingly voted for Joe Biden,” Mongeau added in an Instagram Story.
“It’s the best thing ever. You don’t need my ass to make you go vote. So go vote because you wanna see a change in this country just like me, and thank you to everyone who joined me today. Booty for Biden.”
For now, it seems like the YouTuber is trying to join the list of stars encouraging their fans to vote, but the way she’s been doing it might be a problem.
Tana Loses YouTube Verification
Reports surfaced this weekend pointing out that Mongeau has just lost her YouTube verification check. As of now, there’s no confirmed reason, evidence, or explanation for this, but some internet users and media outlets are suggesting it could have to do with the controversy.
Neither Mongeau nor the platform has commented on the verification change so it’s tough to say if they are connected.
Meanwhile, fans online are offering up other explanations, saying it could be because she changed her name back from Tana Paul to Tana Mongeau.
It’s because she changed her name to Tana Paul and back to Tana Mongeau. I’m pretty sure it hasn’t been verified since she changed it.— POCHAMA MIA (@NickPochama) October 4, 2020