How to not get hacked: real example
HTML-код
- Опубликовано: 3 авг 2023
- I have been consistently spammed with infostealer malware links on google drive designed to steal my login credentials and hack my RUclips account. Here's an in-depth analysis of the technique and how to not get hacked. Join a live Q&A with me on Discord: discord.gg/MgBm5sy9?event=113...
Get Crowdsec to stop DDoS and brute force attacks: www.crowdsec.net/?mtm_campaig... (sponsor)
Buy the best antivirus: thepcsecuritychannel.com/best...
Join the discussion on Discord: discord.tpsc.tech/
Get your business endpoints tested by us: tpsc.tech/
Contact us for business: thepcsecuritychannel.com/contact 
Наука
Thanks a ton. I have seen many videos like these but this one helped me up my knowledge by large also I was glued for the entire 13mins. It has all a user needs to know. More important complicated things explained in an easy way. I liked the crowd sec mention
...And he still made money from the sponsorship :)
@@user-mn7ot9bf1usmart man
🔥مرشحه الرئاسه التونسيه ترد على المتطاولين على المصريين من الدول الناشئه
⭕️يا مصـــــــــرى.. لما حد يقولك انت منين
⭕️رد عليه قوله انا من البلد اللي فيها
الفلسطيني والعراقي والسوري والليبي واليمني والسوداني عايشين فيها و مفيهاش مخيمات
⭕️قوله انا من البلد اللي ياما كست و علفت
و لبست حافيين من غير مقابل
⭕️قوله انا من البلد اللي مفتوحه لكل اللي بيسعي ع شغل و اكل عيش مهماكانت جنسيته و من غير كفيل
⭕️قوله انا من البلد اللي حررت ارضها بدم ولادها مطلبتش من حد يموت عشان يحررها
⭕️قوله انا من البلد اللي استقبلتكم كلكم لاجئين و لما اتحرقت ف العدوان الثلاثي محدش من اهلها لجأ لحد بره حدودها
⭕️قوله انا من البلد اللي جدودها بالدهب مدفونين .....
⭕️قوله انا من البلداللي مفيهاش عيل قفل حمام ع ابوه و خد منه الكرسي
⭕️ولا فيها ولاد منها في الصحرا "بدون" جنسية مرميين ....
⭕️قوله انا من البلد اللي آوت المسيح و امه
و نصفت يوسف بعد ما اخواته فالجب رموه
⭕️قوله انا م البلد اللي شعبها كله جيش وجيشها خير جنود الارض ...
⭕️قوله انا من البلد اللي قامت فيها ثورتين ولسه اللي يلمس طرف مجدي يعقوب فيها بسنانهم ياكلوه
قوله انا من مصـــــــــر ام الدنيا 🇪🇬🔥🇪🇬
⭕️لو لم أكن تونسية لطلبت من الله أن أكون مصـــــــــريه
حفظ الله مصـــــــــر 🇪🇬❤️🇪🇬Omar Hashish
"Japanese website"
All that geekiness and still can't differentiate languages. Lmao
@@chrisdawson1776 Its like he only knows the things he knows, i know, unfathomable.
And this is why Windows shouldn't hide file extensions by default.
Even this can bypassed(kinda) by using text-inverter characters
and this is why you should avoid windows altogether
@@abhisheksinghsolanki3750 how so?
@@DragoNate ThioJoe made a video about it. Basically some languages write from right-to-left instead of left-to-right as in English. To achieve right-to-left, a special character is used. This can be exploited to show fake extension of file in the display name
Edit: In "properties" it will correctly show "executable" but in display name it will show different
Edit: Like this
text:"fdp.file.exe", an executable
it will display as this(this contains the special character, you can copy it and try): ""fdp.file.exe
makes me mad that windows is moving to be like macos w none of its benefits and all of its downsides
In case anyone's curious why Screensaver files are executables: they're not videos, they're programs that run in real time on your pc
just think it as a script, but even so the windows name / icon formatting is kinda bad by showing as pdf, xls, etc
@@kingofstrike1234 windows isn't showing it as those files, that's what the scammer has told the system it looks like.
you can also make "windows show it as" another file type by putting .pdf before the .scr - if file extensions are hidden, you'll think it's a pdf.
but that isn't windows' fault. and believe me, i'll criticize windows and complain about it for every little tiny thing.
