Oops, been told that chrome_100_percent.pak files are unrelated to your chrome passwords. Instead that pak file is just resources used for the malware (which has a component made in electron). So the passwords never get saved to the disk, rather they are uploaded to the attacker immediately, scary.
Um can you make a video about a clone malware copying a good app that obs studios please report and tell more about the fake clone malware of obs studios please😢😢😢😢😢.
I had a similar scam before. I told the dude in Discord "Okay, give me a second to boot up my virtual machine and I'll try your game" and they immediately go "THE GAME DOESN'T WORK IN VIRTUAL MACHINES"
oo good one. personally if someone i don't know approaches me i instantly ask them wtf they want and that i will block them if they do anything remotely sus or send me anything remotely sus. usually they shut right up.
lmao, if u actually boot a game in a vm (virtual machine) then you will still get the game, although if u run like minecraft in a vm then it will lag btw
I had someone try to pull this on me and I said something along the lines of “hey you’re not going to ask me to download a game are you?” And it threw off their entire script. The English just degraded so badly as they scrambled to figure out a new tactic
The key to never falling for scams is to have trust issues and social anxiety! Can’t get scammed if you don’t talk to someone and on the off chance you do you don’t trust a word that comes out their mouth!!
The archive file being password protected is a huge red flag. That helps prevent AV scanners from checking the archive out when you dl or first open it.
but there is false positives aswell tho, i wrote python script myself that has been flagged as a TR .. while the code was basically a BMI converter put into a single EXE file using pyinstaller...
My condolences to the Elderand devs for having their game being used as a fakeout for scams. To use such a specific indie game like that, that must feel pretty sucky.
Poor Elderand. I went to buy the game on Steam just to support them. Because it legit looks like a fantastic game, which is probably why it gets targeted so much. Thanks for raising awareness not just of the scam but also the original game.
i almost fell for a nitro scam one time. fortunately i didn't click on the link at first and the guy had a youtube channel connection on his discord. i asked him in the comments of one of his vids about it and he said he got hacked. hacker was stupid anyways lmfao, who pings @everyone in a dm?
I HATE this particular scam. I'm currently working on a university assessment that does require me to get a wide range of people to playtest a game at the end, and I can't ask any of the communities I'm currently part of (and yes, I've checked) as a direct result of this scam.
I am so glad you exist. About 20 minutes after you posted this video I got about 6 pings from different servers regarding this malware spread. You are an actual legend.
l am so glad you exist. About 20 minutes after you posted this video l got about 6 pings from different servers regarding this malware spread. You are an actual legend.
The previous scams that you've covered seemed like things I'd instantly recognize as scam and avoid, but this one is pretty convincing for me, I would've fallen for it easily So thanks for covering this, NTTS
The previous scams that you've covered seemed like things l'd instantly recognize as scam and avoid, but this one is great convincing for me, l would've fallen for it easily So thanks for covering this, NTTS
The previous scams that you've covered seemed like things I'd instantly recognize as scam and avoid, but this one is pretty convincing for me, I would've fallen for it easily So thanks for covering this, NTTS
The previous scams that you've covered seemed like things I'd instantly recognize as scam and avoid, but this one is pretty convincing for me, I would've fallen for it easily So thanks for covering this, NTTS
The previous scams that you've covered seemed like things I'd instantly recognise as a scam and avoid, but this one is pretty convincing for me, I would've fallen for it easily So thanks for covering this, NTTS
Funny thing is, I fell victim to this around a month ago when one of my online friends messaged me asking to test a game and all my passwords and info got stolen. They also tried to buy Nitro on my account using my saved card info. Scary how 1 file can do all of this. I had no idea how this malware worked though until you made a vid on it. Good job 👍
Same thing happened. Friend's account sent me the link, asked if I wanted to beta test for their friend. They didn't get far before I reset my password and everything, but they joined and boosted a random discord server.
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
Only problem is that Discord has a track record for not bothering to solve issues in a timely manner. Hell, I've seen one case where a server owner got hacked cause of a scam similar to this one and they didn't respond for two whole weeks, leading to the server's deletion by the hacker. I do not trust Discord to be competent, especially with where their priorities lie. That being said, this is a good video for showing how this stuff works. I'm sure it'll be helpful for a lot of people (It's also just really interesting). I feel bad for the dev(s) of Elderand tho, knowing this is a somewhat common occurrence for them. I can only imagine being in that position. .-.
Only real problem is users believe that anything they do should be taken care of instantly and have no concept of ques, previously existing issues, ongoing work, and limited manpower.
@@antehll yeah sadly, but it was mainly just normal viruses that steal your info, i had many of them when i didn't know what discord was so they literally had no info to steal, recently fell for a scam but it could only grab my google info, and i use firefox
I privatly asked this creator to talk about it over on twitter and been commenting about it every niw and then on his videos to get as much attention as i can but not seem to be annoying, might not be just me thou but im glad it's being brought up as it's not an nice scam since once they get your discord account, they will delete every discord server you own, target your friends, family and also try to use any bank information on the account to scam you of hundreds of cash, i was lucky to have 0 in my bank so all unauthorised payments failed but this situation coulda been alot worse if i was even more naive, especially if one is not fully aware what a scam is or know how to detect it without thinking about it.
I used to be a victim of this, the worse that happened was my clients friend is an actual coder and is hijacked by this and mostly tricked most of their fans including myself thanks for spreading this information for everyone to be aware
Happened to me. A Dev I trusted pretty well "announced for April fools" that he'd been working on a game. Let my guard down. Only decided to put it in virus total and triage afterwards.
i had a friend of mine who i knew from school get hacked via steam. however this hacker bot would automatically send shit to people. it was something along the lines of a csgo tournament.. the first red flag is the fact this dude doesn't even play csgo. the second one is that the chat was in english we are both dutch. he ended up finding out and telling everyone to not click the link tho. but he never truly resolved it so i ended up blocking his account for the time being after sending a message on his profile because the bot was getting really annoying constantly spamming shit. so i decided to test it and cussed at it in dutch. it kept going with it's little spiel so i instantly was like oh come on
I don't really care... ... Just reinstall Windows, and get on with life. I let governments install firmware... ... if they don't affect my surfing and fun. That's all. Make sure you have nothing they don't need to know around. That's all. Your name, address, and such... ... government or linked companies can easily find, no need worry about those. But important accounts such as banks, your operations and such... ... all masked out. They can scan, they can look around, they can try dig... ... nothing. Most if not all the pirated games are loaded with such malwares, including malwares from government agencies. So not a problem for me, just live with them and if they don't bother you, that's ok. They wanna track you activities, find out this and that from whichever accounts and such... ... the usual stuff. Nothing special, since even operatives and important folks nowadays are gamers... ... like myself. Hahahahahaha... ... You need to have a respect for that. I open my door to the guests, if they are not sickos, they take their peeps, and leave respectfully. Problem comes when some jokers when you give them face, they go overboard. If Microsoft suggests I install a new Firmware, I definitely will... ... provided the mainboard is not so serious business. That's all. Personal policy. But it is the same as... ... "You are wasting your time".
@@HenryTan-pj2oi this. like it's not like you can completely avoid it. it just depends on what type of activity from my pov. as long as i can play my games do what i want i really don't care. go ahead and check what specs i'm using etc i really don't care.
