Creators' Channels Keep Getting Hacked by Crypto Shills. They Want YouTube to Protect Them—But YouTube's Accounts Are Getting Hacked Too.

This week, YouTube launched a new age verification system, marking a significant shift in its approach to protecting creators and their content. Gone are the days of tick boxes asking users to confirm they're over 18; instead, an AI will examine what sorts of videos you've been searching for and watching, and decide based on those whether or not you're an adult.

But while this new system aims to streamline the process, it's raised concerns among content creators. Some are worried that if they submit an ID to prove their age, their real names and addresses may be exposed if their channels are ever compromised.

The Ongoing Problem of Channel Hacks

VTubers, in particular, have been vocal about this issue. These digital avatars are their online identities, and revealing their IRL names, faces, or locations is not an option. However, hackers continue to target creators' channels, often with devastating consequences.

Just last week, VTuber AmatsukaUto's ~600K subscriber channel was hacked and turned into a crypto-shilling farm. The hack lasted for days, and AmatsukaUto's channel went offline before YouTube finally kicked the hackers out and returned it to her.

This is not an isolated incident. Other creators have reported similar experiences, with their channels being compromised and used for malicious purposes.

A Similar Hack Hits Google India's Official YouTube Channel

Earlier this week, the official Google India YouTube channel was hacked—once again by crypto scammers. Like AmatsukaUto's channel, Google India's ended up being pulled offline, but while it was still live, the hackers flooded it with crypto propaganda.

A livestream on the channel, called Michael Saylor: Bitcoin PUMP – Is Bull Run CONFIRMED?! BTC Price Prediction, had around 60 viewers. The screenshot from Android Authority shows just how low the engagement was during this time.

Questions About YouTube's Ability to Keep Creators' Channels and Information Safe

So, how did YouTube discover that its own channel had been compromised? Were its systems not able to recognize unusual activity when the hackers logged in for the first time?

The fact that Google India's channel was hacked raises questions about YouTube's ability to detect hacks in real-time. In the cases of AmatsukaUto and other hacked creators, they've had to go tell YouTube their channels were compromised and wait days for responses.

This delay raises concerns about the effectiveness of YouTube's security measures. If it wants to maintain creators' trust, it needs to find ways to preempt attacks—or, at least, respond more quickly when they've already happened.

What Safeguards Can YouTube Put in Place?

YouTube says that protecting creators' privacy and security is a top priority. However, the company must do more to prevent these kinds of hacks from happening in the first place.

For users who choose to prove their identity with a credit card, YouTube will submit a request for authorization to their bank, and once successful, store the card information on the user's account. The user can manually remove the card anytime they like.

In the case of government IDs, YouTube will look at the ID and then store the user's date of birth on their account. The submitted image of their ID is "deleted a short time after successful verification," YouTube says.

But What About Access to Stored ID Images?

The question remains: if a hacker were able to capture an image of a creator's government ID, could they use it to see their real name and address? We're not cybersecurity experts, but the possibility seems to exist.

We need to know more about how YouTube stores and secures this sensitive information. If creators' channels are being hacked on an ongoing basis, it's time for the platform to take concrete steps to prevent these incidents from happening in the first place.