I wonder what the thinking was behind letting SCR files have all the privileges, reminds me of Visual Basic scripts in Word and font preview pane in Explorer. What was the developers thinking; wouldn't it be nice if you could install a screen saver from Word and then let that screen saver create an admin account.
Some of the weaknesses in Windows stems from Windows 1.0, and I'm guessing most of the code. That's a joke but I'm also kinda serious. It makes sense because the developers lived through the hippie era, peace & love (maaan).
Oh wow, this one actually makes me feel old. 😢
@@uniktbrukernavnexactly. why did the devs decide to let a screensaver file's code have basically the same power as a normal programming language?
Actually that website was a legit Korean website, and the kakao email adress domain is like a South Korean gmail, it's the standard there. When a regular person has that it's nothing to worry about, but when a company uses that in their official email instead of a company domain it's definitely something that should set off some alarm bells.
Meanwhile in some countries, we have legit businesses, larges institution, academic orgs, and even countless government agencies proudly sporting Gmail address as their official mail.
But now with chat gpt it would be quite easy to create a fake website filled with company infos etc.
@@jonathaningram8157 yup, almost fell for a scam involving a translation job from english to spanish, there was no malware involved but the "company" that wanted me to work at had this somewhat impressive webpage, or at least on the front-end cause most links were broken and the address was on some non-existant place in Canada.
Probably the email has been spoofed
Lots of small businesses use Gmail as their official address. Large businesses have the option to have Google host the e-mail for their domain, either on the GMail platform or just in the cloud.@@NopWorks
Ah yes.. I love opening screensaver files.
Me omw: to open a .scr file thats about 500mb
@@Freegame4.Don't worry guys it's just a really cool screensaver!
So you have chosen death.
As many people pointed out already, that's Korean not Japanese. Here's a quick way to tell CJK (Chinese, Japanese, Korean) characters apart for all English speaker out there. A) If it has lots of circle, it's Korean. B) If it has lots of line and square and the character looks "blocky" and "complicate", that's Chinese. C) If it's not of the first two and it has lots of curvy character mixed in with some square and line, that's Japanese. The Chinese and Japanese is a bit tricky because Japanese do mix character from Chinese (Kanji) in their language. However, the Japanese character will standout from the Chinese one, they will look less "blocky" and "less complicated" and has lots of curve line. Hope you learn something new!
Bookmark comment later
Chinese characters have lot of corners and less curves, japanese characters have frequent curves. Japanese looks like it is in Comic Sans by default
Edit: About japanese, there are 3 systems(?), Hiragana(like あ) has frequent curves, Katakana has less curves. But both look like Comic Sans to me. These two are most popular.
@@abhisheksinghsolanki3750"Japanese looks like comic sans by default" is a great way to put it!
@@abhisheksinghsolanki3750I absolutely do not understand why Chinese insist on writing their characters in sharp angled & outdated looking font when Japanese already moved on to a tidier font that's easier on the eyes, even though they share lots of the characters.
Japanese have actually three character sets. They derive more complex Concepts with Chinese characters and they use syllabaries to phonetically spell out words. One syllabary for Japanese words is hiragana. For foreign words they use katakana. Katakana is much more sharp and angular looking whereas hiragana has much more rounded curves to the letter forms.
So let me get this straight. The hackers decided to try and scam a youtube channel by the name "The PC Security Channel" and thought you were an easy target. I'd be offended!!
they were hoping he'd be caught off guard.
Jim Browning, the guy most famous for scambaiting and shutting down entire scam operations, fell victim to one last year I think having his youtube channel removed.
the important thing to remember is that ANYONE can be scammed. even the people who are extremely extremely careful about security, even the best of the best who have so far never been scammed.
once you think you're invulnerable, you become _more_ vulnerable.
"You only have to lose once."
I mean... it would be very ironic wouldn't it?
Like Linus Tech Tips?
@@randompost78154 theres a video about that on this channel
I've made some pretty suboptimal PDFs in my time, but 600+ mb for a PDF would be a huge warning bell for me.
Kakao is Korean. Its like Whatsapp.
Correction on 1:07
that is a South Korean website
Edge even says it's detected a page in Korean, haha.
It's an honest mistake.
This RUclipsr is from UK. Its not easy to tell Chinese and Japanese characters nor Chinese and Taiwanese characters or Vietnamese or Thailand characters.
It's going to be the same for Asians, they'll mostly treat every English speakers as Americans when English originated from England.