@@litchtheshinigami8936 I can choose not to download firmware from government linked Microsoft... ... Can be avoided, since my system for casual use is split for surfing and cut off for gaming (not online). If I use a brand new Motherboard from China or elsewhere and clean of Firmware malware, it is avoidable. My other systems which contain sensitive data are not 'involved' and not physically in my home, though it can be accessed from home. So... ... even the best of the spyware or malware will only hit the casual systems, and mostly the system used for surfing online. The only way to gain access to my gaming system is via onboard component without approval connecting to secret network which of course... ... is pointless to intrude cos it has no sensitive or important material such as my bank accounts and such. Ransonware locks my harddisk? Just reformat everything... ... that's all. And other than Firmware malware, surfing system can be 'refreshed' by reinstalling Windows. And if the spying agency gets too overboard with no personal integrity, have to change motherboard. And sensitive system is separated with casual systems not only by physical proximity but via point of contact only steel box containing unit, only via infra red can the main system be activated, and even that an intruder must go through a couple of layers of security. Even game data which is important is backup in multiple 'servers' which are all physically cut off and a 'bridge' unit will be used to transport data should the casual gaming system be breached or accidentally connected online. Over at my side, security is like top CIA settings, with sensitive system many times that of my casual systems. My casual gaming system is decently protected, but not unbreakable. The point is, there is no need to break into my surfing or gaming systems. Once malware messes up the gaming system, for instance, Windows will be reinstalled after format... ... and the bridge unit will replicate the requested games and saves to the refreshed gaming system. Similarly with the surfing system. The sensitive system is plugged to a security mainframe monitored 24/7 by professionals. So for a start, even if top agencies want to break into that... ... IMPOSSIBLE. From there, data even from ground Ukraine battles can be obtained real time with lite instructions. Which also means any games with malware can't be saved to the sensitive unit without being totally blocked. Hehehehe... ... If you are working as important role in your company, such as a CEO, you will have to have setups like mine before states get to capitalize on your moves. All the equipment pinged-able by agencies are all none important low classified stuff that I can give out for free or not as if government agencies don't already know. So... ... it can be avoided. Hahahahahaha... ... ... It is no wonder too why I can be so reckless. Kekekekekeke... ...
As someone who was a victim of this hack (I was unaware of this before I got hacked, I’ve since gotten my account back), I don’t understand why people do this. It took me almost a month to get my account back and some people probably can’t get their accounts back. I’m so sorry for those who fell victim to this
my friend got hacked by those things and send me that suspicious thing but i replied with "i'll try it later" and when i heard the news about him being hacked i was in a relief
yep i had this with a friend over steam once. there were two major red flags tho. first off it was about a csgo tournament and the dude doesn't play csgo. (i immideately went to his profile to check) and the message was in english.. yet i went to school with this dude and he knows i'm dutch
@@iamxeracon that works until your friends get hacked somehow so it's best to always be vigilant. But yes, I've turned off messages from non-friends too because of these scams for the most part but also spammers as well
@@santosicIf its someone i dont know irl then i always ignore the links and any weird sht they try to do, if its someone i do know irl, then j message on a different platform or just call them
I remember this guy sending me a download like for a "game" they made in my dms, I actually nearly downloaded it, but when windows warned me, I decided not to risk it, and cancel the download. Edit: meant to type link lol
i think he singlehandedly boosted the game's sales by a bit more; I bought it too because it legit looked fantastic, just to support them because nobody deserves having their hard work tarnished and abused by assholes.
Thank you for spreading awareness. I am fortunately not in any big servers and only got a select few people on my friendslist that I know very well and trust. I also always have it set to not allow messages from people that not on my list. I also never store any passwords in my browsers. That said; I also wouldn't fall for a stranger sending me a link to something, anyway. Waaaay too sketchy. Even then, it still isn't foolproof. I once had a friend message me some weird shit, including a link to something. But since I know everyone in my Discord really well I instantly knew that wasn't him. Called him up to tell him his Discord must've gotten hijacked. He confirmed, naturally, that he did not send those messages and immediately changed the password and deleted those messages (they were sent to all his contacts and also in every sever he was in, which was already another far too obvious red flag.) Sadly, he's very oblivious in regards to this kind of stuff so it's bound to happen again.
I fell for this a year ago. I got a DM from someone asking if I could test their game called "Skyline", they weren't offering anything, they just said they needed someone to run their game. I immediately thought that this was a fan of my channel (I have a small channel) and so I obliged. I ignorantly downloaded the malware onto MY MUM'S LAPTOP, extracted it and tried to open it. However, my mum's anti-malware software blocked it, which I think might of blocked it from stealing my shit since nothing weird has happened to my accounts in the past year. I got super pissed because I still didn't know it was a scam and tried everything to get it to run. It never did. I ended up giving up, feeling really upset I couldn't run what I thought was a fan's game. then I recently found out it was a scam and felt stupid
i fell for one similar to this, though i was promised nothing in return. i don't typically fall for stuff like this, but the game they had sent genuinely looked good (i still wonder what the actual game was). i even scanned the game file and there was no malware or virus' detected, but sure enough, the second i opened the game my computer completely shut off. i had over $1000 of charges to multiple cards, all my accounts were changed, and ultimately i ended up losing really valuable photos and videos because i got locked out of my personal instagram. it sucks, but you learn.
same happened to me, someone said me to review a game, i scanned it and found nothing and when I opened it was a malware. though my accounts didnt get hacked cause I immediately noticed it was a malware and changed every accounts passwords
I am not into these games, I don't do discord and stuff, just interested how not to get scammed and reading comments. One youtuber analysed one phishing scam and explained that some are quite bulky, there is a malware code hidden among a lot of zeros and irrelevant bulk, that even the best antivirus won't bother with like 300MB file and just skims through, very likely missing the malware bit hidden inside. This is how sophisticated the bastards are getting. Hope it helps.
Yeah it really sucks bc these things can be so inaccurate bc it hides the fact its malware so the websites dont pick it up. I would try multiple websites but even then you still cant be sure
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
Id love to see someone with python code experience to dig into the files and find out where stolen info is going, and then flood the server with random gibberish.... Nice video, always handy to know of such scams like this
Man this seems similar to a possible scam I ran into awhile ago. A somewhat friend dmed me asking me to beta test their game and play with them cause they have nobody to play with. I was down with it at first but realized it wasn’t on steam and instead a game I needed to download off a browser so I instantly backed out from doing it. They kept trying to pressure me into downloading it even after telling them over and over I wouldn’t. I told them I have a phobia of computer viruses so there’s no way I’m clicking or downloading anything from a random link. And that’ll I’ll only play it if it’s on steam since I can trust that. I think my paranoia/phobia saved me from a scam/virus.
THIS LITERALLY HAPPENED TO ME A MONTH AGO! THEY USED MY FRIEND’S ACCOUNT THEY STOLE TO GET MINE! (fortunately though, i got it back and re-enabled 2FA with a different password. my friend got his account back too)
If they know your email and old password, make sure to keep any account u have linked to the email that u use on your discord account safe. You never know
Man scams like this always annoys me a lot because it highlights that downloading random games from the internet is always risky. I have a lot of fun playing a bunch of free games from new or small developers, but at any point it could be malware... Of course I'm not dumb enough to download something sent via a dm or promises to pay you to play it.
This is the exact type of discord scam that I fell for a few years ago, and I've had anxiety because of it ever since. I'm very happy that you're informing more people about online scams so that they don't have to go through the same things that I experienced (and am still going through). :) I know comments like this can sound generic, but I genuinely appreciate the work you're doing for free to teach us how not to be goofy little dum-dums that get themselves into trouble on the internet! :D
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
@@ayansa5254 I reset all of my passwords (as you also did), and I also activated Two Factor Authentication on everything I could. On the infected device (a PC that I share with my brothers), all I did was to delete all files that I could tell were connected to the malicious program and I also did a few full Windows Security device scans to remove any remaining threats. I never even had to reset any of my data. The worst thing that happened was that the program locked me out of my Steam account by changing my password and the email that was connected to it. Thankfully, I managed to log back in and undo everything with some help from my dad and one very stressful evening. Please note that the malicious program that your laptop was exposed to most likely did different things than the one mine was exposed to, and I'm also not some tech expert, so don't take everything in this comment as pure fact. Also - it's normal to worry that the program may still be affecting your device after you did everything you could (I had very severe anxiety because of mine for over a year after the incident), but I don't think even the most well designed computer virus could bypass a hard reset. If you do still see odd things happening on your laptop or to the accounts that you were logged into at the time of the incident, I'd recommend reaching out to an expert in removing such malicious programs. I hope this reply helps. :)
Welp i fell for this scam as well and i was devastated but luckliy i have my friend who knows this stuff and told me about this that i reset password everything even format my laptop but it was the ultimate sacrifice
If this does happen, at all, remember, if your friend doesn't major in programming, game development, or not in the work field for that, do not trust it whatsoever.
