Thinking about the credit card, no idea but it occurs to me that the dark web is swimming in stolen data collected over years from various sources. And hackers are not acting alone but a network. So that short delay was presumably used to cross match your logins to maybe a previous card hack? Forensics at the airport would reveal a list of accessing devices, I mean one bad guy was literally sitting in range, right? No idea what police are/would /could /should do, or the multiple organisations starting with BA, airport owners, WiFi provider etc, even the Swiss authorities?? Also starts to implicate the status of literally all your PC files (if accessed via public wifi). I know my own data is not locked down if someone got on to the pc... Also my opinion of Airbnb hosting is jaundiced after a bad experience... So I wouldn't even trust those guys particularly. Crims think foreigners, travellers, tourists are easy prey. To an extent, they are right. Tired & rushed is no good for awareness.

If I knew this, I'm a hacker and wouldn't tell anyone.:-) The "normal" user has no idea what is possible or what is happening or has happened to his account.

How did you pay for the WIFI in the Airport? With the credit card ? or you use the credit card when you were on the compromised wifi in the Airport ?

SIM-Swapping. So it's better to use TOTP instead of SMS as the second factor. Keep Antivirus and OS and installed Software up-to-date

@@pbrigham most airports give you free wifi

That shows up very clear what their priorities are. It is also somehow arrogant, like you are not allowed to disturb them. Google especially. They also do not want to spend any money to hire people that answer requests.

@@adrianTNT I had a trick to be able to talk to facebook support... buy advertising and then you have the option to chat with a real person, and then they indefinitely suspended my advertising account saying policy violations (I don't violate any policies) LOL

Internet companies are operating at a scale that is totally unlike your local car dealer. This comparison is unhelpful.

@@grantcivyt Your response is beyond "unhelpful".

It would be criminal if you paid for it, but none of us do, so can't really complain.

I hope so 🤞

Yeah, it’s madness that they allow changes like this unchallenged!

On LTT's case they got the session cookie from an employee who got tricked into opening an executable posing as PDF because he taught it was from their sponsor. accessing settings SHOULD ALWAYS ask for password, and yeah good luck contacting anyone from google.

Yep, this is likely the method. Everything is spoofed (DNS/SSL/etc.) and the attacker has unencrypted access to everything. Attackers carry the equipment in bags.

Yes, this is my thought too. When they connected to the airport wifi, they probably accepted a certificate from a spoofer without thinking about it. This allowed them to decrypt all their network traffic.

@@trail.blazer Although i believe this was indeed the method they used to get what they wanted, SSL spoofing is hard as you can't simple create a fake certificate and hope the browser will accept it. They probably just stripped SSL altogether and the user didn't notice it was using an http connection since most browsers no longer show a big red warning when you visit an insecure website.

@@themartdogthankfully you can't accept CA certificates that way. There is no way to make a browser download and install one. Nor a wifi connection. You need to manually add them yourself.

No, this is not possible. KZbin uses HSTS, so a passive observer or even a man-in-the-middle attack cannot reveal any information. Even a state-level actor, like China or the United States, wouldn't be able to do it.

I hope so ☺️

Good to know. Will give that a try too 👍

This is also much more secured than the wireless option. With WiFi a nearby attacker can masquerade as your hotspot and trick your laptop into connecting to their rogue hotspot instead of your phone's. This happens every year at DEFCON in Las Vegas, almost as a joke on the uninitiated.

Yes agree - when using my phone's data on my laptop I find it is always better to plug it in via USB rather than use WiFi. As a plus, the phone stays fully charged.

@@F85C8CE2A7831FE68C63I've heard that DEFCON has gotten a little bit more responsible not much but a little bit. I am also curious about the masquerade as your Wi-Fi APs. I hear about this all the time but I have yet to have my suspicions confirmed. Sure I can clone the name, but is the Wi-Fi standard that brittle to fully be able to clone the password to? Granted the standard isn't open so we see lots of problems with it because we wouldn't want Open researchers to suggest fixes before we put it out in the world and burn it into hardware. It just breaks my brain to think that with an AES encryption key system (implemented properly?) another party would be able to join the conversation without the valid key to decipher it? Although that is completely negated if all parties have joined the conversation due to a password being publicly posted at the desk.

I appreciate that 🥰

Thanks for your support!

Yikes! Nowhere is safe. ☺️

@@MyOnlineTrainingHub I’ve seen that they sell usb charging cables that don’t have the data conductors connected… just the power connections. I don’t travel much but think I’ll pick some up for all my family members

⁠@@MyOnlineTrainingHubThere are tools you can buy that blocks the data. You connect device to the usb data blocker first, then connect that to the power port. They cost about $10-$15 USD on Amazon. Even if you don’t plan on using it, it’s good to have in emergency.

