How to know if your PC is hacked? Suspicious Network Activity 101
HTML-код
- Опубликовано: 2 авг 2022
- How do you know if your PC is hacked or compromised or infected by malware? In this video we will introduce you to the field of digital forensics looking at suspicious network activity and guide you through autoruns, sysinternals and more, with the example of a live cryptominer.
There will be a live discord workshop after this event which you can join at discord.tpsc.tech/
Sponsored by: analyze.intezer.com/
Get TCPView: docs.microsoft.com/en-us/sysi...
Buy the best antivirus: thepcsecuritychannel.com/best...
Join the discussion on Discord: discord.tpsc.tech/
Get your business endpoints tested by us: tpsc.tech/
Contact us for business: thepcsecuritychannel.com/contact 
Наука
I just assume its always hacked
bro using his intuition for security
Assume breach. Actually used method in cyber security.
Alphabet Inc Google hacked my android phone with proprietary hacked firmware blobs that they extortionly refuse to unhack my phone by no human language communication opportunity to even have a voice to speak to any human responsible for the hacks
Correct
hahaha same here, Im 100% Ive been hacked like 2 weeks ago, for the 30th time. xd
Just by finding this video on my recommendations, i'm very suspicious now
Like the girl that found out she was pregnant because google kept recommending baby clothing ads 🤔
Same dude
"Sometimes, these hackers can be so clever that they stop the malware from running when task manager is running"
*Leaves task manager running 24/7, disconnecting from the internet when done*
Hacker: "You werent suppose to do that"
Big brain plays
Outplayed
turn off auto reconnect, make sure bios settings reflect said off state as some settings put it in a waiting for "wake" signal as a default.
I would just have done a clean install of Windows depending on how much junk I may have on it. That gets all of the malware unless it is Logofail. Also in that command was the wallet address the crypto miner was using. I don't like crypto mining but I do know that much anyhow. Unless it is gone from the computer it will just run again next time Windows starts. More advanced versions might check it to see if it is running and restart it. This not only steals from you but you might notice the CPU or graphics card running hotter if you monitor or you may notice your fans running louder than usual, even when the system is supposedly idle.
@@Myself-yh9rr Thats smart. Personally I would arduiously skim system32 and the whole windows file system, while letting some indian guy on youtube guide me through it. And then act like im smart after lol.
Back in the good old days, hackers would actually let you know when you got GOT through some type of taunt message etc. Now, actual software gives you taunts and nag screen and hackers stay on the down low.
I had windows installations trash itself on my desktop for no reason and can't tell if it's windows or a virus at this point.
Even work laptops with fresh Windows installs gets bugged out at times.
Pd: Tried several virus scans in the past (Kaspersky rescue disk, emsisoft emergency kit, malwarebytes to name a few) but nothing comes out of it.
@@zNoah Something similar happened to me, in my case it was the keyboard, the delete key became defective to the point that it would activate by itself, so anything that i had selected at the time would get deleted, to "solve" this i disabled the key using a program that made the key useless.
Yup I remember the time I got my friends PC hacked when I was 12 like it was yesterday. Had to have the diablo II maphack so of course I downloaded it, the screen turned blue then someone typed "Hello, how's your day going?"
@@James-uk4xiah hell naw💀… what happened after that ?
@@youngjrr I said "Hey Deven, I think your computer just got hacked." He came over, took one look and hit the power button. I left to go do something else, then came back a couple days later and he had installed a virus free maphack for me.
Basically Microsoft lets Windows be so buggy, that actual malicious activity can appear normal.
Microsoft never said they were doing it right lol 😂
That's because modern window *is* malicious spyware
@@kristopherleslie8343 No one brought up what Microsoft did or didn't say pea brain... lol 😂
Yeah, and the svchost in windows is like xinetd in linux. The difference being the latter is far easier and you can tell exactly what it does or what you let it do, based on easy and simple text configs, so it's much much safer. Windows svchost... I have no idea what it executes or if there is a way to manage it.
@@stan22677 Wrong. After Windows 7 there has not been a new operating system by Microsoft. Windows 8, 8.1, 10, and 11 are not operating systems, they are apps built on the Windows Mobile platform. Microsoft has preprogrammed backdoors into every one of their operating systems and apps to allow hackers, advertisers, and government agencies to use. Sure the hackers side wasn't intentional, but having 1 open backdoor into the system invites them in. The security updates you speak of block the old holes and open new holes. It takes the average malicious user roughly 1 hour to rewrite their code after an update is released to use the new holes. All they do is open up the security update files and locate the new holes.