I very much dislike these hackers, because i actually do want to be a game dev, and i hoped to use my friends as testers, use them to test the gameplay and search for bugs.
I embarrassingly fell for this scam yesterday, although the method was slightly different with them getting us to help them out for "game testing and reviewing". Got my account compromised and it changed my password and enabled 2FA. I've reached out to discord support about it and they've moved my request to their Trust & Support team. Here's hoping I'll get my account back 🤞
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
@@ayansa5254 factory/hard resetting your laptop oughta have erased whatever malware program in your machine, I'd suggest contacting discord support and letting them know of the phishing website in hopes they might be able to bring it down or at least let them be aware of such a thing happening so that when victims that have fallen for this might be able to recover their account back faster.
And all it takes to prevent stuff like happening that is to just not click on suspicious links. *That’s it.* Browsers can indeed protect your passwords from hackers, but absolutely nothing can protect them from _your_ own stupidity. If you really want to get some cool new games from individuals online like these poor folks did, just get some friends IRL. At least one of them is GONNA be an avid game developer (much like my doppelgänger James Bolding), and sooner or later, they’re gonna PM you with a banger of a title for the YoYoGames platform or even Steam itself. Total strangers are just gonna screw you over under the guise of giving you unbiased advice and feedback, just trust me.
This actually happened to me. I was running servers back then and my friend got hacked and I got tricked by this same thing when the hack was BRAND NEW. I was one of the first people to fall for this hack
I'm watching this because I literally just got hit with the same scam. It was passed to me from someone I know who DOES develop games. I've never fallen for stuff like this in the past but now... I'm stressing up to the eyeballs. I'd consider myself computer literate but this is waaaay past my ability level! I have no idea what to do. 🤥🤯
The messed up part is when they hack your friends discord and are messaging you from their discord with the game link and are specifically game developers and in several game development servers, so you believe them. ;(
Saw this recently with two different games - "Return Thieff" masquerading as Sabotage's "The Messenger", and its prequel, "The Word Souls" masquerading as (also Sabotage's) "Sea of Stars". THANK YOU for making this video. You are a life saver.
I almost fell for a scam like this, but it was a google drive link instead. It was one of my guildmates on wow, who I'm guessing was hacked or somebody impersonating him. I was too lazy to even download the "game" and kept procrastinating lol. My memory might be a bit hazy of the exact details, but who knew simply me procrastinating and being too lazy to even download it would save me lol.
as a game dev I suggest not trusting a random site. the only sites I suggest trusting are Steam, Itchio, Gamejolt, Humble, Gog (Good Old Games) and Indie Game Stand. Now Listen, You're not 100% safe on these, However there's never 100% safety when using the internet so take my words with a grain of salt since they CAN have a few malicious games but it's less likely on these since the are heavily moderated on what gets approved and what isn't, with gamejolt being the least safe at about a 70-80%. Moral of the story, if you want games don't trust sites like CDkeys, Cursed Beta, ETC. they can and most likely WILL steal your data.
The trick to this one is to run it in Windows sandbox or some other virtual machine (without logging discord or anything else into that machine) so it can't steal anything, then come back to them and be like "Okay done, the game sucks, but I ran it and none of my accounts got hacked. Can I get the Nitro now." they of course will not give it to you, but I absolutely revel in making scammers and script kiddies look stupid! It's like playing a game of social chess where the other player doesn't realize you are also skilled, and the more spectacular the checkmate, the better.
Ah dude I remember when someone tried this on me a long while ago, I was actually stupid and tried to run it cause it from an old friend (and I like to have thought before this I was pretty on the nose and could see this stuff coming a long mile away), but naturally it failed cause my antivirus caught onto it, and when they told me to bypass it... Yeah I knew something was up then and just said I couldn't, before I knew it they just left me alone
@@NecronHandlee Not to mention the account that was your friend's could have easily been hijacked, likely from the same type of scam, that'd then just spread it on the attacker's behalf to anyone on it's friends list
I’m working on a JavaScript thing for my friends, to show them how easy it is to get hacked. They type in a command in the console and it outputs your complete Roblox token.
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
@@ayansa5254 These viruses are normally located in the temp folder. Open your laptop, press windows and R, then type %temp% and delete EVERYTHING in the folder. (This is safe, it is only where temporary files are stored.) Sounds like you did everything else I did, and I can understand why you're cautious. Get a antivirus like AVG or Malwarebytes, and keep an eye on your email to see if anyone signed in to anything. Hopefully you can figure this out. Sorry this happened, I know the feeling.
That was the only scam I ever fell for. My cousin sent me that and I was extremely sus about it, but did it anyway. I got banned everywhere (2 servers I was in). It didn't do much damage since I don't have a social life.
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
@@ayansa5254 if you erased all your data from the drive ure probably fine, unless the virus put itself trough the network but I really doubt itd do that. I just changed my passwords and did a clean install since then and had no problem.
They don't steal your passwords but your session token to bypass 2fa that is happening on some youtuber. You need to logout to before the attacker change your security details and expires the session token. Those password would be useless to them if you have an 2FA or hardware key since you'll just get notified and change your password again.
It wasn't even the sketchy website that 100% revealed the scam to me, it was the fact that the "Game" was only 50MB lmao, even pixel art games aren't that small.
I wish I had watched this video before. I'm on the internet for nearly 2 decades and I never fall for any scam on the internet because I'm very cautious of what I'm downloading and who I trust. But unfortunately that scam happened to me because the website of the fake game was very convincing. I reseted my Windows via bootable USB, changed all my passwords and enabled 2FA on everything I could. Be careful out there guys!
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
You should never run malware as Admin, even on a VM. 🤦♂️ Popular loggers such as Creal and Empyrean can bypass virtual environments. As can RAT's like TheFatRat, EggShell and Quasar. I'm just some random so feel free to ignore me but I'm just letting you know, nice video. 👍
a VM hiosted on a webserver is fine tho as all it would do is infect other servers in said datacentre.....which would put the distributer of said malware in a world of hurt....(large companies can sue you til your homeless)
As someone who fell for this, I will explain how to swiftly remove the guy's access to your account; 1. Keep talking with the guy about whatever it is he wants. If it's even an option. Play for time. If it's not possible, you're screwed in the first place. He won't take over your account unless he gets something out of you first, or at least that's what happened in my case. 2. Reset the password for discord as quick as possible, to your main account and any secondary accounts you might have. 3. Change the phone number to your account as quick as possible. 4. Change the email to all your accounts. They can take over that somehow. 5. Change anything else you might deem necessary. At this point you are free to drop the guy who stole your account and just go about your day. Relax, go for a walk, hell, sleep. I know I did after I was scammed for the first time with this scam... Other than that, be weary and expect what the guy will want from you if they do get to your account. In my case he wanted money, and a lot of it. But he got mysteriously quiet after I did all the steps above, and I got no response from him till this day. On another note, keep in mind that they can somehow take over your more important things; The guy accessed my browsing history somehow, and claimed to have my credit card info (he didn't). Stay safe out there, cheers.
Well, that's a good observation but I really don't see why attackers make it in that case. Just to believe the victims that it's a legit software and they ensure that only humans and not some random bots run the program?
@@ThePhysicsWorm Its for antivirus, alot of antiviruses nowadays scan downloaded files, and if its not harcore obfuscated it will block it. But a password protected zip passes through this restriction
I had gotten hacked from something like this before. Someone DM'd me from a server I'm well known in asking me to help test their game. I was bored at the time so I decided to do it. Just to be safe though, I checked the file and it said it was all clear but surprisingly, it was a scam that steals your discord account. It was basically this same thing but instead of taking every password, it just took my discord password. Luckily I was able to get my account back but yeah, the type of scam I got was quite well done since there was no trace of any type of bad thing in it. Either it was very clever or I was just being an idiot. I was probably just being an idiot lol. Edit: The one I had gotten was a few months ago. Surprised it's still happening.
I just got the same and he trolled me showing all my emails and social media accounts, im panicking, just shut off my computer and removed the battery and tried changing all my passwords this stuff is terrifying
Someone sent me something like this a year ago (though it was just a straight up .exe file via CDN) and I ignored it. This video motivated me to run it on a virtual machine (thank you for the suggestion!) and it turned out the "game" was spyware lol. Reported it to Discord, thank you for the template too.
