You know what's funnier? Trying to hack a cyber security company yet some are successful. You guys act like every cyber security expert is immune to attacks lol. We are all humans and there will be time that we will be caught off guard
The sad thing is they wouldnt do this if it didnt work. Its easy to fall for the right scam at the right time no matter who you are. it happened to Jim Browning once. He got the right scam that he didnt check out properly. I cant remember exactly why he went along with it. Think he was expecting an email or something. He got his youtube account stolen. If it can happen to Jim Browning it can happen to anybody.
yes it can infact happen to anyone that's why sometimes we need to not rush things these types of scams work when you are trying to get something done quick
Exactly, just like those indian scam call centers....they don't have to scam every person, even if they scam few it can bring them thousand upon thousands of dollars. They keep on doing because it is profitable.
Eric, for April fools, you should turn your channel into a live streaming crypto bro channel and delete all your videos just for a day to make it seem like your channel got hacked by one of these threat actors.
@@EricParker nice to meet you, Tesla Live, i enjoyed your latest video titled "Elon Musk - Bitcoin and Ethereum Merge INCOMING!! ETH/BTC Predictions & Analysis! Crypto News" the only channel takeover malware i've seen has been elon musk related for some reason, does anyone know of other common impersonations by these scammers?
Eric, watching your videos has made me do all my browsing and downloading within a VM, started using analyzing detection services online, never thinking of running anything cracked for "research purposes" on my main OS's and I have started triple booting my machine on isolated SSD's from each other. I a salute you for my newfound paranoia of being hacked :)
@@cideltacommand7169 he absolutely has a "homework" or "Taxes" folder with 100 GBs of files in it. guaranteed. thats the only reason someone would be this paranoid.
@@cideltacommand7169he has the right for privacy, and responsibility (shouldn’t have your computer being a part of botnet) in him. Also electricity bills and computer parts are money lost if you catch a miner.
This just happened to me, thank you for keeping everyone informed ALWAYS RUN THINGS IN A VIRTUAL MACHINE IF YOU DON'T TRUST IT! I had someone try to send me some fake tank game and it had electron stuff in it and a .exe named "elevate". Thank god for virtual machines!
Hey there, just wanted to quickly explain the link at 1:24 which was not working inside your VM: I am certain that the link is supposed to prompt you to open a fake already downloaded file in Explorer. It used the Explorer Syntax (AQS) to trick the user that they downloaded a file. But actually it’s just a connection towards a WebDAV share. The share then contains .url Internet Shortcuts which reference another .url within an archive (because of MOTW not working there). This is related to CVE-2024-21412. The 2nd url then redirects to a malicious file which loads further malware (too many variations to further explain/guess). In some windows versions there won’t be a smartscreen warning, therefore all the above mentioned steps would take place in the background when the user doubleclicks the first .url file. Additionally I want to mention that the first .url file likely had a double extension name and a fake icon. In Windows even if you toggle “show file extension” you won’t be able to see .pdf.url but instead just .pdf. With the fake pdf file icon it’s a very good disguise.
I just tried creating an empty PDF File and just appending .url at the end and was quite surprised to not see the .url suffix. huh. The only way to tell with changed icon would be the "Type" column, but you could probably hide that too.
Месяц назад
@@mr_confuse wow.. i did not realise that.. you are right..
"heyy man as a cybersecurity youtuber you mind if i send you this file to run and trust you to not make sure its malware even tho thats what you do" - clearrly the smartest person alive
Wonder if Udemy (the actual company) knows this is happening, if they file a takedown request with whoever is hosting the fraudulent site if it's possible, it would save a lot of tech-unsavvy people methinks.
What do you do in those cases tho? Do you report the hack (in this case, the attempt to hack) to any kind of law enforcement agency or just report their account or something? I feel like law enforcement wouldn’t really care about some random person being hacked and getting their passwords stolen (especially if the hacker comes from another country), nor do I feel like companies that get reports of users on their platform using their account to hack people would really do much apart from banning the account and going on with their day. Am I missing something here, or is it pretty easy for those malicious actors to do small scale hacks (like hacking people and stealing their passwords compared to building a big botnet for example) and never have anyone coming for them?
best bet would probably be contacting the FBI they have a dedicated cyber-crime section on their website, you can fill out a form there. You could contact a local FBI field office too, I think you're more likely to see results that way.