So before trying to belittle someone, maybe you should get your facts straight. Nothing Microsoft has made since Windows XP is safe and secure for the average consumer.
Yep. Pls. Much more if this. I stopped disinfecting people's systems etc. I actually stopped all my IT related work some time ago but there is a severe lack of this particular type of knowledge so anyone picking up these skills are highly valuable to many people. Including themselves since this gives people more to explore and expand their skills even further. Very good channel. Keep it up!!
Subbed, liked, shared!
Me is a targeted induvidual. The government is following me.
You think glasswire firewall prevents stuff like this? It stops bs microsoft apps from connecting.
I’m bored. What’s your IP?
@@johnmadsen37 You're asking the wrong question. Millennial. If you're bored and want something to do, you should give me your IP.
Are you 100% sure you want my IP?
highly recommended Man even for average user
"If you open up something like Task Manager, they just drop all of their resource usage"
I guess good thing I have Task Manager always open?
XD
Thats smart af
Clever
Some of them are probably smart enough to know when you have the actual window pulled up.
Buy her a Mac if you love her. Or build her a Linux machine.
What I don't understand is why Microsoft doesn't make service names excluisve and especially the company name. It should be forbidden from anyone to set the company to Microsoft if it wasn't actually made by Microsoft.
You can see the company name in task manager, by right clicking on the process type on the top and clicking “Publisher”. But that won’t matter if a hacker hijacks an official process.
@@memememeson3994 funny tangential fact. when microsoft finds an exploitable bug in windows, they report to NSA first instead of fixing it.
@@udittlamba why would they do that? This doesn't seem like correct information. Microsoft discovers a vulnerability they are going to fix it asap. Why tell the NSA? It's not like they can weaponize the vulnerability. It will be patched.
"Finds" is an interesting verb to use in that sentence. Unless by finds you meant 'implements' and keeps them in place for half decades until they become a mainstream exploit.@@udittlamba
It's kinda like saying "Criminals don't have access to guns" And then be shocked when a Felon pulls a glock on someone. Criminals don't give a shit about who forbids what xD They'll do whatever it takes to steal your stuff.
As someone who's PC has been getting frequent CPU spikes, I'm definitely using this video in the (probably near) future.
How old is your pc btw? If it's more than 2+ yrs old, and there's no malware, it might be just be your PC getting close to warranty.
@@R.K_Chalkboard omg, imagine a pc with 2 years already dieing lol
Are your graphics drivers updated?
my pc is 7 years old it has a 9 year old proccesor its i3-4130 and i have my old nvidia gt 640 2gb vram edition installed btw my thermal paste has not been changed since when i had my pc the proccesor was plugged in my pc since when it came and my cpu is acting strange i am getting glitchy screens at a rare case anyone know what i have to do i do not want to spend any money to upgrade it should i install another os? right now i have windows 10 which os should i install then?
@@MLPFAN_isLost First thing to do imo is open task manager when it happens, if anything is at 100% usage then that's where your issue is from(alot of causes for high usage of X)
Just getting back into the PC for fun world after 10 years hiatus, really appreciate this video man. Picked up sysinternal (thanks for sharing about that, didn't even know) and have been playing around with couple of the tools you used here. Definitely need to learn more about network security, looking forward to your other videos
I had that XMR miner, and he's right, sometimes they can't be detected. Windows Defender and the full version of Malwarebytes didn't see it. I ran a tool called AdwCleaner and it was able to find it. It's a free tool made by Malwarebytes, but it's a separate download.
Too easy! Recently found multiple signed & undetected malware on my Mom’s PC. She’s always downloading random stuff lol
Take her pc away
@@Emily_Bondevik_Official Yeah right
@@Emily_Bondevik_Official the ultimate uno reverse card
Create another account for her with limited access.
Buy her a Mac , windows is trash
These videos are just great. I really enjoy the way you present this information. This is such a nonintuitive subject for most people, and yet it's so critical to learn the fundamentals... Thank you :)
Had an issue at work years ago, back when we still had Windows XP on the machines (late to move to Windows 7). Task Manager would show explorer at 50% and would freeze for ages. Eventually I was actually given time to investigate (managers deciding just wiping the laptops is quicker have no idea. It wasn't quicker). Used Process Explorer and could see one .dll in Explorer was causing explorer to run at 50%. Turned out it was a pgp dll that just scanned the network for files that were encrypted so it could change the display icon. We never encrypted files just used PGP for whole drive encryption. I disabled the .dll and it fixed the issue in under a min, compared to wiping the laptops and starting again.
