Malware in Google Ads: Fake OBS, VLC, Notepad++
HTML-код
- Опубликовано: 4 окт 2024
- Malware ads in Google search for OBS, VLC, Notepad++ and other popular apps that lead to infostealers that can hack all your online accounts! This video contains an in-depth analysis as well as a technique to break down such malware. Try Guardio: guard.io/pcsec... (sponsor)
Buy the best antivirus: thepcsecurityc...
Join the discussion on Discord: discord.tpsc.tech/
Get your business endpoints tested by us: tpsc.tech/
Contact us for business: thepcsecurityc... - Наука
About the tools and techniques shown in the video: Noobs, don't go deleting random padding in windows files, it will mess up the address locations and cause them to crash, this is a technique for downsizing malware to scan online, don't use it on system files without a clear understanding what you are doing. :)
Edit: Adding this here since some people have posted in our discord after messing things up by doing the above.
hello I love you service you cratit citrus and I love much for your help with this request is that you were doing and if you are still available I can pick it up at beginning of next week if you want you can cancel if there is anything I can do the same thing I didn't miss it but I will be there in the shower and I'm not a big fan and I love you to the cash so we are good time to come over to my house I have a wonderful deitcr Love is in a better place for a new job and I can Come to the bank account details to follow the rules of engagement ring and I will be in a little late to the party but you don't need to get the money into my account and it tiller to the bank and get back to me with a copy of my resume format of money to pal card credit card Number to get a new phone or email gecafri to make sure I have the bank to the bank and get it to rehearsal tonight anyways tomorrow and willing to help me to find the right one for me and one and I will be there at me and said that he will be there at tryouts are doing good and you can come over and play with you and the family have a great day been so much I will be able to get to know you are interested I can do the job for me to come over there crdlreal you to know that you are interested please let me know what to do I don't have to get up anything access to my account details are going to not only okayed it was so good time with the kids to the bank to makeup for you to come to the cafeteria and get back from dessert is the correct cerdrte few minutes cease to Decatur and the family have a great crackers measures to make sure you received reservations repercussions of my phone but I think it's a few minutes ago race is everything description for the next two weeks so I will send you an restrictions the bank account details are esr noticed that the players are don't know how does that sound to get to you to make sure that you are interested were Hurd to reset it tiller trying carat the hours received this crying plication to make changes deadbeat to get ESET the bank to sweat wakey eggs to get the wanted the bank Ralph is I'm 1399437224 A's in a relationship as the earthquake insurance ear!
I luckily haven't run into this virus, however I allowed my Windows 10 to update, mostly because they practically force you to update, well anyway the end result was blue screen of death, and I have not been able to figure out how to fix it, I followed a few tutorials of how to restart it in safe mode and so far I haven't had any luck, and I tried for hours last night, I eventually gave up because it was pissing me off way too much. I had to stop and do something else for a while.
And now I'm considering and getting a Linux pc, because I am sick and tired of Windows b*******, I've run into so many issues since I upgraded to Windows 10 throughout the years, I swear to God that program is just malware and bloatware and expire where all in one package it's all meant to destroy your machine over certain period of time.
Noobs?! And why should we be trained anti-hackers! We are users, not software creators. As a user, we use the tools given to us for our free time, work or private things. If we can't trust companies to give us safe products, then I suggest that you stop downloading legal programs over the Internet and make them available only in physical form, if it is so difficult to review everything that can be downloaded from the Internet in order to protect users with increasingly powerful computers. Then we will get to the point where doctors, politicians, judges and other workers will have more knowledge about anti-hacker matters than about the knowledge to perform their jobs! And then why did we divide schooling into different branches? Make sure it's safe or turn it off.
ARE COOKIES A SECURITY THREAT TO INTERNET USERS? IF THEY ARE, WHY ARE THEY ALLOWED TO BE PLACED ON PEOPLE'S COMPUTERS!? AHAHAHA AHAHAHA LOL
The solution is to make a copy of the suspect file first and then only modify the copied file you would like to check. If a virus is found in the modified file then delete the original. If it is a Windows system file you suspect then first open an administrator command prompt and type...
sfc /scannow
This has been an issue with Google for years now. I think at this point, they need to be considered complicit in it to some degree.