We will be doing a live discord event tomorrow associated with this video, feel free to join in here: discord.com/invite/MgBm5sy9?event=1136673606273871983
Hey is there a video or link with all of the tools you use? If not, would you do a video showing us all the tools you use and links where to download them?
they tried to hack the wrong man
The sudo command didn't work, but I just asked ChatGPT to give me instructions on how to install the sudo command and WSL
Bruh, I can’t be there 😫😩 - By Juls
Can we get hacked by a pdf file?
I was already aware of this information partially in thanks to your channel, but it is always good to be reminded in order to stay sharp of real and ominous threats that are just a single click and slip of the mind away.
I love your videos, TPSC! Keep them up!
I've been having the exact same email myself (amongst many similar others) , I swiftly block and delete.. another great informative video. keep these up )
Thank you for the video. I already knew about all this but still stuck because you go straight to the point and don't waste the viewer's time, unlike those videos where there's a 4-minute intro asking you in 15 different ways whether you were hacked before.
You called korean japanese..
uh crap, there was another japanese one and I thought this was similar, my bad.
Love the channel, thank you for all the knowledge
I love this channel. As someone starting my bachelors in cybersecurity I love learning about this.
Exactly the Same over here bro!
Thank a million 👍🏻. As someone currently studying cyber security. This video is actually helpful.
From the privacy perspective it's nice to see that Google has problems with scanning big files. Also using a pdf icon as an icon for an executable is very smart I never thought about how easy that could be done (probably because I never made actual maleware, If I would would have to think about the icon at some point).
It's not that it has problems is that they won't place the resources on scanning random files that are too big because that costs money, they still archive and store copies of your data anyway.
pdf icon is the oldest trick in the book
@@ieatthighsfr imagine pdf icon doc.exe no one falling for that
Why is it nice that google has problems with scanning big files?
@@SqualidsargeStudios they won't gather info about your files
Found your channel today, Really enjoying it!
Thanks for sharing. A very helpful and clear explanation of what the scammers are up to.
Great Tips! For someone who isnt into Tech, these are good Tips and examples. I really appreciate this Video!!!
Great video as always. As to the people who says you go to in depth and would never do some of the things you show doing your videos, well then they shouldn't watch these videos! Leo you are here to educate and impart some of your knowledge and experience to help "The lay people" (i.e. me) understand a little more about cybersecurity. Secondly, to impart some experience and provide examples of real life threats to students of Cybersecurity and Network Administrators. I am treating this as a hobby while learning to strengthen my own families' Cybersecurity posture. So Thanks for all you do Leo.
Also with regards to ChatGPT, yeah thanks! Seems like the unintended (or maybe intentional) consequence of its creation is to help cyber criminals. :(
These are some awesome tips for someone that hasn't seen a piece of malware that mimics a pdf. I did an incident response scenario for the first time and kept seeing that MZ on the malicious files and sad to say I didn't know that about pexe files but I knew it was malicious.
With regard to the 600 megabytes of all zeros.
It seems to me that if you zip the 650 mb, file it would compress down to about the actual code size.
This extreme compression could give a big clue about what the heck it is.
Yes, it would encode the number of zeros it was removing, you are correct
Yeah. But antimalware solutions don't do this because you still have to read the entire file and count up all those zeroes in order to compress it down, and it would take a long time and CPU horsepower the user might actually want.
And even if you did, malware makers could just replace the filler pattern with anything else that happens to compress well. Now, if an AV could check inside already compressed files and perform the analysis without resorting to decompression, eg, by applying the compression to its own malware database and checking compressed patterns against compressed patterns, maybe you could get somewhere. Encrypted files would throw all of that work out the window, though. But when the user types in the password to decrypt the file, that gives the AV the opportunity to intercept the file's password in memory and analyze the file before the user has the chance to decompress, let alone execute it.
This is in no way trivial, as you would need specialized versions of all the heuristics, reengineered to work with compressed data directly. And you would need to do this for every major compression format out there. Fortunately as all lossless compression formats are wholly deterministic, it is at least theoretically possible to do this. I doubt any AVs would, though. It'd be pretty costly and difficult to do this, let alone maintain and support.
@@3lH4ck3rC0mf0r7 you said ' by applying the compression to its own malware database and checking compressed patterns', that's not how signatures work, signatures are a set of rules
Nope, not for log files!
I've seen gigabytes of system log get crushed into a 12 meg ball, since 99.9% of the text is identical, it can get pretty small by only keeping one copy of the recurring lines, and just counting the number of times it repeats!
awesome video, i learn a lot with you!! Greetings from BRAZIL!
