Guides

Twitch Admin Kanthes Wrote a Guide on how to Handle a Compromised Moderator

Twitch Admin put together a short guide on how to handle a comprised moderator in your Twitch Channel.

If any of the actions below are happening, here is the best way to handle the situation. Keep in mind this is an unofficial guide and Kanthes went out of his way to put this together for the greater good of the community.

  • Is a person mysteriously and repeatedly reappearing after being banned or timed out in your chat?
  • Is your chat being filled by timeout commands seemingly out of nowhere?
  • Is one of your moderators spouting out-of-nature racism and pornographic links?

If so, make sure you follow the guidelines below. Big ups to Kanthes for creating the guide.

Solving this issue is bothersome, but relatively simple:

  1. Unmod all your moderators. To get a list of all your moderators, simply type the “/mods” command. Additionally, you can use this handy tool to unmod all of them at once. This will immediately stop any on-going attack, but will also temporarily disable your moderation.
  2. Secure your account by resetting your password. This will log out all other active sessions, reset your OAuth token, and reset your stream key. Unless they have changed the email your account is connected to or compromised your email account, this will make your account secure again. If you cannot do this or if it doesn’t work you’ll want to contact support, which may take a bit longer.
  3. Re-add your moderators one by one once they’ve secured their own account using the above step. If you find your chat is under attack again after adding one moderator, unmod them to see if it stops. If it does, you’ve pinpointed the problem. Popular moderation bots are generally held to a higher standard of security by their owners, and as such can generally (but not always!) be re-added immediately.

In addition, here’s a few steps you can take to minimize the risk in the future:

  1. Regularly clean your moderator list. Has a moderator been inactive for months? Do you have a bunch of honorary mods? Did you mod your best friend a few months ago? Unmod them. Every additional moderator is an added risk for your channel, so keep them to a minimum.
  2. Enforce use of 2FA among your moderators. While it doesn’t make it impossible for a malicious user to compromise an account, it makes it a hell of a lot harder. Seriously. Use 2FA.
  3. Keep an eye on what apps you’ve authorized on your and your moderators Twitch accounts. You can see which apps have been authorized by scrolling down on this page, and disconnect them with a single click.

To un-mod everyone in your channel at once you can use 3ventic’s script here.

via r/Twitch

About the author

Chris

Chris

Founder & Editor-in-Chief of Streamer News