Especially as Google profit from the distribution of the Malware!
Oh definetely. This has been buging me for many years
Yep, cuz if they were vigilant enough this would be a pre-check procedure before approval! As soon as this kind of behavior started!
Google is to busy blocking its political opposition, they dont have time to worry about this.
My mother has a heart condition and she downloaded an ad from RUclips with a fake antivirus(malware) and that thing hijacked her phone with a huge pop-up over the phone interface she was not able to contact me in case of problems Google deserve to get sued for doing money with unverified ads
A friend once tried to set up minecraft mods on their mac, and ended up installing some malware from a fishing site. They searched for the right thing, but the top result was an ad. For someone who isn't too computer savvy, it's a pretty easy trap to fall for.
@Simpson I remember when I got tricked into downloading fake optifine. The look-a-like site was the first result while the official optifine was third......
Agreed!! Especially if the site is similar to what your looking for
@@simpson6700
Thats good to know. I recall back in the beta days of minecraft it was a dice toss to find mods
This is why I always make sure that the link I'm clicking is the actual search listing and not the ad. It's not hard to pay attention to, and it will save you a lot of grief.
same happened with me
but i was using win 7
This is why I've installed ad blockers on all computers in my family. My mom is smart and fairly tech savvy for someone her age, but she could easily still fall for something like this.
7:28 Sadly a LOT of the people (and the main ones that falls for this) don't know what the domain of whatever they are trying to download is supposed to be (or even what a domain is for that matter)
Top results on Google or any other search engine is not always the real thing.
@@markarca6360 unfortunately anyone who isn't tech savy isn't going to know that.
@@Rozdlc it sort of contradicts what people assume because people would assume Google would at least put the most popular or official site up ensuring a safe search unless you wonder into the deep end.
The dl file, was sus but I can understand someone not being picky but the np looked like a real name.
Furthermore even if you do know the possibility it's mostly a gamble regardless if you don't remember an exact url, and memory can trick us into being confident into a false positive
@@2BsYummySolesFrustrating that a simple Google search can be so stressful.
i usually always check the actual url
I hate that hackers instead of doing the work and putting their effort in getting a job with their skillset decide to want to rob people of what they worked for instead.
If no one did cyber crime there would be no need for cyber security experts
Lol? It's probably more profitable to scam r.tards that use ads instead of going to the official site.
They did. They work for these major companies
2:13 IMO online scanners should give a warning when a file is too large for scanning and instruct the user to scan it with their preferred antivirus/antimalware program
Most people do not have that many antivirus installed. You probably won't get good result with just 1 antivirus.
@@timarmstrong8765 So they should offer to really scan under some conditions such as payment. Straight up failing to scan is stupid on the border of being fake antivirus.
I swear they used to.
Windows already does this if setup correctly
@@halometroid Windows is not a scanner, but many versions over the past 30 years have been bundled with a scanner that Microsoft bought a few years earlier.
I like that you are very technical and show these things.
The best security channel on RUclips unarguably.
I did a whois lookup on the website and there's a "Registrant Email" it is to a random gmail account is it possibly the person who made the website or what?
@@Stripedspot yes, it is. I am surprised that information wasn't redacted as it is the goal of malicious actor, to remain anonymous. But the person might have left it on purpose for a reason... Monetary perhaps
I'm one of these Dragons, and Privacy is our Presence.
this is really embarrassing for google for allowing this to happen
google has been off their shit for years now, stopped using their engine and their browser a couple years ago, also always use and ad block
browsing the internet without adblock is best avoided for a whole host of reasons at this point, even if the ads don't bother you personally
I can't agree enough! For me, internet browsing without adblocker is unthinkable.
Just as a reminder, always vet the sources of your software. Only get downloads from the original author's site that you go directly to manually or through a verified legit link.
There is always a small chance that even the author's site has been hacked and have some of the downloads tampered with, but that is extremely rare, and far less likely compared to getting downloads from a sponsored link or random referral.
Or use Linux and forget about installing apps this old and barbaric way lile it was 2003 still.
@@andrzejandrzejski229 I would love to switch to Linux. I think it would be a little problematic for my games though. Also I'm not quite that experienced.