Great stuff keep up the good work
love this channel keep it up
This channel is basically a public utility for youtubers specially
Amazing tutorial my friend.
What a fabulous explanation.
Great informative video. Thanks
Well even for a layman, rule of thumb is if an agreement document is 600+ mb while it should be 20 megs tops (and that's generous) - somethings up.
Simple rule to follow
I agree, but you're assuming a layman understands file sizes. A lot of people don't understand it and don't care to do so.
@@JJFlores197 srsly???... i guess my definition of a layman was to generous ;-/
@@pwilkutowski Have you ever worked in IT support or provided tech support to people? You would be surprised at the amount of stuff regular computer users don't understand about technology.
From this video. How to exact without downloading?
Right off the bat, that opening line is a Chinese greeting
Likely AI used
as I put on screen, thanks Chat-GPT!
In any case, we, or at least I, don't speak like that though.
"High spirits." isn't something I'd say in an email. (Maybe that's just me.)
Thank you. This was quite useful when just dipping your toes into security.
thank you for all this info.
Shoutout to Japanese, my favorite Korean language of all time
Bottom line -
1. enable “show file extension” in explorer.
2. Don’t run files with extensions such as exe com scr bat files unless you known what they actually are.
Very helpful video, thank you
This is helpful. I've always wanted to touch into analyzing files to check if they're malicious. Having this in the back of my head will probably be helpfull if employees call in with suspicious files
I had an AI generate a couple videos for me on that exact topic.
moral of the story. *Have a Hex editor*
If I received an unsolicited email from an unknown sender, I'd immediately delete it. On top of that, if the attachment was any bigger than a 1 or 2 Mb and didn't have an ext that I would expect like in this case a pdf - I'd be even more suspicious. Even then, sending a contract without even contacting you directly to discuss the matter is very odd, setting off even more red flags and alarms!
The danger is if you are busy and wading through tons of email. The best first line of defense and safeguard would be to use a mail filtering gateway like mimecast. They would pick up and flag 99.9% of all questionable incoming mail and hold all email from unknown sources - prior to release.
Changing a single value, Microsoft could greatly reduce the success rate of these attacks, but file extensions are just too unsightly to be visible by default.
Would be nice with a antivirus comparison of the 658MB file. E.g. how does kapersky, eset etc handle the file when it’s downloaded and also when it is executed.
YES. this is what I was thinking while watching the video. How would Kaspersky deal with this?
anyone?
got answered ?
@@defnotatrollit force deletes it 😉
Thank you for sharing this, super insightful and helpful. Can you please let me know what material you studied to become a malware analyst?
Heavily obfuscated / self written malware usually not getting detected in one drive or any other drive / cloud services... All in all still a good example!
Excellent video and tutorial, thanks.
we need to reestructure the way we interact with file execution / command execution. We need a persistent shield watching the onmouse over and onmouseclick events, not allowing user to "execute" a command, before the destination of that "click" to be scanned. I was trying to implement a python-based resident shield that disables all execution commands at startup and only allows the click, after checking its after events. Tried to manage the virustotal api to do the hard work. Im still developing it, hard, but on the go
Can you do a video where you talk about how you get into the malware analysis field as a job? What positions to look at right out of college etc?
to make it obvious since it was not clearly stated. do not doubbleclick to run files / scripts from unkown sources. since this is what they want. always when you recieve files like this think first about what it truly is. the default application is what "they" want their script to run with.
This makes me want to get rid of all my email accounts and throw out my phones... Mahalo for bringing all this to our attention.
Does it? Because I see this and am thankful that it's still so obvious. If you spend 30 seconds looking for the common red flags, scams like this aren't all that clever. Hell, just the fact an agreement form is 600+ MB should make anyone with basic computer knowledge pause. Then of course it's titled "Kappa" which is a very common meme these days indicating a troll or sarcasm. I wouldn't expect everyone to know that but a quick Google search would point this out immediately.
The acceptable email formatting is really the only significant improvement I see. Everything else isn't much better than it was a decade ago.
@@JJFX- For boring, irrelevant geezers such as I, for my email, it's "Select All" and then "Delete." Not really an issue. Being irrelevant, it's safe for me to assume that all my emails are irrelevant. The phones sit in a drawer somewhere, their SIM cards removed and discarded from disuse. Keeps the phones at bay yet out of landfills. Can't legally chuck a phone out, so mine are good for watching RUclips and listening to music. I do not envy the people for whom their phones are their lives...
