Why did the world wake up on the morning of April 10th to a changed YouTube?

When the most important song in the Spanish language to make an impact in the English speaking world gets deleted from YouTube, it could be an innocent prank. Where said video used to be, people found a photo of a group of masked and armed individuals, but “Despacito” was not the only video affected by the hack.

The hackers that go by Prosox and Kuroi’sh also hacked other major Vevo channels and changed the titles of hit videos to a message including their nicknames and “free Palestine”. Although one of the hackers tweeted that it had been “just for fun” (see tweet below), there could be a political agenda behind the hack: 

@YouTube Its just for fun i just use script “youtube-change-title-video” and i write “hacked” don t judge me i love youtube <3

— Prosox (@ProsoxW3b) 10 de abril de 2018

The Free Palestine Movement:

According to their website, “The Free Palestine Movement (FPM) is a California-based 501(c)(3) nonprofit organization. We are a human rights organization, have several working groups inside and outside the U.S., are not affiliated with any other organization(s)*, and comply with U.S. and international law”. Although there has not been anything to indicate that the hackers are involved with the movement, the message seems to be linked to it. 

Vevo had already been hacked

Back in November of 2017, a group of hackers known as OurMine leaked documents of the popular video service. As Gizmodo reported, “The leaked cache contains a wide variety of office documents, videos, and other promotional materials. Based on a cursory review, a majority of the files seemed pretty mild—weekly music charts, pre-planned social media content, and various details about the artists under the record companies’ management”.

The same news outlet also wrote that: “OurMine typically hacks people because, well, it can. The group’s primary goal is demonstrating to companies that they have weak security. In this case, the hackers managed to compromise an employee account for Okta, the single sign-on workplace app. Usually they don’t resort to leaking large caches of files—at least to our knowledge—but in this case it sounds like someone may have pissed them off”.

So, perhaps, the Prosox and Kuroi’sh hack had no political agenda behind it. 

YouTube and Vevo respond:

The companies have spoken to the BBC on the matter. A spokeswoman for YouTube has stated for the British Broadcasting Company that: “After seeing unusual upload activity on a handful of Vevo channels, we worked quickly with our partner to disable access while they investigate the issue”. On the other hand, Vevo said that: “We are working to reinstate all videos affected and our catalogue to be restored to full working order. We are continuing to investigate the source of the breach”.

What can we take from this?

Like the Cambridge Analytica scandal proved to us, our information does not appear to be safe online. If a video with over 5 million views on YouTube is not protected from a “silly prank” like this one, everything we have ever posted online, all of our memories, can be easily wiped. And loosing our Facebook pictures should probably be the least of our concerns.

Latin American Post | Laura Rocha Rueda