Do you think that completely deleting Windows and reinstalling it will remove any viruses?
@@User-jr7vf Yes. Although as Mark Russinovich said in one of his malware talks. You shouldn't have to. You can clean a system without wiping Windows.
I was hoping to learn how to know if my PC is hacked by watching this video, but instead all I learned is that I have no idea how networking works.
Take a free introductory course to server client communication or the HTTP protocol specifically. It'd be legit 10 hours max and you'll learn very useful knowledge for your day to day life.
I couldn't help but notice that your background is Elizabeth Quay in Perth, Western Australia. Nice!
I think I speak for everyone when I say…. that You Sir are hands down some of the absolute best value of our time spent watching online content! Thank you for your incredible devotion to others.
did you found the program he's using to monitor the processes?
Videos like these are so important it's almost a crime you don't have more views and subs, if I were a boss at RUclips I would be pushing content like this like crazy.
I just wanna say buddy I love your channel. Thank you for your work.
very nice how the logo brightens up when you say Subscribe.
Amazing video! Never saw a content like this, very interesting and important! Thank you!
Very good content, I learned a lot! Thank you!
Don't give up mate, that was my first day to use soft soft and i will work on it for a long ti!
Wonderful! Great job and thankyou very much!❤
Very nice, well edited, good composure. You got a sub from me 👍
07:09 : This scenario you describe could have never happened if MS hadn't removed useful utilities that they used to have until windows 7.
Spesifically , until windows 7 you could always have enabled a gadget which was monitoring the CPU and RAM usage of the system !!
No matter how smart a malware is , *if you can monitor the CPU/RAM all the time(like you could back then) ,then it can not hide from you* .
I always had this gadget enabled , until MS removed it from windows 10 and later . Such a useful monitor utility , windows are going backwards instead of going forward ....
-- P.S. This utility had helped me to find that something was wrong in a PC in my work enviroment and ultimately this helped me to spot a malware and clean that PC .
Or you just fully move to Linux, where no system process can run without a root password.
There is a thing called Resource Manager,
@@Mario583a what you are saying exists in all of windows versions(you could see a version of a recource manager in windows 7 as well ) , but do you know anyone who would have such a huge bulky thing *always enabled* on their monitor ??? that's what i argued in what PC Securiy channel said , *he said that a sophisticated malware can recognise whenever the resource manager is being opened , so it hides itself when that happens* .
What i'm saying is about a very small (takes very little space on the top-corner of the monitor) but super-useful gadget that existed until windows 7 , which anyone could afford to have it *ALWAYS-ON* ,and it could be used for a very quick glimpse to check if everything is normal in your system recources .
You had the option to have that gadget always on ,permanent , while what you say has to be re-activated with every PC-restart , besides the fact that it's not practical to have it always on (very bulky as i said ,i don't know many people who would chose to have something like that always enabled on their monitor ... do you have that always on ? *that's what i argued in the first place* ... the always-on part ... )
It doesn't come with Windows, so this isn't a direct answer, but Process Explorer effectively serves that purpose (at least the way I use it); I have it auto-load into the taskbar tray on boot and sit there showing system resource graphs all the time.
PSA: Use Process Explorer. It's much more useful than Task Manager.
@@maynnemillareslinux is not beginner friendly
Thanks dude this really helped me a lot I did the steps that's you did thanks man!
man, thank you for making videos, very helpful
Hello, nice video. Once thing though, you didn't tell your viewers how to find the actual EXE on the Windows system and how to do a VirusTotal scan. Also, you didn't mention how to find and remove the autostart entry and all mention of the EXE in the Registry. Finally, it should be possible to block the in/outgoing traffic using Windows Firewall.
2:00 process explorer rather than process monitor, maybe the priogram changed name in his more recent vid
2:30 sudeenly taking alot of cpu
4:50 making sure miner goes away
5:38 how to know which of these is legitmate or not
7:10 miners canbe smart drop processes when u opne task mangaer
8:20 terminating process tree
then summary of above
Thank you for this video. Unfortunately i won't be able to use it because my brain just can't take in this information with ease, at all, but I'm glad for everyone else this video helps!
HOLYY SHIITTT I LOVE YOU ❤❤❤ I'VE BEEN SEARCHING AROUND THE INTERNET FOR 5 HOURS AND THEN NOW IT'S OVER FINALLY I LOVE YOU MAAN
Will defo use this as my network has been quite strange
Everything you have explained seems very legitimate and logical to my understanding to my knowledge. Thank you for this video. Didnt hear you mention any, but are there any recommended Anti-Malware systems that you would recommend, (if any) to prevent or minimize these so one doesn't have to always have to manually remove them?