@@andrzejandrzejski229 Careful, some of us still build from source. ;)
The hard one is the damned green download buttons on some sites that appear via Google Ads.
@@andrzejandrzejski229 I’ve used a 2 Linux distros KALI and Ubuntu both are great.
Linux is a great operating system as it’s highly customizable which I like
On one hand I expect a virus scanner to do a quick check for long sequences of the same byte, then create a temporary copy with that stripped out. Basically automatically doing what you just did.
However, on the other hand, these malicious people would start adding random values instead of just 0s.
Or embed an actual video file into the executable to further obfuscate it.
Ultimately, any method to enhance detection can *and will* be circumvented eventually. It's a cyber-arms race.
@@Operational117 Indeed that is the issue and always will be. Both sides keep outdoing each other. However the alternative is to just do nothing and let the other side win.
I think that cybersecurity vendors should add generic detection patterns for these zerobyte bloated malware, as this technique gets more and more common nowadays in order to evade analysis and identification.
First thing they should do is to TURN OFF the speed shortcuts for manual and other high importance scans, applying them only to trivial things like copying or zipping up files.
It pretty much only prevents you to upload those files to scanning websites since they are too big. Any (decent) AV having the mailicious signature parts of the file already should still be able to identify it after download.
Having end of file data appended to an Executable is like a automatic big red flag for alot of AVs already. Not sure about the behaviour if they actually appended it as a ressource though (which isnt the case in this video example)
They could easily pad it with random data as soon as such was started to be applied.
Security vendors should recommend linux first. Then try to help the helpless monkeys fix windows.
@@communitycollegegenius9684 Dear “Linux Boy”, if Linux became a popular OS like Windows, it would also become a respectively large target of threat actors.
Most anti-virus have an option to scan entire files, but "not recommended" is often written beside it. Not sure why... it's probably performance intensive.
this should be on by default on "full scan"
Using an Ad-Blocker like ublock origin or adguard is better or else one should use brave browser's aggressive mode to block ads & trackers.
Portmaster is also a pretty good adblocker/firewall too!
And use winget to install Software.
I think Google should be liable of all the damages that’s have been caused by their negligence in allowing false, scammer advertisers use their platform in an official capacity.
Thanks for posting this video!!!! Often times, I'll read comments from people stating if you "simply" stay away from "sketchy" or "questionable" sites, you can protect yourself from malware. Or they will state if you're "careful" in how you navigate the internet, you can protect yourself from malware. This video shows how people who actually DO those suggested things (don't visit "sketchy" sites, etc) can still be exposed to malware. Videos like these are very helpful and useful!!!!
And this is not only going with Google Ads. I have found a lot of ads on social media, such as Facebook, RUclips and Twitter, all of them claiming to be legitimate software. Obviously, they are malware, and they use the same oversized files to trick AV's and online scanners. I've been collecting most of them on a VirusTotal collection. It started (for me) around September 2022. Right now (January 2023) some of the malicious ads from those sites stopped showing up (for me, again). However, the pages distributing those ads are still working (some of them uploading the malicious files to MEGA, DropBox or even Google Drive). "Tech giants" really need to do something about this, but I don't know if they will because they are making clear that "making money is more important than people's security or privacy, no matter the situation". That or use an ad blocker (funny because they don't want users to block ads, mfckrs).
EDIT: Link to the collection on VT here for those who requested it. www.virustotal.com/gui/collection/03b112798aea1a4ba6e4c8174a1c964f41caf6b25af54dca97e7b8b3e44d37ee
do you have a link to the collection? I'd like to test that malware in a vm and can't be bothered to go hunting for it in the wild
This has been happening for over a decade...
I was seeing Google Ads linking to websites with virus, back around 2014'ish, when RUclips mobile started inserting simple 2-3 line text ads on the Recommendations page.
There would be 2-3 lines of text, with a small thumbnail.
The 1st infection for me, I wasn't completely certain how it happened, but after clicking an ad again weeks later, it solidified it.
The text would talk about some new hot car model from blah blah company, and the thumbnail image would be a teaser.
However, the site I'd go to, had nothing to do with cars, and raised red flags.