I unintentionally caused the scammer to block me because I bombarded him with questions about his games artstyle, concept art, what genre, what's the focus on and he just gave up Lol
Gotts love how all I'm hearing is how everyone's anti-virus stopped it from happening or they somehow knew it was maleware, yet here iam fucked with no way of figuring out how to fix this...
Now i got a question. Does double clicking on that malaware also runs it as administrator or does it not? This scam happened to me twice and i fell for it the second time yet did not run it as administrator. Luckily i don’t save my passwords on google so i’ll try to check if there’s the malaware on my pc to delete it. Thanks for this super useful video NTTS
Double clicking it does not run it as an administrator, however if you are infected or were prior, I would highly suggest resetting passwords, resetting the machine because it's likely you are part of a Botnet.
I saw that exe icon and i had fucking war flashbacks from when i was hacked by this shit. A person i used to talk to (someone who was also a programmer) reached out. It wasn't a bot either, it was a real fucking human being who had hacked this persons account messaging me. The guy also got my card info so this ain't a fun one. Had it not been from an old programmer friends account i wouldn't have fallen for it
I don't really know that the virus will run in the background, run on startup or not, but if the developer of the virus enought smart, then he just create a startup entry in registry, and a legitimate tool will upload the cookie files to somewhere, even if you deleted the virus. But if you want to analyze it, you can use a debugger, like X64DBG, also IDA Pro, i more like X64DBG.
yeah... i just got hacked by this very hack yesterday. (i was not offered any pay for clarification, it just looked like a good game) i am definitely going to be watching your content from now on for the better of my own damn account
LMAO that video got recommended to me 2 hours after a person like this messaged me this: :"Its 2D adventured project we need peoples who can play and give review for 9-10 minutes" Thank you so much for the video
i recently fell for such scam. An old friend of mine messaged me saying “hey, could u play this game? *link* it’s my friends game and it’s his bday”. I downloaded it not thinking about the consequences. Next thing i saw is my discord logging out and tons of email about a changed password rushing through my email. I’m sad that video didn’t exist at the time.. 😂
I'm so mad because I actually fell for this. It was such a headache to deal with the aftermath. I know better and I for some reason just wasn't thinking.
Same bro😭 The dude even added my second account on the account he hacked from mines nd told him ik it's malware, then he tried to tell me too join them and he'll teach me how to do it. I was like hell nah 😭
This happened to 3 people i know, after they downloaded a game, they started spamming the game link, this was the hacker, he first started saying it was a friends game, and now he's using the hacked accounts to say its their game to make people believe it's real, and he's also nuked a server using a account that he hacked, and he's also saying the n word
I got saved by this, one of my friends texted my while I was shitting, I said yeah sure later, and completely forgot until he said he got scammed lmaoo
I fell for one of these yesterday from one of my friends, luckily I dont believe he got any passwords or any too personal information, never doing that again.
Oops, been told that chrome_100_percent.pak files are unrelated to your chrome passwords. Instead that pak file is just resources used for the malware (which has a component made in electron).
So the passwords never get saved to the disk, rather they are uploaded to the attacker immediately, scary.
Yes guys, change them all now...
What did you use for the vm analysis?
Um can you make a video about a clone malware copying a good app that obs studios please report and tell more about the fake clone malware of obs studios please😢😢😢😢😢.
Is electron a programming language?
@@lordpuff no, it is like a browser that only runs a single app, discord uses that.
I had a similar scam before. I told the dude in Discord "Okay, give me a second to boot up my virtual machine and I'll try your game" and they immediately go "THE GAME DOESN'T WORK IN VIRTUAL MACHINES"
oo good one. personally if someone i don't know approaches me i instantly ask them wtf they want and that i will block them if they do anything remotely sus or send me anything remotely sus. usually they shut right up.
lmao, if u actually boot a game in a vm (virtual machine) then you will still get the game, although if u run like minecraft in a vm then it will lag btw
@@KrystPlDepends on the VM software you're using.
@@rayanking4773dependents on how much you give the VM not the software
I had someone try to pull this on me and I said something along the lines of “hey you’re not going to ask me to download a game are you?” And it threw off their entire script. The English just degraded so badly as they scrambled to figure out a new tactic
I feel like storing passwords in a Book and Quil in Minecraft is much more secure than saving passwords in a browser.
you genius
Absolute genius
What the… I never heard anybody do that besides me! I always have stored my passwords in a book and quil, thought I was the only one lol
Who would check there tho XD
Might actually have to start doing that
The key to never falling for scams is to have trust issues and social anxiety! Can’t get scammed if you don’t talk to someone and on the off chance you do you don’t trust a word that comes out their mouth!!
so true
🤠
👍...yeah I don't even know what discord is...
@@slackamacgaming6721 heard of skype?
@@mightyrockstar22 maybe...I've tried to FaceTime with my daughter...but I couldn't figure it out...
It's really just like following the good old _"don't talk to strangers, and don't take candy from strangers"_ advice. :)
Imagine your whole life only revolving around scamming people online. Absolute wastes of human lives.tragic
Seeing you report these degenerates warms my heart. Godspeed my friend.
One of these days they'll get their dues.
Ask the Indians how they feel about it, you'll be surprised
@@nightmare_core_ not all indians are scammers, there are scammers in USA, france, nigeria and you name it, kinda surprised on how ignorant you are
Boy howdy, i do sure love losing my password form a literally cursed game
*me be too*
same
@@ThatWindowsGuy488 *yes*
@@mr_unnknownn almost the same pfp lol
Really love it
The archive file being password protected is a huge red flag. That helps prevent AV scanners from checking the archive out when you dl or first open it.
nice to know but if you unpack shouldnt the virus scanner go !ALERT! ? a normal person would have run a quick scan on the file too tho
but there is false positives aswell tho, i wrote python script myself that has been flagged as a TR .. while the code was basically a BMI converter put into a single EXE file using pyinstaller...
@@zimizi Quick scan won't trigger since it's encrypted by the password.
Microsoft routinely flags nirsoft utilties (false positive) . Yet malware has free reign.
not immediatly but if you unpack?@@ghostid544
NTTS casually boosting the playerbase of Elderand by 800% in 10 minutes:
did he actually?
A surprise, but a welcomed one
@@gamingcow7796 it was an overstatement and a joke, though I’m definitely gonna check the game out because of this video
Free advertising lmfao
Same
@@Cxntrxl lmao imagine your game getting popular because people use it to scam 😂 that is funny af
My condolences to the Elderand devs for having their game being used as a fakeout for scams. To use such a specific indie game like that, that must feel pretty sucky.
On the positive side, exposing this scam give promos to Elderand, heck I would've never knew about it if I don't watch this video
@@derpedfoxand it actually looks like a cool game
Poor Elderand. I went to buy the game on Steam just to support them. Because it legit looks like a fantastic game, which is probably why it gets targeted so much. Thanks for raising awareness not just of the scam but also the original game.
@RenAmaiI went and bought it for Xbox just now. It looks fun and I adore pixel art..
Just went and bought it for my wife and I to support them. I look forward to trying it out even though its not my kind of game.
I agree.
Fell for 3 discord scams so far, going for the high score.
Bro 💀
Learn your lesson man
(2).. One on my Roblox account, the other on my Steam account.. both are resolved thankfully.
@@HAR234 nah he is not dumb he is grandmaster he trying to speedrun
Please get off the internet ❤
i almost fell for a nitro scam one time. fortunately i didn't click on the link at first and the guy had a youtube channel connection on his discord. i asked him in the comments of one of his vids about it and he said he got hacked. hacker was stupid anyways lmfao, who pings @everyone in a dm?
I HATE this particular scam. I'm currently working on a university assessment that does require me to get a wide range of people to playtest a game at the end, and I can't ask any of the communities I'm currently part of (and yes, I've checked) as a direct result of this scam.
I'm about to report you as a scammer.
I'm about to report you for stealing passwords.