Alternatively, make those public charging ports safe by bringing your own 'USB data blocker'. That is a small USB adapter that passes through the charging voltage but blocks any data transfer. So you can be sure to have no USB data connection at all and therefore no risk, just receiving the energy. Another possibility (which I'm using personally) is: use a powerbank inbetween! You'll need a powerbank that is capable of charging your smartphone while being charged itself. My powerbank can do that and so I plug the powerbank into the public charging port, and my smartphone into the powerbank. The powerbank doesn't do any USB data transfers, so I'm safe from USB hijacking, and at the same time I'm charging both my phone and my powerbank, which can be quite convenien and makes the most out of the 'free energy'. :)

The powerbank is a good idea. I usually carry one of them with me when travelling anyway, so saves requiring another device.

Thanks for your support!

Needs repeating, backup, backup, backup. I've seen too many businesses burned because they didn't. Make them and verify them. As for them VPNs whenever one has to connect using WiFi one doesn't control.

Thanks for your support! 🙏☺️ I do have all the videos but re-uploading them from scratch would not be the same as all the video urls would be new. Not something you want. Thankfully Google were able to restore the channel for the most part.

I hope so 😊

Thanks so much. I hope it helps others avoid a similar experience.

You beat me to saying almost exactly what I was going to say. Scary stuff, indeed. I could feel my pulse rate climbing from panic just reading the narrative. Great job Mynda, keeping your wits about you under extremely challenging circumstances! I'm not sure I would have been able to.

Glad it can help others be safe. 🙏

I hope so too!

Thank you so much, Jon! It wasn't a pleasant experience 😅

Thanks, David. I have always felt safe with https, but this experience has taught me to trust nothing. If it was a phishing page, then how did it log me into KZbin? I didn't notice anything strange at the time.

@@MyOnlineTrainingHub Hackers often use captive portals with an 'Evil Twin' and/or will spoof login pages of popular sites with spoofed DNS responses if WiFi clients aren't properly isolated from each other.. You connect to what you think is the legitimate hotspot and is actually the attacker's machine. Then an unsecured, unverified page pops up prompting you to login to Google. Someone who doesn't understand such portals might be fooled.

David is absolutely correct on this. It can only be one of two things, an already hacked system (i.e., laptop) or previously hacked home PC, or user error and/or spoofing to enter credentials of some sort that could later be used. I am of course dismissing the obvious case of the use of an insecure, easy to guess password...

I agree, it can't have been a compromised Wifi due to how HTTPS works. It's not possible to sniff any traffic this way. Most likely you got malware on your computer from _somewhere_ which stole your token and then removed itself.

Thank you so much!

Thanks for your support ☺️

Thanks for your support ☺️

Glad I can help others avoid this experience ☺️

Thank you!

Thanks so much for your support 🙏

So sorry to hear that. I did get an apology and pretty good support once I figured out a way to get in contact, which was way too hard. But also, Google allowed this to happen and they really should have better protection when you’ve set up 2-factor authentication on your account.

​@@MyOnlineTrainingHub - As you can see 2-factor authentication can be compromised too while inconveniencing the real user... hate those things constantly having to type slews of digits every time I log into an account with 2FA. smh I use unique random passwords for each site (never the same for more than one), and never got hacked in 20 years I've been using the web.

Thanks so much for your kind words and support 🥰 I hope this video can help others avoid this experience. We are lucky it wasn’t worse.

You are so welcome 🙏

Thanks for your support ☺️

Thank you so much! Will do 😊

It’s terrifying how easily they can get your details and the damage could have been a lot worse.

Is the belief here that the laptop itself was compromised by the hackers? i.e. Windows or Mac or Linux - i.e. the OS on the laptop? All the sites mentioned use TLS - even with a pineapple in the middle, the hackers still wouldn't be able to get the session cookie - or info from the browser.

I would add a recommendation to install Malwarebytes to any PC or Mac. Be sure to turn check for rootkits as it's not on by default. Turn off the browsers ability to store passwords and payments. Even tho she showed the Edge screen where "add" was empty, click the gear to double check. More often than not there will be saved information there which you want to delete. Turn off the same stuff in Chrome and Firefox.

I assumed that these website use HTTPS. How can the token be intercepted?

​@@AlainDejalleYes Sir I also want to know. Please tell me also once you got to know it.

Thank you so much! ☺️

Glad I can help you avoid this experience 😊

Yes, the CA certificate is a possibility. I don't recall accepting one, but that's not to say it didn't happen.

@stanst6092 .. Yes, thanks for this - exactly what I thought of the comment about public WiFi, really appreciate your more detailed remarks here.

Thanks for your support 🙏🥰 unfortunately, I don’t think they are likely to be caught but hopefully I can prevent others falling victim.

Thanks so much for your support ☺️🙏

Thank you so much!

I always used wifi on the understanding that https was safe too. All I can tell you is I was hacked, and it happened after accessing wifi. I was using Edge, so 🤷‍♀️

I guess anti-viruses are next to useless unless its archaic viruses pretty much?

Thank you, I will 🙏😊

It is, thankfully 🙏

Cheers!

How does that stip the SSL layer used to access the web site?