Both times, my Android phone got infected with a virus.
~2014'ish
Google recently blocked an adblocker extension claiming its malware
@@RimFaxxe Funny, isn't it... lol
I guess this is just one more reason to never click on the ads on search engines, but go down to the actual search results (which I always done anyway, the notion of ads taking the place of search results always been stupid to me, even in a world where malware wouldn't exist)
unfortunately the answer isn’t just that clear. ads on google have become increasingly less clear. the issue with also saying that you should be using an adblocker kinda falls apart. yes in 2023 you realistically should be, but if you’re downloading obs, notepad++, or vlc, likely you’re setting up a new computer and unless an adblocker is the second thing you install, assuming the first is a different web browser, you likely haven’t installed it either.
@@majoryoshi Stop using Google.
@@chublez I... don't. I use duckduckgo
Google ads can basically lead to any type of malware, from a simple phishing site to a ransomware
I don’t think Google is going to start doing the bare minimum checks until enough people start avoiding ads because of the known risk.
The software that you used to analyze the .exe is new to me! So useful! Thanks for bringing this content to us.
2 Questions:
- Does this Malware require admin access?
- Would Malwarebytes detect it as a threat?
I just tried it. Yes, malwareybtyes browser guard blocked it.
There's ways to circumvent needing admin access, these are called "escalation attacks", and are still around in every windows version. Now, malwarebytes may detect it, but that all depends on the attackers obfuscation/crypting techniques. Sometimes these obfuscators are so advanced that they bypass runtime and scantime anti-virus detection.
1- easy to bypass
2- easy to obfuscate
@@rogerclemis4380 because people already reported it and google did block it already. BUT what if you're from those first hundred people got it? u fkd .
@@ALD7MI2011 It did not block the website . But it blocked it when I tried to download it. So ya I am not sure
If you are not a person who can tell legitimate ads from scams and malware, you should have an adblocker. I use an adblocker no matter what because of the BS ad layout on most sites bloating my screen and using up all my bandwidth.
Or because ads are annoying and you wouldn't buy the products anyway as ads are often for overpriced products I mean, buy an advertised gilette razor or buy a 5 euro pack with 20+ blades that does the exact same thing and also includes another razor you can put the blades on.
Same, I use adblocker to also reduce the CPU usage when browsing. Those animated banner ads makes the page unresponsive and consumes a lot of CPU usage in my potato laptop
How do you install an adblocker? I’ve never done that before
There was a rumour that Google wanted to ban adblock apps and similar... So I switched to Firefox, after many many years. Edge, Brave and some others use the same Chromium base like Google chrome. They don't exist for me anymore.
Adblockers just block content from being shown. The ads still make requests. If you want to truly block most ads, a PiHole and an old laptop will do just fine
I almost falled for this scam when i wanted to download blender if it wasnt for the slowness of the download i wouldn't notice
This is why an ad blocker is a must have when using the internet.
Never trust Google search ads.
This is why I always run an adblocker, and NEVER click on any ad that gets through.
This is also kinda a problem of windows too, for not having a good modern store or centralized software repository install app
I love the deep dives you do! I like too see how everything works. Stay safe everyone
Virustotal no longer has size limits. Now it computes the hash in local without having to upload the file, and then checks if the hash already exists on its database. I just checked it, and not only Virustotal has let me scan the file, it was already marked as very suspicious (14 malware detections at the time I'm posting this comment).
I just checked and it says the file size limit is 650 MB.
@@brunoshure it used to have no size limits, until VT was acquired by MalwareBytes. As well as locking important features behind an account system and advanced features behind a paywall
Before getting an adblocker, I had trained myself to completely ignore the ads, I always skipped over the top result and clicked on the second one
Not too long ago I actually fell victim to one of these trying to get AMD drivers while in a rush, it installed a few exes etc after I foolishly ran a MSI that it gave me. But thankfully I went ahead and got rid of most of the junk myself and ran Tron / Rouge Killer.
Then boom few days later I got a warning someone tried to get into my google account lol.
I don't think I have ever clicked on an ad. If I see something in an ad that's interesting, I'll start a new tab and do my own searching for it.