Omg I think this random video solved exactly the issue u have been having for a few months now
Honestly, thank you so much for this video. It really helped me to not only remove the xmrig file from my computer, but also confront the attacker themselves. Thank you so much
This video is priceless, thank you so much.
Hi Leo, excellent video. This is a wake-up call to action to understand the art of network security and how easily you can be hacked into by anybody who is trying to do harm to you on the Internet. There's more concern for people attempting to exploit you in many ways. Is encrypting your browser the best way of blocking information? Is encrypting your protected folders the best way to protect you from would-be attackers?
Your browser traffic is already encrypted.
Well probably the best move you can make is by switching to either MacOS or Linux
@@seansingh4421even a chromebook and chromebox would be better. Using any of the above would be the #1 thing.
@@seansingh4421 “singh”
Go back to India 😂
@@seansingh4421lol no
thank you my man for learning me something new :)😍
Do you have a link to the part 1 video that this video mentions? Or have I just missed it somewhere in the notes?
The dead giveway in the Task manager is the process has no name. SVCHost is a legit process that runs on Windows, but it would list itself as SVCHost in the Task manager, so the fact it doesn't show a name is a huge sign, not to mention the high resource usage as you mentioned. Monitoring your overall system usage is a good way to determine if something suspicious is going on. Of course if you're running programs or doing something, then this will sort of muddy the information but if you're computer isn't doing anything and no programs are open but you ahve high usage, chances are you PC is hacked (there is a slightly delay though when you close programs, as some programs do have to do some clean up tasks behind the scenes, but say after a minute, if the resource usage doesn't settle down after closing all programs, then you may have a problem).
The comnt section is very positive and downright encouraging! Love it!
Great info, wish I had known this stuff years ago
Great work 🥳 Thank you 💜
Great tutorial - But what I am missing here is how you determined that it was a threat and will the tool help in color-coding these threats so they can be visually ID'ed? My list of processes is very long and from the Icons I can determine what, but without some kind of indication I am afraid it is hard to identify - Can you also tell me where I can download the graphical toll "United Graph"...Please advise, Thanks!
Some malwares stops when you open Process Explorer too. I discovered I had a Crypto Mining Malware thanks to Nvidia GPU Activity.
I usually have encrypted backups on a separate disk but this is good knowledge to have. Some people don't want to wipe.
Valuable information. Awesome.
you can make the text bigger or drop resolution - only in HD res can anyone read the text on screen
You said that a cryptominer can lower the activity or shutdown its software so that you don't see it with task manager. In that case how do find it and deal with it?
In case you're wondering, that's a monero cryptominer. You can probably even see the wallet id number on the first app.
You are the boss bro!!! Thank you a lot!
Microsoft hacks my system all the time with updates.
My e-mail was hacked and I lost it for a week. I've download a crack that inluded Trojan, so I'm almost sure it's because of it. I was able to get my e-mail back (by support) and I wonder if there's something I should do to make sure my pc is clean now? I've scanned my pc by Malwarebytes & Kaspersky, says it's clear now.
Yes format your PC and make sure to change your email and other account passwords which were compromised and use 2fa authenticator apps as well for those accounts.
Most security experts that aren't trying to sell you a subscription to their software would advise you to reformat the computer. Any system that has been infected previously can no longer be trusted. Even if antivirus software claims it to be clean, it's never a guarantee. Always reformat after being infected
well...do what the video says?
my friend had something like that it hacked everything google, Microsoft and more but no av detected it. it was still on the computer got rid of it after reinstalling windows
they already have all the passwords it's not about the pc lol
Absolutely interesting video and just made me think if my old PC had CryptoMiner on it because the CPU usage went up randomly alot and the system was using all of it,
Deserved Sub and Like.
depends how much if its only bump up to 20% or less its normal
@@ivo3598 It bumps up to 80-90% very often and system is using all of it
Great video! lots of info! Lots to follow. but good stuff. Thanks! Also, What is that on your wallpaper? I like it!
Its a bridge located at Elizabeth quay, in Perth, Western Australia
Is there a way to track how the malware ended up on your pc?
