In one of the more bizarre incidents to hit YouTube, the most popular video of all time briefly disappeared from the platform on Tuesday. The title and thumbnail of the image also seemingly changed.
At the time of writing, Luis Fonsi and Daddy Yankee’s “Despacito”, has over 5 billion views.
“This video has been removed by the user,” a banner on the video’s page read earlier on Tuesday.
It appears hackers may have hijacked the Luis Fonsi YouTube account. At the time of writing, the title on the video page itself includes the phrase “hacked by” and then shout-outs to several different handles.
Hackers may have also changed the titles of other popular music videos. The Hacker News tweeted screenshots showing the tweaked title of a video from popstar Shakira, as well as the Despacito video before it was removed. However, at the time of writing there are no alterations to video titles on Shakira’s official YouTube channel, and it is trivial to fake these sorts of screenshots by changing some of the loaded HTML code in a browser.
Those title changes include the handles ‘Kuroi’SH’ and ‘Prosox’. This monikers were also linked to recent hijackings of media outlet Twitter accounts. Last Friday, hackers targeted the accounts for Now This News and BBC Arabic Alerts and pushed a stream of inoffensive but probably not authorized tweets. (The hackers at one point said I was the one that hacked the Now This News account; just to clarify, I did not).
A Twitter user with one of the same handles claimed they would also be targeting YouTube star Logan Paul, but at the time of writing nothing seems unusual about his account or videos.
In 2016, unsophisticated hackers targeted a slew of high profile social media accounts, including the Twitter and Pinterest of Facebook CEO Mark Zuckerberg.
A YouTube spokesperson told Motherboard in a statement, "After seeing unusual upload activity on a handful of VEVO channels, we worked quickly with our partner to disable access while they investigate the issue."
A spokesperson from VEVO added in their own statement “Vevo can confirm that a number of videos in its catalogue were subject to a security breach today, which has now been contained. We are working to reinstate all videos affected and our catalogue to be restored to full working order. We are continuing to investigate the source of the breach.” The spokesperson did not answer questions such as whether this account takeover was due to password reuse, or whether any of the affected accounts had multi-factor authentication.
Update: This piece has been updated to include comment from YouTube and VEVO.