It’s not the connection back and forth that’s the issue, it’s the cookie/session token stored in the browser temporarily that they were able to get over the network. That’s why when you login to public wifi networks you get a warning about it not being secure. The laptop was a new surface direct from Microsoft with the latest version of windows 11. I’m pretty confident the laptop wasn’t infected with malware.

@@MyOnlineTrainingHub "Over the network"... that would be encrypted with SSL including the cookies. Still missing something. They could have hacked into the laptop itself maybe. I am interested in knowing how this happened though. It's often a small detail people don't remember doing. So far I don't see an explanation.

​​@@MyOnlineTrainingHubit would have been better if you have done a clean install before using the laptop.

@_droid me too. There are some pretty sophisticated possibilities like this one: cybersecuritynews.com/mitm-attack-on-wi-fi-networks/ @jirehla-ab1671 maybe, but I think it's highly unlikely I received a brand new in the box laptop from Microsoft that contained malware.

@@MyOnlineTrainingHub You get the warning about it not being secure because SOME traffic from your laptop is sent in the clear e.g. regular old DNS queries, which might give away which websites you are visiting. But _droid is right, modern browsers try to force HTTPS (aka SSL/TLS or even now HSTS) meaning data transmitted between browser and server is encrypted. It shouldn't be possible now to simply sniff raw wifi frames, or to sniff higher layer IP packets to steal cookie/session data. What they're suggesting is also my thought, that they somehow compromised the laptop itself - still over the public wifi network somehow, but a more involved attack and not just sniffing/copying your data as you exchanged communications with those sites.

Cheers, Jon! It wasn’t a fun time but I learned a lot and hopefully can avoid it happening again 😊

It certainly was scary, and we were lucky it wasn't worse. I feel a lot more educated and in control of my cyber security now, but you can never be too careful.

@@MyOnlineTrainingHub So, always use a VPN when travelling away from home? When you say log out of active accounts when shutting down, do you also include Google and Microsoft? I do log out of other websites, but those two sit behind the activity of the computer (Microsoft 365 and various Google activities)

Yes, log out of everything. Imagine if they had access to your email account!!!

Thanks for your support! Much appreciated 😊 it sure was scary 😔

Thanks so much for your support!

Thanks so much for your support!

Thanks for your support. We've recovered the account 😅

Gracias 😊

Thank you so much! We’re thankfully back on track now 🙏😊

Thank you so much!

Thanks so much!

Thanks for your kind words 🥰

Thanks for your support!

Thanks for your support!

Thanks for your support 😊 hope it never happens to you.

Thanks for your support!

It would have been 10 times worse without each other. Definitely terrifying. ☺️

So nice of you 🙏

I hope this video can save others from having this experience.

You are most welcome 😊

Thanks for your support. Unfortunately, we lost a lot of followers when the hackers started their livestream, so I appreciate you had faith in us to stick around 🙏☺️

Thanks for your support ☺️

Glad something good can come of this experience.

Glad it was helpful!

Thanks for your support!

Thanks for your support. Hope this helps you avoid experiencing the same ☺️

Sure is! Thankfully, we’re back up and running 😊

I appreciate that! 🙏☺️

You are so welcome!

Thank you 🙏 we are fully recovered, but it was very scary.

Thank you 😊

Thanks for your kind words and support!

Thanks for your support!

Sorry to hear of your experience. It certainly changes the trust level you have in general.

The really hard part, as you have experienced, is how they decide to hit your system of all the computers in use. I will never know how they got it in, but I have made it extremely hard for someone to ever do it again. From that perspective, we learn to be more diligent and take nothing for granted.

Glad I’m still here to help ☺️

Thanks so much 😊

Thank you! It sure was scary. To the point where you feel numb. Hope this story can help others avoid it.

Thanks for your support ☺️

It sure was scary and at one point I was just waiting for the next thing they were going to attack 🤦‍♀️

@@MyOnlineTrainingHub I am sure it will be alright. My warm hugs from Ireland ♡

Us too! 🙏

Best of luck!

Glad I could help you avoid the same fate!

I'm glad something good is coming of it 😊

You are welcome 🙏

It does raise the question (that I'm sure has been raised before) of whether Google is too slack in its authentication requirements for allowing privileged actions. 😡

😁 thanks for your support, Grant! It absolutely is too slack in its security around making changes to its account security. One of the reasons they couldn’t do much with LinkedIn is because they couldn’t add any additional emails/2FA credentials to the account without logging in first!

Glad it was helpful! ☺️

The credit card transactions were all made through online stores, not physically in Australia and they were no doubt done over a VPN that masked their true location and processed by a bot. It's unlikely they were humans actually trying to use a physical card as they wouldn't still be trying to buy things for $1 on a card that is clearly cancelled, as they did today! It's a scary world! Stay safe 😊

Thanks so much 😊

Thank you. We have recovered everything, thankfully.

Glad to hear that 😊

Thank you!

TBH, I can't remember how I stumbled upon their chat, but I was logged in with a different Google account in another browser and tried finding the contact details there and chat came up as an option. It may depend on what level of account you have with them as to the type of contact options you have available. I did have to be logged in and I did have to prove I owned my channel before they gave it back to me.