Don't you have friends to help you test it
I am so glad you exist. About 20 minutes after you posted this video I got about 6 pings from different servers regarding this malware spread. You are an actual legend.
l am so glad you exist. About 20 minutes after you posted this video l got about 6 pings from different servers regarding this malware spread. You are an actual legend.
Hey I know you
@@Theunicorn2012 this could potentially be travis scott
The previous scams that you've covered seemed like things I'd instantly recognize as scam and avoid, but this one is pretty convincing for me, I would've fallen for it easily
So thanks for covering this, NTTS
The previous scams that you've covered seemed like things l'd instantly recognize as scam and avoid, but this one is great convincing for me, l would've fallen for it easily So thanks for covering this, NTTS
@@Theunicorn2012 did you just copy my comment as a reply?
edit: nvm it's a bot
The previous scams that you've covered seemed like things I'd instantly recognize as scam and avoid, but this one is pretty convincing for me, I would've fallen for it easily
So thanks for covering this, NTTS
The previous scams that you've covered seemed like things I'd instantly recognize as scam and avoid, but this one is pretty convincing for me, I would've fallen for it easily
So thanks for covering this, NTTS
The previous scams that you've covered seemed like things I'd instantly recognise as a scam and avoid, but this one is pretty convincing for me, I would've fallen for it easily
So thanks for covering this, NTTS
Funny thing is, I fell victim to this around a month ago when one of my online friends messaged me asking to test a game and all my passwords and info got stolen. They also tried to buy Nitro on my account using my saved card info. Scary how 1 file can do all of this. I had no idea how this malware worked though until you made a vid on it. Good job 👍
Same thing happened. Friend's account sent me the link, asked if I wanted to beta test for their friend. They didn't get far before I reset my password and everything, but they joined and boosted a random discord server.
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
@@ayansa5254 honestly I just did a hard wipe plus used the opportunity to upgrade to a new boot drive.
@@ayansa5254did you get it solved? Nothing ever happened?
Only problem is that Discord has a track record for not bothering to solve issues in a timely manner. Hell, I've seen one case where a server owner got hacked cause of a scam similar to this one and they didn't respond for two whole weeks, leading to the server's deletion by the hacker.
I do not trust Discord to be competent, especially with where their priorities lie.
That being said, this is a good video for showing how this stuff works. I'm sure it'll be helpful for a lot of people (It's also just really interesting).
I feel bad for the dev(s) of Elderand tho, knowing this is a somewhat common occurrence for them. I can only imagine being in that position. .-.
By anychance relic castle?
@@pascalprincess Y e p .
That's the one. I am still not happy about that, ngl.
Only real problem is users believe that anything they do should be taken care of instantly and have no concept of ques, previously existing issues, ongoing work, and limited manpower.
i'm so glad i never fell for a discord scam
Same
implying you've fallen for something else?
@@antehll her 😿😭
i'm so glad i never fall for a discord scam
@@antehll yeah sadly, but it was mainly just normal viruses that steal your info, i had many of them when i didn't know what discord was so they literally had no info to steal, recently fell for a scam but it could only grab my google info, and i use firefox
Update: This malware is still being hosted on Discord as well as the blogspot page
Update: it no longer is
@@belkYT it is :(
@@WiIIowstar the blog post is removed, idk about the malware being hosted on discord
@@belkYTits still on, my friend got hacked with exact method 3 hours ago, maybe the link changed a bit
@@ren8848 the same method doesnt mean the same link and download
This one has been going around for awhile now.
Glad some awareness is being brought to the general public.
This one has been going around for awhile now.
Glad some awareness is being brought to the general public
@@Theunicorn2012 Thank you, for adding to this conversation.
This one has been going around for awhile now.
Glad some awareness is being brought to the general public.
I privatly asked this creator to talk about it over on twitter and been commenting about it every niw and then on his videos to get as much attention as i can but not seem to be annoying, might not be just me thou but im glad it's being brought up as it's not an nice scam since once they get your discord account, they will delete every discord server you own, target your friends, family and also try to use any bank information on the account to scam you of hundreds of cash, i was lucky to have 0 in my bank so all unauthorised payments failed but this situation coulda been alot worse if i was even more naive, especially if one is not fully aware what a scam is or know how to detect it without thinking about it.
@@mokufreeman4692 they are bots
I used to be a victim of this, the worse that happened was my clients friend is an actual coder and is hijacked by this and mostly tricked most of their fans including myself thanks for spreading this information for everyone to be aware
Happened to me. A Dev I trusted pretty well "announced for April fools" that he'd been working on a game. Let my guard down. Only decided to put it in virus total and triage afterwards.
i had a friend of mine who i knew from school get hacked via steam. however this hacker bot would automatically send shit to people. it was something along the lines of a csgo tournament.. the first red flag is the fact this dude doesn't even play csgo. the second one is that the chat was in english we are both dutch. he ended up finding out and telling everyone to not click the link tho. but he never truly resolved it so i ended up blocking his account for the time being after sending a message on his profile because the bot was getting really annoying constantly spamming shit. so i decided to test it and cussed at it in dutch. it kept going with it's little spiel so i instantly was like oh come on
I don't really care... ... Just reinstall Windows, and get on with life. I let governments install firmware... ... if they don't affect my surfing and fun. That's all.
Make sure you have nothing they don't need to know around. That's all.
Your name, address, and such... ... government or linked companies can easily find, no need worry about those. But important accounts such as banks, your operations and such... ... all masked out. They can scan, they can look around, they can try dig... ... nothing.
Most if not all the pirated games are loaded with such malwares, including malwares from government agencies. So not a problem for me, just live with them and if they don't bother you, that's ok. They wanna track you activities, find out this and that from whichever accounts and such... ... the usual stuff. Nothing special, since even operatives and important folks nowadays are gamers...
... like myself. Hahahahahaha... ...
You need to have a respect for that. I open my door to the guests, if they are not sickos, they take their peeps, and leave respectfully. Problem comes when some jokers when you give them face, they go overboard.
If Microsoft suggests I install a new Firmware, I definitely will... ... provided the mainboard is not so serious business. That's all. Personal policy.
But it is the same as... ... "You are wasting your time".
@@HenryTan-pj2oi this. like it's not like you can completely avoid it. it just depends on what type of activity from my pov. as long as i can play my games do what i want i really don't care. go ahead and check what specs i'm using etc i really don't care.
@@litchtheshinigami8936 I can choose not to download firmware from government linked Microsoft... ... Can be avoided, since my system for casual use is split for surfing and cut off for gaming (not online). If I use a brand new Motherboard from China or elsewhere and clean of Firmware malware, it is avoidable.
My other systems which contain sensitive data are not 'involved' and not physically in my home, though it can be accessed from home.
So... ... even the best of the spyware or malware will only hit the casual systems, and mostly the system used for surfing online. The only way to gain access to my gaming system is via onboard component without approval connecting to secret network which of course... ... is pointless to intrude cos it has no sensitive or important material such as my bank accounts and such.
Ransonware locks my harddisk?
Just reformat everything... ... that's all.
And other than Firmware malware, surfing system can be 'refreshed' by reinstalling Windows. And if the spying agency gets too overboard with no personal integrity, have to change motherboard.
And sensitive system is separated with casual systems not only by physical proximity but via point of contact only steel box containing unit, only via infra red can the main system be activated, and even that an intruder must go through a couple of layers of security.
Even game data which is important is backup in multiple 'servers' which are all physically cut off and a 'bridge' unit will be used to transport data should the casual gaming system be breached or accidentally connected online.
Over at my side, security is like top CIA settings, with sensitive system many times that of my casual systems.
My casual gaming system is decently protected, but not unbreakable. The point is, there is no need to break into my surfing or gaming systems. Once malware messes up the gaming system, for instance, Windows will be reinstalled after format... ... and the bridge unit will replicate the requested games and saves to the refreshed gaming system.
Similarly with the surfing system.
The sensitive system is plugged to a security mainframe monitored 24/7 by professionals.
So for a start, even if top agencies want to break into that... ... IMPOSSIBLE.
From there, data even from ground Ukraine battles can be obtained real time with lite instructions. Which also means any games with malware can't be saved to the sensitive unit without being totally blocked.
Hehehehe... ...
