First and foremost, Welcome to EvilZone. You should think about posting an introduction in the Introduction section on the forum located here:
https://evilzone.org/members-introduction/Secondly, you must visit Dr. m0rph in room 32B (Up the stairs to the left)
Lastly onto your questions.
There are several methods to get access to a youtube account. The most simple way would be a phisher. If you're not careful you could have entered your log in information into a website called a "phisher" which will look like a common website, however when you enter your user name and password, that information gets inputed into a text file and there are your log in details.
Another possibility is malware called a stealer. If you save user names and logins there are several applications that can be used to get those either uploaded to a ftp server or even emailed to the attacker. This can happen a lot of different ways, simply downloading and running an application or visiting a malicious website that could have Java Drive By's, as well as other types of exploits to automatically download and execute software on your machine without your knowledge.
Yet another possibility would be a keylogger, there are hardware as well as software keyloggers that work similar to a stealer, however it logs all keystrokes instead of looking for saved passwords.
Another possibility would be Social Engineering in which the attacker tricked you into giving your user name and password. Or possibly get the information required for the security checks to reset the password.
The last possibility I can think of right now is someone sniffing unencrypted traffic over a wifi network. Say you go to starbucks and log into your youtube account, however the guy sitting in the corner with ethercap and other applications are sniffing all traffic going in and out of the router harvesting usernames and passwords.
------------
Now how to not have it happen again? There are several options.
1. Do not use open wifi networks/hotspots you never know who is on there
2. Make a habit for checking the URL making sure its hosted on the site... be careful when looking though a lot of attackers will use URLs that look similar (for example y0utube.com or even youtube.somesite.com)
3. Do not let your browser save your passwords
4. Never give your login information to anyone even if they claim to be part of a service, they will never ask for it.
5. Make sure to have good anti-virus software installed on your windows computer (ESET, AVG, Avast, are decent enough) OR run a nice linux distribution such as Ubuntu (great for beginners)
Without more information this is all I can give you
