Gustavo Ripa channel (a legitimate Uruguayan musician/guitarist with older albums like Calma from ~2010 and ~12K subscribers) is currently (June 14 2026) being used to host live streams about “Elon Musk’s First Trillion-Dollar Interview: SpaceX IPO & SPCX Target Price.”
This guy has never had any live streams before and his first live stream is about Elon Musk. If he did do a livestream for his music he would have a few hundred views. Somehow the AI scammers pumped it up to 16000 supposedly on the livestream. This video creator account is going to get banned and it will take weeks, months or years or never to get it back. Tens of thousands are similarly hacked. AI is making this easier for the criminals.
What is wrong with the recommendation engine? Legitimate sites hosting the same Elon Musk interview when it was happening would get less engagement. Youtube is over engaging bad content.
A creator should be able to lock out live streams and other features that do not plan to use. The default should be normal operation and make it harder to convert into a platform for the scammers. This is like putting a credit freeze on credit reports to prevent opening new loans.
The crypto/investment scam pattern that has been rampant for years. In 2021, Google’s Threat Analysis Group publicly detailed a large-scale phishing + cookie-theft malware campaign specifically targeting YouTube creators. They identified over 1,000 malicious domains built for this purpose and associated ~15,000 attacker email accounts. Thousands of creators (particularly gaming, tech, and news channels) reported hijackings between 2023–2025. Creators and those fooled by the scams are both victims.
High-profile examples include Linus Tech Tips channels (2023), a major Australian news channel and countless smaller ones including Nextbigfuture last month.
Hijackers frequently repurpose channels for live crypto scams, often featuring deepfakes or impersonations of Elon Musk, Tesla, or SpaceX — exactly as shown in your screenshot. These streams can pull in thousands of viewers quickly because the channel already has an established audience and trust signals. I would note that I have never had a livestream with more than 300-1000 viewers.
For music/guitarist channels like Gustavo Ripa’s: They are less frequently targeted than high-engagement gaming or tech channels, but they are still vulnerable. Any channel with subscribers, watch time, or monetization history has value to hijackers — either for running scam lives or selling access. Small-to-mid-size channels (10K–100K subs) get hit when owners fall for phishing, reuse passwords, or have session cookies stolen via malware.
Why doesn’t YouTube/Google require 2FA specifically for video uploads? They say it is hastle but I have to fill out 5 screens full of settings and descriptions. Adding a final authentication step is trivial and would add 5% to time. I do it all the time for everything on my bank account and on things in my stock trading account. Protecting youtube revenue can be larger than bank accounts or loan scams.
It can be optional the youtube channel that is monetized have an admin setting for 2FA for uploads.
This is not just security on the login but the upload.
There are occasional “Verify it’s you” prompts on suspicious activity.
The real weaknesses that hijackers exploit. Phishing sites that steal passwords + session cookies and bypass login 2FA.
Malware that steals active sessions.
Users who never enable 2FA or use weak/SMS-based 2FA (vulnerable to SIM-swapping).
Social engineering (“You won a brand deal — click here to verify”).
Youtube and google need to put in the effort align with how banks and other high-value platforms handle risk.
1. Stronger verification on critical actions (uploads + user additions)
Require re-authentication (password + 2FA/passkey) for first upload of the day or live stream of the day. Enable lockouts on livestream and other features. Enable accounts to opt for higher security.
Sudden major content shifts (detected by AI comparing to channel history).
Adding or changing channel managers/collaborators on Brand Accounts.
Freeze mode for user additions: When someone tries to add a new manager, put a 24–48 hour pending period. Notify the primary owner via email + in-app notification + recovery phone. New managers have limited permissions during this window (no name/banner changes, no monetization edits, etc.). This is very similar to how banks handle adding authorized users or large transfers.
2. Better hijacking detection using account history
YouTube already has behavioral signals. They should weight them more heavily for long-history channels:Consistent niche + upload style for years → high “trust score.”
Sudden deletion of old videos, name/banner changes, or completely different content (guitar music → Elon Musk crypto live) → strong red flag.
IP/location changes + new live streams at odd hours.
Long clean history should trigger priority owner recovery and temporary restrictions on the hijacker (elive streams paused, new uploads reviewed before going public) instead of immediate strikes or termination that punish the victim.
3. Improve the reporting dropdown (simple change)
Add a clear option:“This channel appears hijacked or taken over” (with sub-reasons: sudden unrelated content, scam live stream, old videos deleted, name changed without warning, etc.).
When multiple reports come in on a channel with a long clean history.
Auto-flag for human + AI review.
Temporarily limit new lives/uploads.
Attempt to contact the original owner via all known recovery methods.
Quarantine the suspicious content instead of immediately punishing the entire channel.
Banning/striking the channel hurts the victim, not the hijacker.
Hijackers don’t care if the channel gets terminated — they just move to the next compromised account.
4. Community + history signals to reduce overreactions
Internally track a “Creator Trust Score” based on
Channel age and consistency.
History of positive engagement from long-term subscribers.
No prior violations.
Long-trusted creators get faster recovery paths and more protection against hasty termination.
Allow verified long-time subscribers (or a “channel alumni” system) to flag suspicious activity on channels they follow, adding another signal without opening it to abuse.
What creators (and viewers) should do right now
For channel owners:Enable 2-Step Verification today with a passkey or authenticator app (not SMS).
Use a strong, unique password + password manager.
Never click links in emails/DMs claiming to be from YouTube, brands, or “support.”
Regularly check your channel from another device/browser.
Back up your videos locally.
If your (or someone’s) channel is hijacked
Go to Google’s hacked account recovery flow immediately.
YouTube’s official recovery page has a form, but support is limited to incidents within the last 9 months.
The core issue is that hijackers treat channels as disposable tools for quick scams. Better prevention at login + smarter detection that protects long-history creators + easier reporting focused on “hijacking” rather than just “spam” would go a long way.
Brian Wang is a Futurist Thought Leader and a popular Science blogger with 1 million readers per month. His blog Nextbigfuture.com is ranked #1 Science News Blog. It covers many disruptive technology and trends including Space, Robotics, Artificial Intelligence, Medicine, Anti-aging Biotechnology, and Nanotechnology.
Known for identifying cutting edge technologies, he is currently a Co-Founder of a startup and fundraiser for high potential early-stage companies. He is the Head of Research for Allocations for deep technology investments and an Angel Investor at Space Angels.
A frequent speaker at corporations, he has been a TEDx speaker, a Singularity University speaker and guest at numerous interviews for radio and podcasts. He is open to public speaking and advising engagements.