My main concern is that I must look at multiple attachments for my work. We know that there are several phishing attacks/malware that come through. As it is a remote job, I work on my personal Laptop. I have Windows 11 Home. I had a bitch of a time trying to get VMware and Virtual box for my VM, which failed...and now, I successfully activated Sandboxie. I followed all of these instructions, but am afraid I may still be vulnerable. Do you have any suggestions?
yes so get norton
@@A-hill-music-productionsJesus Christ, no. Stay away from anything other than malwarebytes' products and windows defender.
@@flyingspaghetti bro noooo what makes u say that
I recently helped a friend figure this out and this video really helped explain what we found!
Thanks for this resourceful tool.
Hi, can you do a video on the largely fileless WMI Hijacking malware (using system service processes to appear legit)? I can't seem to do anything about it except remove some registry keys and remove some startup entries and .VBS scripts to no avail. Thanks, would be awesome!
WMI is fileless?
checked this out for myself, turns out my computer is just ass slow
good video anyways sure to be helpful for others
thank you for the informations, i like the way you*re teaching us :)
Hi, great video. Would you please consider linking to the videos you reference in your videos? You say "in the previous video we did such and such" but it's hard to know what that video is. Thanks! Great work by the way!
who do you report the IP addresses to?
In my case there is windows delivery optimization which randomly starts up and uses a lot of resources but it stops when I use my pc and again starts when I leave my pc idle
That's a legit Windows process, nothing to worry about.
@@zenkisaragi1551 yea I looked it up , windows telemetry 😂
@@Im_DJ basically built in spyware.
This is good, but omg I was looking all over the Process Explorer App for "TCP View", I even looked in the view menu but couldn't see it and then at the end when I seen you switch to it I realise it was another program hahaha!
Wow thank you so much that really helped
nice but was wondering if you restart your computer does it gonna relaunch again ? or it is completely removed
It is completely removed
It is not possible to know your system hasn't been hacked without performing an offline analysis. Preventing compromise is critical for proper security (and if you do find something sufficiently suspect, start fresh with an offline installation of OS and Anti-Virus).
how do you do an offline analysis?
@@walad123098 for simple analysis, you can boot from your installation media in recovery mode. That will give you access to command prompt and basic tools.
For more complex analysis, create a Windows PE boot image from a clean system, write it to either DVD or USB (DVD preferable on DVD as it is read only (you would need to copy on tools like anti-virus and malware scanners).
However, for a professional offline analysis, its easier to get one of the solutions provided by the major anti-virus vendors.
I'll add a link in the following post to Symantec's solution, each vendor will have something similar.
@@goddessesstartrekonlinefle3061 Im paranoid cuz i downloaded 3 zip files, i extracted them but didn't run the .exe/.aex files inside, freaked out and deleted them. Now i dont know if im at risk. They were plugins for Adobe AE from a youtuber so im just paranoid here not knowing what the next step is or if i should format my pc
6:29 Sorry if I missed something, but how did you find the miner's original file to analyze? As I understood in your example you only noticed the abnormal network activity in the svchost process which I believe was the genuine svchost, right? Just hijacked. So how do you find the miner's file(s)?
Nice presentation!
Glasswire has a good service where it forces connections to go through an "allow/deny" prompt. It also does a scan on VirusTotal of the executable before it prompts you.
Hey, that's really cool! If it's free and there's a whitelist function (to always allow my PC to connect to discord, steam, google, youtube, etc.), I can see myself using it. Thanks for letting people know!
Edit: it's paid, but there's a lite version where you can still tell what's going on, so I'll most surely use that
Same does Windows Firewall Control, add-on for Windows Firewall to make it easier to manage. Also can prevent injection of unwanted firewall rules
windows firewall doesnt block connections to microsoft.@@Panocek
What about something like GlassWire, where it is active 24/7 in the background?
A virus can’t hide 24/7 and will show up on the history.
If you like being a little bit more proactive, there's a feature for denying/allowing first time connection, too. It also scans on VirusTotal before it prompts you.
VERY interesting! ...I was wondering why my windows units were using so much power ...my DAW desk needs new thermal paste after just one year! ...with electricity prices I can only power them up for short sessions now anyway... - but NICE HEADS UP!!!
I'm late to the party here. Thanks for once for the algorithm working. Preparing for a deep dive into your channel
Thanks!
Damn this guy was really thankful.
Live workshop right after the video premiers, sign up here: discord.gg/tgeTFAqk?event=1003367587763208293
My laptop had basically this exact thing happening, when I left my laptop idle for a significant amount of time an instance of svchost would start using about 50% of my cpu, I had suspected it might be a crypto miner but I didn't know what to do about it other than terminating the process which I had to be very quick to do after I started moving my mouse before it would terminate itself
Great video!
