Since it’s not summer 2017 anymore, you probably haven’t watched the music video for Luis Fonsi and Daddy Yankee’s hit “Despacito” recently. And that may be just as well. The reigning most-viewed YouTube video was vandalized and then taken off the platform for a few hours on Tuesday morning after hackers infiltrated the account that hosted it.
Other well-known videos by artists like Drake, Katy Perry, Taylor Swift, and Shakira were defaced as well by attackers calling themselves “Prosox” and “Kuroi’sh,” who threatened that they would go after other YouTube channels as well. The music video distribution partnership Vevo confirmed to WIRED that “a number of videos in its catalogue were subject to a security breach today, which has now been contained. We are working to reinstate all videos affected and ... are continuing to investigate the source of the breach.”
The attackers replaced some of the music videos with violent images, as with Despacito, which showed gang imagery from the Netflix series “Casa de Papel” before the attackers took the video down. It has since been reinstated, along with its 5 billion views.
YouTube says that the platform itself wasn’t breached. “After seeing unusual upload activity on a handful of VEVO channels, we worked quickly with our partner to disable access while they investigate the issue,” a spokesperson told WIRED. The attackers infiltrated one or more Vevo YouTube accounts rather than attacking the platform as a whole.
'If someone had actually broken into the YouTube platform, that would be valuable.'
Chris Weber, Casaba Security
How, then, did Despacito disappear? That's still unclear. But it wouldn’t be the first time a prominent account wasn’t protected by two-factor authentication, allowing attackers to guess the password or obtain it through social engineering attacks like phishing. But even two-factor isn't foolproof