This is EXACTLY why I block as many Google Ads as possable.... It's been a issue for years....
Why isn't Google being sued for this shit. They are just untouchable. It's their responsibility to stop this shit.
as many ads from any source, when it's not selling you a crappy product it's malware
I'm not surprised about this. It's noticeable that google has fired groups of people that manage the ads because the google ads I get are weird and uncomfortable.
I remember back in a past life when I was an IT security type person. You could pack a zip file that appeared to be small but would lock up a computer when it was expanded. I can't recall how we did it but yeah, old school local memory attack for a single PC
its a zip bomb, i know how to set them up. instruction can be found on wikipedia or on google.
@@unfunf22 That's them. Yeah, great fun...
This is exactly why I use ad blockers.
This is difficult because some legit open source program sites look INCREDIBLY sus, and some fake sites look incredibly normal. Ads in Google search can be helpful and no matter how tech savvy you are, as humans we don’t have the energy to be ever vigilant and will a some point relax and rely on lived experience and accidentally click on something like this.
I downloaded OBS from Microsoft store, had to download WinRAR and Notepad++ from Google, I scanned both of them no issues at all.
The rar files itself is only 14mb in size, that is something you forgot to mention i think. It is normally impossible to compress 300mb into only 14mb. So something is up even before you open up this file.
It depends. For example databases with plenty of empty placeholders can reach sizes like that.
For example I had to work with a file which had a size of roughly 1 GB, but after unpacking it I ended up with a collection of csv files with a total size of 21 GB.
Also google: Let do a update to remove ad-blockers.
Knowing that they’re doing this, i wouldn’t be surprised if Google is in kahoots with these malware creators
@@Blood-PawWerewolf Facebook already is
This is why adblocker should be packed with the browser itself these days. But yeah, don't think that Google is willing to do that for Chrome
Maybe some chromium-based browsers or Firefox could do this
also i've heard that brave does exactly this (never actually used it so i may be wrong)
I'd suggest using Brave Browser. It blocks everything... even stuff that adblocker doesn't block, like those "to continue reading this article, sign up here" things.
Google is actually fundamentally changing their engine in an attempt to stop ad blockers. It may or may not work, but goes to show the direction they're wanting to take. They'd love it if they could make desktop Chrome the same as mobile Chrome which doesn't allow extensions of any kind.
This will affect almost all Chromium based browsers as well, unless they fork off into their own branch. Brave has done this. However, time will tell how long that can be successful as the two divergent versions get further and further apart they'll be more and more unable to pull in changes from Chromium.
I'm back to using Firefox as my daily driver with uBlock Origin.
I run brave with ublock so i have two adblocks.
Thank you Brave, Guardio, and uBlock Origin
I am so glad, plenty of these programs have self updaters, so once installed no more manual download needed.
So, Zoom had a wonderful hack happen to Mac Zoom client updaters about a year ago.
The security flaw was so blatant that the certificate checker to verify if the downloaded update is legitimate only checked the certificate's name, not its actual content.
Some programs don't practice security at all.
One of signs of suspicious file should be difference between compressed and uncompressed file size. File with lots of padding should compress more than 90 percent. EXE never compresses that well
Something similar happened to me:
Recently, after building my new pc and downloading some games, I decided to download MSI afterburnen (from a fake site) to see its performance. After running it, I realized that it was a virus so I decided to do a factory reset to my pc. After that everything seemed normal, until I got a notification in Gmail (a week after downloading it) saying that there has been suspicious activity in my account. I checked what happened and it turns out that my Microsoft account, Steam and all the accounts I had on the computer had been stolen. I was only able to recover a few. .-.
The ones that really get novices are searches for popular websites like Facebook and Ebay that can also return ads that point to illegitimate sites. I've even seen searches for 'google' return scam ads which is pretty ridiculous.
The fact that Google has not taken the proper precautions to address this threat by verifying if these advertisements are valid is disconcerting. It is false advertising and it severely damages the already low reputation of Google. There is no reason at all to use this search engine anymore, let alone recommend it over the alternatives. Their reverse image search no longer works, their search results are bias, even for topics you would not consider political, and now searching for certain applications on the official websites is a risk due to false ads and link misdirection.
