The Indian companies whose YouTube accounts were compromised included CoinDCX, CoinSwitch Kuber, WazirX and Unocoin.
Several Indian exchanges told ET that they had conducted internal investigations and found there was no suspicious activity – such as a change of password — on their accounts prior to the hack. WazirX said it has contacted YouTube and is awaiting a response.
“There was a systematic hack on several crypto YouTube accounts around the world. Fortunately, our team caught the fraudulent video within seven minutes of going live on our channel and deleted it. On conducting a diagnosis, we did not find any security flaw from WazirX’s end that could have given hackers access to our channel,” Rajagopal Menon, vice president for marketing at WazirX, said in a statement.
YouTube did not immediately respond to ET’s queries.
A CoinDCX spokesperson tweeted on Monday, “Our security team was swift in identifying and taking down the fraudulent video posted on CoinDCX’s channel, limiting the video’s reach. For the few of our subscribers who saw the video before it was removed, please disregard all of its content.”
Discover the stories of your interest
🧵Thread 1/5 – YouTube’s crypto community, including CoinDCX, was earlier targeted by hackers, which saw the publication of bogus videos.
— CoinDCX: Making Crypto Accessible to Indians (@CoinDCX) 1643023252000
Cyber security expert Rajshekhar Rajaharia said the incident may have been due to the integration of compromised accounts with third-party application programming interfaces (API) used for live streaming. An API is a type of software that allows two other pieces of software (apps) to talk to each other.
In December, Prime Minister
Narendra Modi’s Twitter account was briefly compromised. A hacker tweeted from it that India has “officially adopted bitcoin as legal tender” and that “the government has officially bought 500 BTC and is distributing them to all residents of the country”. In September 2020, the Twitter account that updates PM Modi’s personal website and mobile app was hacked by an unknown group.