If you are working as important role in your company, such as a CEO, you will have to have setups like mine before states get to capitalize on your moves.
All the equipment pinged-able by agencies are all none important low classified stuff that I can give out for free or not as if government agencies don't already know.
So... ... it can be avoided. Hahahahahaha... ... ...
It is no wonder too why I can be so reckless. Kekekekekeke... ...
As someone who was a victim of this hack (I was unaware of this before I got hacked, I’ve since gotten my account back), I don’t understand why people do this. It took me almost a month to get my account back and some people probably can’t get their accounts back. I’m so sorry for those who fell victim to this
@goldenstar_yt hello I hv fall for this scam recently, can u let me know how u got back yr account?
This man has taught me many things to protect my information and accounts, you are a hero.
This man has taught me many things to protect my information and accounts, you are a hero.
@@Theunicorn2012 This man has taught me so many things to protect my information and accounts, you are a hero.
@@seer_y This man has taught me so many things to protect my information and accounts, you are a hero.
@@galeriagaming7707 This man has taught me many things to protect my information and accounts, you are a hero.
@@TamWam_ This man has taught me many things to protect my information and accounts you are a hero
my friend got hacked by those things and send me that suspicious thing but i replied with "i'll try it later" and when i heard the news about him being hacked i was in a relief
yep i had this with a friend over steam once. there were two major red flags tho. first off it was about a csgo tournament and the dude doesn't play csgo. (i immideately went to his profile to check) and the message was in english.. yet i went to school with this dude and he knows i'm dutch
The power of ignoring every dm from someone I don’t closely know
this. i ignore and if they send me wierd links it's block hammer
You can change your settings to only get DMs from friends so you don't have to ignore them.
@@iamxeracon that works until your friends get hacked somehow so it's best to always be vigilant. But yes, I've turned off messages from non-friends too because of these scams for the most part but also spammers as well
@@santosicIf its someone i dont know irl then i always ignore the links and any weird sht they try to do, if its someone i do know irl, then j message on a different platform or just call them
I remember this guy sending me a download like for a "game" they made in my dms, I actually nearly downloaded it, but when windows warned me, I decided not to risk it, and cancel the download. Edit: meant to type link lol
i fell for it a few months ago
@@CrossiAE L
@@CrossiAE im pretty sure i sent you the link XDDDDDD imagine being so fucking stupid
@@lIIllIIIIIlllIIIIlll that's mean.
@@javafimch don't acknowledge him, the lower his guard; the more likely he'll be to fall for a scam himself.
Goated AF for actually posting the real game name cause I was lowkey interested 👀
ikr
i think he singlehandedly boosted the game's sales by a bit more; I bought it too because it legit looked fantastic, just to support them because nobody deserves having their hard work tarnished and abused by assholes.
You know what is funny? I just got this same scam, and they made the password for the file "infected". How dumb can they be?
They probably started saying the most terrible unforgivable gross racial slurs
Thank you for spreading awareness. I am fortunately not in any big servers and only got a select few people on my friendslist that I know very well and trust. I also always have it set to not allow messages from people that not on my list. I also never store any passwords in my browsers. That said; I also wouldn't fall for a stranger sending me a link to something, anyway. Waaaay too sketchy. Even then, it still isn't foolproof. I once had a friend message me some weird shit, including a link to something. But since I know everyone in my Discord really well I instantly knew that wasn't him. Called him up to tell him his Discord must've gotten hijacked. He confirmed, naturally, that he did not send those messages and immediately changed the password and deleted those messages (they were sent to all his contacts and also in every sever he was in, which was already another far too obvious red flag.) Sadly, he's very oblivious in regards to this kind of stuff so it's bound to happen again.
NTTS is like a tech-savvy grandma just trying to protect us all
I fell for this a year ago. I got a DM from someone asking if I could test their game called "Skyline", they weren't offering anything, they just said they needed someone to run their game. I immediately thought that this was a fan of my channel (I have a small channel) and so I obliged. I ignorantly downloaded the malware onto MY MUM'S LAPTOP, extracted it and tried to open it. However, my mum's anti-malware software blocked it, which I think might of blocked it from stealing my shit since nothing weird has happened to my accounts in the past year. I got super pissed because I still didn't know it was a scam and tried everything to get it to run. It never did. I ended up giving up, feeling really upset I couldn't run what I thought was a fan's game.
then I recently found out it was a scam and felt stupid
You are very lucky, you really gotta be careful with what fans send
same, but mine was on a website. fans would start overheating and there was a smoke smell. i hate scammers.
i fell for one similar to this, though i was promised nothing in return. i don't typically fall for stuff like this, but the game they had sent genuinely looked good (i still wonder what the actual game was). i even scanned the game file and there was no malware or virus' detected, but sure enough, the second i opened the game my computer completely shut off. i had over $1000 of charges to multiple cards, all my accounts were changed, and ultimately i ended up losing really valuable photos and videos because i got locked out of my personal instagram. it sucks, but you learn.
same happened to me, someone said me to review a game, i scanned it and found nothing and when I opened it was a malware. though my accounts didnt get hacked cause I immediately noticed it was a malware and changed every accounts passwords
I am not into these games, I don't do discord and stuff, just interested how not to get scammed and reading comments. One youtuber analysed one phishing scam and explained that some are quite bulky, there is a malware code hidden among a lot of zeros and irrelevant bulk, that even the best antivirus won't bother with like 300MB file and just skims through, very likely missing the malware bit hidden inside. This is how sophisticated the bastards are getting. Hope it helps.
Yeah it really sucks bc these things can be so inaccurate bc it hides the fact its malware so the websites dont pick it up. I would try multiple websites but even then you still cant be sure
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
Oof
Id love to see someone with python code experience to dig into the files and find out where stolen info is going, and then flood the server with random gibberish....
Nice video, always handy to know of such scams like this
Man this seems similar to a possible scam I ran into awhile ago. A somewhat friend dmed me asking me to beta test their game and play with them cause they have nobody to play with. I was down with it at first but realized it wasn’t on steam and instead a game I needed to download off a browser so I instantly backed out from doing it. They kept trying to pressure me into downloading it even after telling them over and over I wouldn’t. I told them I have a phobia of computer viruses so there’s no way I’m clicking or downloading anything from a random link. And that’ll I’ll only play it if it’s on steam since I can trust that. I think my paranoia/phobia saved me from a scam/virus.
THIS LITERALLY HAPPENED TO ME A MONTH AGO! THEY USED MY FRIEND’S ACCOUNT THEY STOLE TO GET MINE! (fortunately though, i got it back and re-enabled 2FA with a different password. my friend got his account back too)
it also happen to my main account but the hacker ended up change the email and password
If they know your email and old password, make sure to keep any account u have linked to the email that u use on your discord account safe. You never know
Man scams like this always annoys me a lot because it highlights that downloading random games from the internet is always risky.
I have a lot of fun playing a bunch of free games from new or small developers, but at any point it could be malware...
Of course I'm not dumb enough to download something sent via a dm or promises to pay you to play it.
This is the exact type of discord scam that I fell for a few years ago, and I've had anxiety because of it ever since. I'm very happy that you're informing more people about online scams so that they don't have to go through the same things that I experienced (and am still going through). :)
I know comments like this can sound generic, but I genuinely appreciate the work you're doing for free to teach us how not to be goofy little dum-dums that get themselves into trouble on the internet! :D
@@dirhi thank you for your helpful addition 🙏
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
@@ayansa5254 I reset all of my passwords (as you also did), and I also activated Two Factor Authentication on everything I could. On the infected device (a PC that I share with my brothers), all I did was to delete all files that I could tell were connected to the malicious program and I also did a few full Windows Security device scans to remove any remaining threats. I never even had to reset any of my data. The worst thing that happened was that the program locked me out of my Steam account by changing my password and the email that was connected to it. Thankfully, I managed to log back in and undo everything with some help from my dad and one very stressful evening. Please note that the malicious program that your laptop was exposed to most likely did different things than the one mine was exposed to, and I'm also not some tech expert, so don't take everything in this comment as pure fact. Also - it's normal to worry that the program may still be affecting your device after you did everything you could (I had very severe anxiety because of mine for over a year after the incident), but I don't think even the most well designed computer virus could bypass a hard reset. If you do still see odd things happening on your laptop or to the accounts that you were logged into at the time of the incident, I'd recommend reaching out to an expert in removing such malicious programs.