I use a few Adblockers, to keep my internet use free of annoying adverts, and so far they seem to kill adverts so I am ad free to watch films etc., without being annoyed by them, which has worked for some years now. I watch TV series on YT, because I can enjoy them without the being riddled with adverts.
OMG thank goodness I never got scammed from these fake websites ! Thanks for telling us you're the best man!👍
Awesome! Thank you very much for being out there!
Great info. Subbed as I just found your site. Thanks from the Philippines.
some ways to deal with large files is .
1. remove the padding like you are doing (not everyone will think to do that).
2. have the online scanners bite the bullet and take the large files and take a hit to performance.
3. online scanners take a page from many cloud apps like adobe and download the app and execute it via the web site and run the code on the user's end.
Can you highlight which AV do bother searching through entire file? I'd at least like the option to enable further resources
It's extremely anti-productive too, I ran a case printing business and tried to use google ads to advertise. Although I was completely honest, google told me I was "circumventing systems", and then put me in a endless loop of bots to answer my appeals.
My business relied on these ads so eventually I had to shut down, whilst they let the actual malicious, clearly faked ads roam and harm people.
Glad it was brought to light, good video. Google massively mis-treats small businesses. I don't believe small businesses deserve an easier time just for being small, but I definitely can't stand behind actively shutting down small businesses in the name of protecting - just to let obvious malware in anyway.
I don't understand how huge AV vendors are so pathetic. I'm just a college student and I can quickly think up flagging files that end with a bunch of 0s as malware or marking a RAR with an exe and an extreme compression ratio as suspicious
Very thankful for this video, I saw a really weird Google ad today actually and was wondering what was up with it. Had a bogus prefix on the HTML address and I was immediately suspicious. I assumed it was some sort of scam but didn't think it would be as complex as this.
Thank you for this video. I learned quite a bit. What do you use for your VM environment? Are there any free VM services out there?
Virtualbox, VMware player are both free.
@@yotoprules9361 VMware isint free, atleast the version with a whole lot features
@@Hookah37 I said VMware Player...
@@yotoprules9361 both r the same
and people look at me like I'm breaking the law when I tell them I run ad-blockers
man, last year i think i fell for the rivatuner malware, nothing was stolen, but my GPU ran at 100% the entire autumn. the only reason i wasn't super suspicious is because i used to be an AMD owner and switched to Nvidia pretty much when the malware got me. i just thought it would be a visual bug in the task manager. it didn't help that my AMD GPU sounded like a leaf blower at full power draw and the Nvidia GPU is silent.
i'm not tech illiterate at all, i just never expected that someone would ship viruses with open source software. i think at this point we need a browser extension to spot websites pretending to be other websites and highlight the URL in red. ublock isn't enough when search engine results get so unbelievably bad that they show fake websites before the real ones.
Bing yandex are more reliable than google. Obviously still scuffed and sus sites but i havent gotten a virus since like i was like 12 so about decade.
This is why I never click on the "sponsored" results. I always scroll down to click on the actual resutl.
Why would you ever click an ad anyway?
Maybe a safer way to download is to use the Windows Package Manager ( winget )
That's why i always try to find for example: "OBS reviev" on youtube. If video and the creator are legitimate i look for a link to a oficial website in the description. Then I download the file and triple check with for example kaspersky. I also recommend checking coments under the videos. Stay safe.
> uses adblock
> I'm an absolute freeloader
Why people aren't using an ad blocker like UBlock Origin is beyond me.
Problem solved !
Google said they will remove ad block add ons this year if I'm not mistaken.
Which is quite sad in my opinion.
@@Blueniter True, but they've fought back. Ublock has released a new blocker, if you care to check the Google store.
Of course you could just use the Brave browser, like I do. The blocker is built-in, which means Google can't screw with it 😉
@@Blueniter Google is a search engine.. not a browser
@@Blueniter I am not sure if you mean they will remove it from Chrome but if yes, simply switch to a different browser, i.e. Firefox.
And this, is why you ALWAYS click on the first non-ad link and make sure the URL is genuine.