@@jimcabezola3051 I hear you, honestly that's a good way to do it if you have reason to believe most email isn't relevant. I'm not the freshest fruit on the vine either, I'm simply saying that it's not as cunning as this video may make it seem. Even if you get an email from an old friend you recognize, just don't download anything without looking for obvious indicators. Picture and videos are typically safe to at least view in a browser but approach anything requiring a download with skepticism.
What you're doing with old phones is great. I wish more people wouldn't use their primary devices for everything. Just make sure the browsers aren't horribly outdated and avoid clicking anything requesting access like notifications. Just never login to critical accounts on a device with questionable security but it sounds like you're already more careful than most people.
Believe it or not, computers these days aren't as dangerous as they seem. Most exploits require some participation on your part beyond just visiting sites or even downloading something. Simply avoiding as much of it as possible is actually more secure than installing a bunch of anti-virus programs.
@@jimcabezola3051
You're not irrelevant, love yourself NOW!
Increased my confidence that I did the exact same steps as you did, though I am guessing you left a lot of the technical stuff out as well, is there any resources you can point me too?
Hi Leo, as far as I know on a lot of the antiviruses you can tweak the setting of the size of files you're scanning. This way the scanner can look at what's inside zip file at any size.
That’s neat. Do you know if this works on windows defender?
@@seinodernichtsein8710sadly, no, since Defender is designed to be a product for all users, even those who know almost nothing about computers, and don't even know they need and should want protection - which is why you can't really customize anything. It's basically a set and forget program, but without the "set" part.
Hmmm. This comment shows 5 replies. But when I open it up there's only one. Plus mine if it shows up.
@@henryD9363 you should see comments by @seinodernichtsein8710 and me ( @the-Gammaron )
@@henryD9363 tell me if you see my other 2 comments (you can type random letters if you wanna)
Thanks for sharing.
I really really enjoyed this video .
Why don't these anti-virus's see if the file is full of empty space? If we can manually check to see where the tail end is, I'm sure an AV could as well. Then It could truncate it and scan it as needed.
I think you should have had a bit at the end showing where to get those tools and how to know if they are the legit versions.
And mention at the start that you’ll give those instructions at the end.
Great and informative video! What Windows theme are you using?
Hello I have a few questions regarding another video you've done that sort of relates back to this one.
Have you heard about the new exploit " bleedingpipe " on modded minecraft, and are you going to make a video discussing that?
Are minecraft mods from modrinth, or curseforge still dangerous to download and run?
What is your opinion on the frequency of attacks being launched against Users using mods?
What are the best options that you would personally use to defend yourself against harmful programs that are currently undetected, ready to be deployed as zero days against consumers?
Thanks, Leo!
One more question, could they use unprintable character codes that will affect text order or visibility of other characters to spoof the extension of the file?
I would like to see a test between f-secure Bitdefender and Malwarebytes
Thanks a lot bro, very useful.
Wow, I learned a lot from this video.
Also that’s why you enable all the eventlogs audit logging. If you parse those logs you’ll get a very detailed idea about what happened.
Ransomware deletes event logs after the dirty deed is done.
@@keepanopenmindlookatallthe2540 setup some script that automatically copies them somewhere or sends them idk
but that might also do nothing, waste resources, be unreliable. never tried it.
@@keepanopenmindlookatallthe2540 - not all ransomware does, just like not all malware does. It depends on the actual ransomware/malware and what it's designed to do.
@@mcdazz2011 And whether it really wants to prompt the administrator dialog (suspicious) instead of just phishing your MetaMask credentials while staying sneakily in userspace.
Loved the video, could you breifly teach us on how exactly do we use the HxD properly for analysis, i could not find a good video about it.
Funny, Atomic Shrimp uploaded a video today that also had this scam briefly mentioned. Thanks for sharing!
Probably bulk-sent to a bunch of RUclipsr's email. Doesn't take too long for a less tech-savvy channel to fail for it.
Thankfully, they sent it to the wrong channel here, once a a malware analyst make a video about it, more channel are going to be aware of it.
Could you do "cat file" in linux and would serve the same way as with that editor you're using kn windows?
Amazing video
This is why i dont answer these emails
When you opened the file with Process Explorer, it didn't show up, so it means that there might be viruses on a PC and even with Process Explorer it's difficult to detect them? I am new to this so sorry for this "nooby" question. Yesterday I did a full scan on my PC with Windows Defender and tried to look for malicious files in Process Explorer and found nothing. Now I ain't sure if my computer is clean because of this...
