Forgot password
Enter the email address you used when you joined and we'll send you instructions to reset your password.
If you used Apple or Google to create your account, this process will create a password for your existing account.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Reset password instructions sent. If you have an account with us, you will receive an email within a few minutes.
Something went wrong. Try again or contact support if the problem persists.
Black and white Twitch logo on a purple background
Image via Twitch

Twitch streamers lose chat control after channel extension is hijacked by hackers

The streamers' chat became a chaos of profanity and spam links.

Practically all streamers use extensions on Twitch nowadays, but an incident reminded them bots developed by third parties can cause serious security issues.

Recommended Videos

On Sept. 10, the Pando Twitch extension was removed from the platform due to an exploit found by hackers. They took control of the chat of some streamers to post profanity or spam links.

Streamers discussed the issues and quickly identified Pando as the common link between them. It apparently also involved the Stream Alerts TV extension, which was developed by the same team.

In addition, the extension might have compromised the streamer’s accounts. The issue forced some streamers to cut their livestream short. It happened to all sorts of streamers, regardless of their audience.

Streamer LunaBori saw her chat spammed with threats and a Discord server link. She tried some fixes like disabling bots, but ultimately had to disconnect and restart the livestream. After this, and with bots disabled, she was able to curb the issue.

The developer of the extension quickly reacted to the user’s complaints and removed it from the platform. “The extension has been disabled now but it may be worth logging out and resetting your password to remove active connections just in case,” streamer ADJ wrote.

CVS Gaming, the team that developed the Pando extension, said it worked on an update to curb the issue and fix the exploit found by hackers. “Twitch has already disabled the extension, so there are no further risks for any creators,” the developer told Dot Esports.

It added users might wait for a couple more days since Twitch has to approve the update before it’s introduced to the platform. Stream Alerts TV also doesn’t seem to be working now, which means it might also be under approval for a new update.


Dot Esports is supported by our audience. When you purchase through links on our site, we may earn a small affiliate commission. Learn more about our Affiliate Policy
Author
Image of Eva Martinello
Eva Martinello
Eva is a Staff Writer from Paris. Her part-time job is charging into walls with Reinhardt. She has been covering League of Legends esports and other titles for six years. She still believes in a Moscow Five comeback. She also fell into the MMO pit and covers FFXIV and Genshin.