I got caught by this too. Not entirely sure of the source as it was on a brand new PC where I was reloading everything. I'm pretty certain that I used the right sites for Notepad++ and VLC but I noticed that the first sites returned weren't always the legitimate ones. That's a problem. I think it was driver site though. Thanks very much for you explanation.
I've raised the issue with Google because the first things the hackers did were -- 1. Turn off my MFA, 2 Put a mail rule into Gmail that sent everything from google to trash. I'd have thought those would be very obvious signs that Google should have picked up on before allowing them to raise an ad campaign. My bank also allowed four transactions of increasing value in the same day from a new merchant - they should also have picked up on this as very obvious fraud, so I'll be having words with them too.
Interesting that these companies are all about AI these days but clearly aren't using enough AI in their detection.
Where's the part where you talk about VLC?
Always, always check your links before you click or download anything from those, that's still the best protection, common sense.
Also look at the website and how it is designed, most of them look very basic and suspicious, that mostly means fake websites.
Oh man... My friend downloaded the 7-zip fake one. Because of a Google add about two weeks ago. She factory reset her computer, but I have no idea if that fixes the problem.
I was on a zoom call and watched it happen. Some red flags popped up during the process, as it had been over 10 years since I last installed it, but before I spoke up she opened it up, and agreed to it's agreement without batting an eye.
I feel for the people who can't or won't use ad blockers on their devices for any reason.
That's why i never press on any ad in google search 😂
Good lesson. When you search, don't click on the ad link, scroll down.
Obvious question: do consumer AV have options to scan large files? If so, which ones?
Imagine not having adblock on your browser in 2023.
Do you know what happens if you make a malware angry? Malwarebytes.
Thanks for this informative video. Looking forward to the next ones.
The thumbnail is perfect
Seems a little lazy to pad with zeros when it could be using random characters that resemble actual code. Or they just replace the zeros with copies of the code.
been using adblocking for 10 years. this is none of my concern whatsoever.
This is what happened to me today, google showed me Razer drivers that were in reality a trojan.
Could you make a video about virus/malware on a video file, if its possible for an haker to put a virus on a mkv or mp4 video file and how to detect that? Thanks for the great jop!
One thing im noticing is that some pirate website are using clicks to make fake websites appear more relevant on Google. Nothing wrong with the website itself, what matters is what happens with that url after.
Oh and thank you for a great video! I had no idea about this problem. Also its basically a great advertisement for using adblocks.
Google should stop putting site ads as first link when you do a search... It happend to me last year with blender...
you should have uploaded the file before removing the empty space and then do it again after the removal so we could see how big of a difference it makes...
This is why I never click any Google Ads, I always to go to the site not marked as an ads. I also look at the address Google is showing to ensure I land there, if I get redirected I won't download. Norton is starting to become aware of this new attack vector. If you right click a downloaded file and choose scan with the software is suppose to do a full scan, but as indicated in the video here it seems not to be doing that. I hope AV companies are paying attention especially if you are paying for a subscription.
And now we know why we all run Adblocker or Adguard services at home and on our networks !!
Good thing I (almost) always plain ignore all sponsored hits on google. 99.99% of the time the sponsored hits are not what I am looking for anyway.
...And remember kids... "Always use ad blockers in all your browsers! And if you didn't ask for it, block it." :D
ruclips.net/video/lUBhOgK5zQI/видео.html
A Great reason why we NEED Adblockers and why we DON'T NEED Manifest V3
the sneaky way of them replacing ( J ) with ( i ) in "obsproject" to become "obsproiect"
that's the sneakiest way iv ever seen, and its hard to observe unless you get close to the screen due to the small diff btw ( j / i ) ...
When you talk about the problem of a file being too big, I suppose that's only related to the AV automatically scanning it as soon as it's downloaded, correct? So, if I right-click one of those files after I download it and manually scan it with my AV, will it be caught? Also, will an AV flag a file just due to "padding"?
I installed k7 free trail version for my laptop, it is working good for both my laptop and mobile. and thanks for your video.
Looks like Google already blocked ads when you search for OBS, VLC or Notepad++
As a general rule of thumb, I never click on the Ads sites google shows. I know these can be used maliciously so I don't take any chances.
There was even a fake link to my bank last time I googles it. Google has dropped the ball.