Question: How does one actually report it?
So we know that this process is malicious, but how do we know which program (virus) does that? I mean if the virus/malware auto-run when you start your PC, you need to kill the malicious process everytime?
most likley so get norton and use the power eraser
question noob here if i make firewall rules for certain processes in question that i know wont effect the system obviously not the svc host your mentioning would restricting outbound for those processes stop or make the malware irrelevant if it has no other methods of activation?
Thank you, I just subbed. I definitely would like to received new vids.
This is assuming that most people know the difference between a suspicious IP address and one that is essential for your computer. I tried to eliminate a suspicious IP address years ago and removed something critical in my system. In the end I had to reload the entire OS and start from scratch!
Yeah, I don't understand all the praise this video has. It barely helped, am I supposed to manually search every IP lol
Mate, last month my laptop’s cpu’s core 0 was 100% constantly, i was suspecting a virus, and after watching this, i believe it definitely was one, svhost was the one using the most cpu constantly. i didn’t find this video earlier, so i had to reset the entire laptop 2 times, before updating some drivers, then the virus is gone, it is so weird.
tbh, i feel like it might still be on the system, and i’ll try your methods, thank you
@@leonzspotg i had adware on my and i just formatted my drive and factory reset my pc and it went away
I've noticed unusual disk activity along with slow running app(s), and then when I go to task manager it takes a while to start, and once it starts the disk activity stops. Sometimes the hard drive light is still and on and task manager says there is no activity and shortly afterwards the light goes off. I often wonder if some kind of malware is stalling the task manager until it can hide.
once you end the process is it over? or do you have to set something up so it stops the connection for good?
so the video is ready, but you force us to wait 45 hours, why?!!!
Cause of the live event.
@@pcsecuritychannel Oh okay, thank for replying!
Killing the tree gets rid of them?
So uh, you said some tricky hackers will hide their cpu usage.. I notice when I open task manager for a split second my cpu usage is 50 something percent, then drops right down to 1 or 2% Am I hacked or does it ramp up for a second just opening task manager? Also most of my games crash as soon as I open them lately, trying to figure that out... IF I do have a hacker, I've already reinstalled windows 10 and I ran that tron script from reddit I saw in a different video for good measure. Shouldn't that have taken care of it?
Oooh that reduction on power when task manager opens is nasty. I had one of those and I never was able to find it, so I reimaged my PC (after backing up my files)
How did you know your pc was infected in the first place then?
@@Adama.1 Performance dips while running games that did not dip before and lag on startup
I don't know for *certain* that's what it was, but it's the only explanation I've found that makes sense
ok, but I still don't know if I'm hacked.
Remember Outpost or LookOut? Pepperidge farm remembers.
Hahahaha!!!! Love that joke
I had this same miner but it was a ETH Miner, I downloaded Rouge Killer and it got rid of it forever. Thank god cause I did not want to reformat.
Added to Favorites. Like and comment too.
Microsoft wants your computer to end up cornholed.
This is one of the main reasons I switched to Linux. It's more secure and doesn't spy on you like Microsoft. I even switched my Mom's PC to Linux and she's doing fine on it since she mainly only uses the browser and doesn't install apps. I also got her a hardware firewall (Firewalla Purple) that I can use to monitor her network from anywhere using my phone. Now I feel more secure when using her PC when logging in to my online accounts. 😅
You can't get viruses if no useful software runs on your OS I guess
Problem for me is, i'm a gamer. And most games are for windows.
@@callumkristofer7793 bUt LiNuX hAs PrOtOn
Sadly, a few Linux distros "phone home" on a regular basis. Ubuntu, to name one very popular one.
Don't get too cocky though, no system is perfect and Linux absolutely can be pwned if someone cares enough. More easily so if you ever get a little on the lazy side with security updates or even better you simply get cocky that makes a basic social engineering attack so easy. Trust me on this I do a lot of penetration testing for a living, exploiting those that get cocky is as easy as exploiting the extremely dumb aka it's taking candy from a baby level stuff. While working I have to work hard not to let it be obvious how much my eyes light up when people seem to imply they are somehow immune because their system is so much better, I know my job just became infinitely easier.
So how do you combat this because if it’s impersonated programs just closing the process tree isn’t enough
Hi! Thanks so much for this video and tools. Great! What to do when a URL is offline? Intezer Analytics is not supporting this. The program calls URL's like that highly suspicious. What would be the best approach?