I hope this reply helps. :)
Welp i fell for this scam as well and i was devastated but luckliy i have my friend who knows this stuff and told me about this that i reset password everything even format my laptop but it was the ultimate sacrifice
@@Moon_GD and i am sorry that happen to you and hope your anxiety will be recover
It is quite ironic, that I got the scam attempt when you posted the video. Great work ntts!
If this does happen, at all, remember, if your friend doesn't major in programming, game development, or not in the work field for that, do not trust it whatsoever.
I very much dislike these hackers, because i actually do want to be a game dev, and i hoped to use my friends as testers, use them to test the gameplay and search for bugs.
Elderand, TSURUGIHIME and Sword and Fairy 7 are the titles of the games shown by the way for those wondering. They're all on Steam.
Oh boy, this scam actually predates discord. I remember getting a ton of these in tumblr asks and fanmail
I embarrassingly fell for this scam yesterday, although the method was slightly different with them getting us to help them out for "game testing and reviewing". Got my account compromised and it changed my password and enabled 2FA. I've reached out to discord support about it and they've moved my request to their Trust & Support team. Here's hoping I'll get my account back 🤞
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
@@ayansa5254 factory/hard resetting your laptop oughta have erased whatever malware program in your machine, I'd suggest contacting discord support and letting them know of the phishing website in hopes they might be able to bring it down or at least let them be aware of such a thing happening so that when victims that have fallen for this might be able to recover their account back faster.
Well, did you get your acc back?
I nearly fell for a discord verify scam once, but right before I clicked the button, I got a DM from a random person saying it was a scam
And all it takes to prevent stuff like happening that is to just not click on suspicious links. *That’s it.* Browsers can indeed protect your passwords from hackers, but absolutely nothing can protect them from _your_ own stupidity.
If you really want to get some cool new games from individuals online like these poor folks did, just get some friends IRL. At least one of them is GONNA be an avid game developer (much like my doppelgänger James Bolding), and sooner or later, they’re gonna PM you with a banger of a title for the YoYoGames platform or even Steam itself. Total strangers are just gonna screw you over under the guise of giving you unbiased advice and feedback, just trust me.
This actually happened to me. I was running servers back then and my friend got hacked and I got tricked by this same thing when the hack was BRAND NEW. I was one of the first people to fall for this hack
I'm watching this because I literally just got hit with the same scam. It was passed to me from someone I know who DOES develop games. I've never fallen for stuff like this in the past but now... I'm stressing up to the eyeballs. I'd consider myself computer literate but this is waaaay past my ability level! I have no idea what to do. 🤥🤯
The messed up part is when they hack your friends discord and are messaging you from their discord with the game link and are specifically game developers and in several game development servers, so you believe them. ;(
Love your videos ❤❤ thanks for the exposing and helpful videos ❤
Love your videos ❤❤ thanks for the exposing and helpful videos ❤
@@Theunicorn2012 Love your videos ❤️❤️ thanks for the exposing and helpful videos ❤️
Saw this recently with two different games - "Return Thieff" masquerading as Sabotage's "The Messenger", and its prequel, "The Word Souls" masquerading as (also Sabotage's) "Sea of Stars". THANK YOU for making this video. You are a life saver.
It's all fun and games until the friend that can't code nor draw is making a videogame for some time
"Cursed" is a perfectly fitting name for this "game"
I almost fell for a scam like this, but it was a google drive link instead. It was one of my guildmates on wow, who I'm guessing was hacked or somebody impersonating him. I was too lazy to even download the "game" and kept procrastinating lol. My memory might be a bit hazy of the exact details, but who knew simply me procrastinating and being too lazy to even download it would save me lol.
as a game dev I suggest not trusting a random site. the only sites I suggest trusting are Steam, Itchio, Gamejolt, Humble, Gog (Good Old Games) and Indie Game Stand. Now Listen, You're not 100% safe on these, However there's never 100% safety when using the internet so take my words with a grain of salt since they CAN have a few malicious games but it's less likely on these since the are heavily moderated on what gets approved and what isn't, with gamejolt being the least safe at about a 70-80%. Moral of the story, if you want games don't trust sites like CDkeys, Cursed Beta, ETC. they can and most likely WILL steal your data.
The trick to this one is to run it in Windows sandbox or some other virtual machine (without logging discord or anything else into that machine) so it can't steal anything, then come back to them and be like "Okay done, the game sucks, but I ran it and none of my accounts got hacked. Can I get the Nitro now."
they of course will not give it to you, but I absolutely revel in making scammers and script kiddies look stupid! It's like playing a game of social chess where the other player doesn't realize you are also skilled, and the more spectacular the checkmate, the better.
Ah dude I remember when someone tried this on me a long while ago, I was actually stupid and tried to run it cause it from an old friend (and I like to have thought before this I was pretty on the nose and could see this stuff coming a long mile away), but naturally it failed cause my antivirus caught onto it, and when they told me to bypass it... Yeah I knew something was up then and just said I couldn't, before I knew it they just left me alone
Theres a reason why i don't trust anyone
@@NecronHandlee Not to mention the account that was your friend's could have easily been hijacked, likely from the same type of scam, that'd then just spread it on the attacker's behalf to anyone on it's friends list
@@MasicoreLord yep, but even when speaking to them in person i would not trust them fully
@@NecronHandlee it's sad we have to live not trusting others. Which is why I love animals. A dogs more loyal and worthy of love then most people.
I’m working on a JavaScript thing for my friends, to show them how easy it is to get hacked. They type in a command in the console and it outputs your complete Roblox token.
This actually happened to me. Stay safe, DONT RUN ANYTHING EVEN IF IT LOOKS LEGIT, ALWAYS RESEARCH !!!
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
@@ayansa5254 These viruses are normally located in the temp folder. Open your laptop, press windows and R, then type %temp% and delete EVERYTHING in the folder. (This is safe, it is only where temporary files are stored.) Sounds like you did everything else I did, and I can understand why you're cautious. Get a antivirus like AVG or Malwarebytes, and keep an eye on your email to see if anyone signed in to anything. Hopefully you can figure this out. Sorry this happened, I know the feeling.
Worst thing is, you don't even get a game with your malware! Come on, at least entertain me while stealing my life
That was the only scam I ever fell for. My cousin sent me that and I was extremely sus about it, but did it anyway. I got banned everywhere (2 servers I was in). It didn't do much damage since I don't have a social life.
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
@@ayansa5254 if you erased all your data from the drive ure probably fine, unless the virus put itself trough the network but I really doubt itd do that. I just changed my passwords and did a clean install since then and had no problem.
They don't steal your passwords but your session token to bypass 2fa that is happening on some youtuber. You need to logout to before the attacker change your security details and expires the session token. Those password would be useless to them if you have an 2FA or hardware key since you'll just get notified and change your password again.
Thanks for uploading great content, Now I can continue to wash my life away watching your vids
Thanks for uploading great content, Now l can continue to wash my life away watching your vids
@@Theunicorn2012 Thanks for uploading great content, Now l can continue to wash my life away watching your vids
It wasn't even the sketchy website that 100% revealed the scam to me, it was the fact that the "Game" was only 50MB lmao, even pixel art games aren't that small.
Welp today is the day I finally get a password manager.
I wish I had watched this video before. I'm on the internet for nearly 2 decades and I never fall for any scam on the internet because I'm very cautious of what I'm downloading and who I trust. But unfortunately that scam happened to me because the website of the fake game was very convincing.
I reseted my Windows via bootable USB, changed all my passwords and enabled 2FA on everything I could. Be careful out there guys!
I falled for this. Then I got the police at my door and paypal money gone. Always be safe guys.
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
I almost fell victim to something like this, because it was a “friend of a friend”
Thank god I kept forgetting to open the project/was busy
You should never run malware as Admin, even on a VM. 🤦♂️
Popular loggers such as Creal and Empyrean can bypass virtual environments. As can RAT's like TheFatRat, EggShell and Quasar.