Windows should add an option to give the file extension another colour, that way you can’t get tricked with a RTLO character.
Tech channels have been hit with this... what they need to do is have a big disclaimer when SCR files are used... "Warning, this is trying to run a screensaver program, do you want to proceed?" Should be enough to get most people... but sadly there are many people who don't bother reading a message on the screen.
Thats why I disable opening remote images setting in my email setting.
Hello. Can you recommend some good real time malware scanners you were talking about. Thank you. I just found your channel and this is very good.
The best way to not get hacked is to have common sense
I really miss your AV test videos, I keep waiting for one but they don't seem to happen anymore. Am I the only one who wants to see tests of 2023 AV vs malwares?
thanks for the video although it was a bit intimidating to me.🙂
but basically what I understood that to have a VM dedicated for that subject would be safer for the PC
but what about my network and the router will they be easy to attack or is it safe?🤔
It still baffles me that Adobe do not enable security on their Adobe Reader by default. I do not use Adobe reader because it literally sucks at protecting against infected documents, thus I use another PDF reader that actually encapsulates each document it opens to not have system access and I use Avast but with Hardened Mode enabled. This is probably the best option to enable because it literally blocks everything (all ransomware I have tested so far) that just looks at it sideways.
Well done
What makes this analysis scary to do is the fact my mouse have tendency to double click on accident..
Same lol i need a new mouse
I was wondering are all malwares downloaded need to be executed in order for them to work ? Or some by just downloading them on your system you get hacked ?
Because I have downloaded Unreal Engine Project from github and got hacked not sure it was the source of the malware or not.
So although I use vmwarepro to Loren suspect files ect what do you think of Windows Sandbox?
I have used sandboxie to do my browsing and installing of unknown software etc but was curious what the strength/quality of Windows Sandbox is. Thoughts?
The domain is THE MOST important red flag. I don't care if you are from a real PR firm. If your employer/client does not provide you with a legitimate e-mail address within his native domain, your e-mails are going straight to SPAM folder, without even reading them.
What is more scary is that sometimes real/serious companies send marketing e-mails that are either badly written as if they were actually spam/phishing or embed links that point to some doggy looking domains, or both. Those e-mails make it somewhat hard to judge if the e-mails are real or somehow fake.
Of course any attachment with a fake extension is an immediate red-flag, no matter what the e-mail domain is but a word/excel/pdf file could be a real dilemma and a threat that is hard to asses on the spot.
Would you mind testing some other systems? Like phones. And tablets, macs etc ?
Yooo thank you !
7:00 im soooo proud of myself for understanding what you talking about
Thanks my friend, unfortunately this has NOTHiNG to be new. It is a very old and basic method that exist for more than 10years already.
I have being doing this since and way more analyzing since 2012.
Still..its a good video to show the only first very easy steps into the process of analyzing completely a file execution stages.
Good stuff
They did the same thing with me, offering the collab to advertise a little bit on my video and they sent the agreement and the video but I click on it and my system told me it was password stealer malware or virus but it was too late. So I don't know what to do, they hide it in the winzar or something. So I tried to do the whole fresh window install.
thank you for the great explanation of this problem
should sell this video to corporates, this video alone would save them hundreds of thousands on cyber attacks
The easiest way is to check that when ure downloading, usually site will show u the file extension. Just be careful if anything is not .pdf. If download site only shows .pdf and when downloaded to PC if u see a visible .pdf on the file and u never touch any show extension setting before then u have to be careful, open property and see the actual extension.
My mom's channel got hacked one time. They posted a bunch of crypto scam videos (not the Elon Musk ones,) but I was able to save her channel and delete the videos posted by the hackers.
So which AV would be capable of detecting that the 658mb file is actually malware if most AVs nowadays are cloud-based?
I was wondering if utube videos could also be a problem in sending you an executable file?
You could make video about how to tell if images or videos are malware.
I never use windows for email and I’ve never read a spam or scam get me - it never formsts or looks right on iPhones mail app and makes it easy to spot.
Usually the best way to see if an email is scam or not is to look at the email signature. Usually legit emails will have a real person with social media links and more info in the signature.
Seems so weird to me that by now AVs and such don't have any means of detecting such file padding. I get padding could potentially be a lot more sophisticated, but come on simply hundreds of megabytes of null bytes at the end of the file? That seems trivial to detect idk.