I'm just some random so feel free to ignore me but I'm just letting you know, nice video. 👍
don't worry, that vm isn't hosted on his pc
@@Tixnou I gathered that but some of the RAT's I mentioned have a lot of networking features. So I'm hoping he had his Internet connection disabled...
a VM hiosted on a webserver is fine tho as all it would do is infect other servers in said datacentre.....which would put the distributer of said malware in a world of hurt....(large companies can sue you til your homeless)
@@Official.SinfulZen the RAT cant access the pc that is interacting with the VM....since its not a true two way link....
@@spykillergames8402 I make malware for a living. 😂
This RUclips channel teaches me more about the danger of the internet than the actual tech nerds on youtube
As someone who fell for this, I will explain how to swiftly remove the guy's access to your account;
1. Keep talking with the guy about whatever it is he wants. If it's even an option. Play for time. If it's not possible, you're screwed in the first place. He won't take over your account unless he gets something out of you first, or at least that's what happened in my case.
2. Reset the password for discord as quick as possible, to your main account and any secondary accounts you might have.
3. Change the phone number to your account as quick as possible.
4. Change the email to all your accounts. They can take over that somehow.
5. Change anything else you might deem necessary. At this point you are free to drop the guy who stole your account and just go about your day. Relax, go for a walk, hell, sleep. I know I did after I was scammed for the first time with this scam...
Other than that, be weary and expect what the guy will want from you if they do get to your account. In my case he wanted money, and a lot of it. But he got mysteriously quiet after I did all the steps above, and I got no response from him till this day.
On another note, keep in mind that they can somehow take over your more important things; The guy accessed my browsing history somehow, and claimed to have my credit card info (he didn't).
Stay safe out there, cheers.
Usually if the .zip is locked with password, then thats a big redflag
Well, that's a good observation but I really don't see why attackers make it in that case. Just to believe the victims that it's a legit software and they ensure that only humans and not some random bots run the program?
@@ThePhysicsWorm Its for antivirus, alot of antiviruses nowadays scan downloaded files, and if its not harcore obfuscated it will block it. But a password protected zip passes through this restriction
I almost fell for a simillar scam, because they hacked my friend who was making a videogame, but when I asked them about the thing they stopped me
I’m not even gonna lie, I probably would’ve fell for this.
I’m so glad I watched this lol
Edit: haha 69 likes thanks
Yeah this happened to me last week, I was sooo close to downloading and opening, I just thought the game was boring lmao.
Happened to me before then he hacked my discord account
@@reubencf Ouch. Gotta watch out 😬😬
l’m not even gonna lie, l probably would’ve fell for this. l’m so glad l watched this lol
@@Theunicorn2012 I’m not even gonna lie, l probably would’ve fell for this. l’m so glad l watched this lol
this scam is so old, that is hard to believe that people fell for it
I had gotten hacked from something like this before. Someone DM'd me from a server I'm well known in asking me to help test their game. I was bored at the time so I decided to do it. Just to be safe though, I checked the file and it said it was all clear but surprisingly, it was a scam that steals your discord account. It was basically this same thing but instead of taking every password, it just took my discord password. Luckily I was able to get my account back but yeah, the type of scam I got was quite well done since there was no trace of any type of bad thing in it. Either it was very clever or I was just being an idiot. I was probably just being an idiot lol.
Edit: The one I had gotten was a few months ago. Surprised it's still happening.
I just got the same and he trolled me showing all my emails and social media accounts, im panicking, just shut off my computer and removed the battery and tried changing all my passwords this stuff is terrifying
L dumb
Sorry for disturbing, may I ask what did u do after being scam in order to get back yr discord account back?
@@judai7035 Just contacted Discord support about it and they took off the 2FA the hacker put on it and I got back into my account.
Wow that google safe browsing page's style is a throwback. You can even see that the copyright on the page is 2007. :o
Ntts would sacrifice his PC just for us he deserves more subs
bruh
He uses a vm...
He used a VM, meaning the malware is contained.
I actually nearly got hacked with this exact scam game by my friend’s friend who got hacked.
Someone sent me something like this a year ago (though it was just a straight up .exe file via CDN) and I ignored it. This video motivated me to run it on a virtual machine (thank you for the suggestion!) and it turned out the "game" was spyware lol. Reported it to Discord, thank you for the template too.
I absolutely love the "Gamer girls SMH" and "Kowalski Analysis" up there
i almost fell for it, was supposed to even stream the game on twitch and they went with it... im glad i didint have time and forgot
I unintentionally caused the scammer to block me because I bombarded him with questions about his games artstyle, concept art, what genre, what's the focus on and he just gave up
Lol
Man it always makes my day a good day when NTTS Uploads.
Gotts love how all I'm hearing is how everyone's anti-virus stopped it from happening or they somehow knew it was maleware, yet here iam fucked with no way of figuring out how to fix this...
Now i got a question. Does double clicking on that malaware also runs it as administrator or does it not?
This scam happened to me twice and i fell for it the second time yet did not run it as administrator.
Luckily i don’t save my passwords on google so i’ll try to check if there’s the malaware on my pc to delete it. Thanks for this super useful video NTTS
Double clicking it does not run it as an administrator, however if you are infected or were prior, I would highly suggest resetting passwords, resetting the machine because it's likely you are part of a Botnet.
I saw that exe icon and i had fucking war flashbacks from when i was hacked by this shit. A person i used to talk to (someone who was also a programmer) reached out. It wasn't a bot either, it was a real fucking human being who had hacked this persons account messaging me. The guy also got my card info so this ain't a fun one. Had it not been from an old programmer friends account i wouldn't have fallen for it
what if you were to open this file while you dont have access to the internet? does it just store the passwords and such until you do?
I don't really know that the virus will run in the background, run on startup or not, but if the developer of the virus enought smart, then he just create a startup entry in registry, and a legitimate tool will upload the cookie files to somewhere, even if you deleted the virus. But if you want to analyze it, you can use a debugger, like X64DBG, also IDA Pro, i more like X64DBG.
@@monetalimonolistothlaszlo8996 x64 is dynamic 🙏🏿🙏🏿🙏🏿
yeah... i just got hacked by this very hack yesterday. (i was not offered any pay for clarification, it just looked like a good game) i am definitely going to be watching your content from now on for the better of my own damn account
Good video as usual! Loving these scam baiting!
LMAO that video got recommended to me 2 hours after a person like this messaged me this: :"Its 2D adventured project we need peoples who can play and give review for 9-10 minutes" Thank you so much for the video
ntts have my kids
what
Exactly
one of my buddies got hacked by something super similar to this thank god u uploaded this bc its helping my friends and i out a lot
ahh this reminds me of the time someone tried to pull a roblox scam on me, and I acted dumb and wasted 2 hours of their life
good work with this , i got scammed with one of these about 2 years ago
some russian kid i think, even got in contact with me afterwards
i recently fell for such scam. An old friend of mine messaged me saying “hey, could u play this game? *link* it’s my friends game and it’s his bday”. I downloaded it not thinking about the consequences. Next thing i saw is my discord logging out and tons of email about a changed password rushing through my email. I’m sad that video didn’t exist at the time.. 😂
I'm so mad because I actually fell for this. It was such a headache to deal with the aftermath. I know better and I for some reason just wasn't thinking.
Same bro😭 The dude even added my second account on the account he hacked from mines nd told him ik it's malware, then he tried to tell me too join them and he'll teach me how to do it. I was like hell nah 😭
This happened to 3 people i know, after they downloaded a game, they started spamming the game link, this was the hacker, he first started saying it was a friends game, and now he's using the hacked accounts to say its their game to make people believe it's real, and he's also nuked a server using a account that he hacked, and he's also saying the n word
Imagine using Windows or Mac for that matter. Just asking for trouble.
I got saved by this, one of my friends texted my while I was shitting, I said yeah sure later, and completely forgot until he said he got scammed lmaoo
I fell for one of these yesterday from one of my friends, luckily I dont believe he got any passwords or any too personal information, never doing that again.
I dont even pick up unknown calls. If some randoms messaged me on discord i would ignore them or if I'm feeling happy I'll send them memes