@@selectionn Not if the attacker lives in a country like Russia that doesn't cooperate with US law enforcement, at the end of the day it's a matter of how many wanted the hacker is because you can bet your fortune in most cases rarely something gonna happen if victim is a simple civilian
I had a friend get a undetected sample manifesting as a game via discord. It was interesting. It was some kind of discord and other cookie/session stealer
It's trivial to automatically create infinite versions of "undectable" malware (or any program) if you have basic knowledge of assembly. The concept of virus checkers is fundamentally flawed.
so im confused. if a victim does seemingly fall for this scam, opening that at 1:48 , can the victim get malware installed without his/her knowledge of downloading any unsuspecting files ; i.e. just opening the webpage? thank you
hey im a software developer student and i really enjoy watching your videos but I dont know most of the cybersecurity terms like "EXOR" attack and "offset" it would be really cool if you could explain them a little bit love the videos tho 👏👏
I don't understand why people do this, I downloaded it oncesomething similar and it's a very unpleasant thing, I had and still have problems and a lot of stress because of it
Wow this one was really fancy. Thank you for informing now I realise you should never trust it %100 even if you have all the quick tools saying its safe
Disconnect the network adapter of that vm, disable drag and drop, disable shared folders, disable clipboard sync. And don’t give the VM any pcie pass through. Yeah it’ll suck operating it but you gotta keep yourself safe
Hey Eric, why not use Jotti too? They use different AV parameters, and Trend Micro also detect packers by default (unless whitelisted) while VT didn’t.
Most malware are either adware, Spyware, password and cookie stealers or ransomware. It can only "hack" your accounts if you have the password saved on there(or get keylogged)and no third party authentication.
Not really, no. Even with trusted sources it doesn't hurt to be skeptical because of supply chain attacks. Personally, I just try to minimize how much software I download and execute as much as I reasonably can.
My YT Sub list has one of those Ripple crypto scam videos and live feeds on it right now. Which means some unfortunate YT content creator got pwned by some malware.
The dark themed program is Binary Ninja (I have the commericial license $1499, but you can also get the personal one for $399), the light themed one (that I'm stepping through) is x64dbg (free download x64dbg.com/)
A question, if you're browsing a browser and a 0 byte file downloads on your computer without consent and your antivirus don't pick it up is it a virus, Trojan, RAT etc?
No, it’s definitely not 100% safe. Hackers use a technique called steganography, where they are able to embed and obfuscate malicious code in a picture or audio file. Yes, image files like JPEG and PNG aren’t executable but the way it works is the malicious code attempts to exploit the software or editor that opens and interacts with the image, which would result in an infection if successful. Always check the website that particular image came from before downloading it
Someone even actually tried to hack cyber security companies and some of them were successful. You act like every cyber security experts is immune to attacks
im a hack tool/software seller for a popular game and its actually ridiculous that how easy it is to sign something. i have a method that i use to digitally sign everything i make for NVIDIA
Thanks for the shoutout bro! I got the exact same Udemy message that you mentioned in the video. Twitter sponsor scams seem to be on the rise
crazy i just watched your longest youtube argument video just before this vid xd
Yo the goat is here
Didn’t expect u here tho
@@ToastCheckDMs me too lol
@@ToastCheckDMs Thanks for watching!
@@iPhone3GS_68 Haha thanks
its just funny trying to hack a cybersecurity youtuber
Especially given they made deep contact this time with DMs. I can't imagine they were talking back and forth to me and not watching the videos lmao.
@@EricParker lol
@@EricParker Keeps you on your toes. Not good to have a target on your back, but it can't be awful to keep that knowledge fresh.
You know what's funnier? Trying to hack a cyber security company yet some are successful. You guys act like every cyber security expert is immune to attacks lol. We are all humans and there will be time that we will be caught off guard
Jim Browning got scammed, a cyber security youtuber can get hacked
Good old "Lets always trust signed files"
Lol
Haha Apple, take that!
Arknights pfp
@@k0shachiya_myatatrash game btw
arknights brother
Your videos have taught me to be more paranoid so thank you
Just go back to the stone age so you won't be hacked
Even pagers are exploding nowadays
If a people is more aware to cybersecurity, they will be more paranoid.
XDD
69th like
The sad thing is they wouldnt do this if it didnt work. Its easy to fall for the right scam at the right time no matter who you are. it happened to Jim Browning once. He got the right scam that he didnt check out properly. I cant remember exactly why he went along with it. Think he was expecting an email or something. He got his youtube account stolen. If it can happen to Jim Browning it can happen to anybody.
woahh
yes it can infact happen to anyone that's why sometimes we need to not rush things these types of scams work when you are trying to get something done quick
Exactly, just like those indian scam call centers....they don't have to scam every person, even if they scam few it can bring them thousand upon thousands of dollars. They keep on doing because it is profitable.
Nooo I can't believe they got Jim 😭
Eric, for April fools, you should turn your channel into a live streaming crypto bro channel and delete all your videos just for a day to make it seem like your channel got hacked by one of these threat actors.
I am thinking about it. I need to avoid getting in trouble, it might be an intro or something.
@@EricParker nah just go full on crypto scammer mode lol, if youtube doesn't take down actual scams they sure as hell won't touch your channel
@@EricParker nice to meet you, Tesla Live, i enjoyed your latest video titled "Elon Musk - Bitcoin and Ethereum Merge INCOMING!! ETH/BTC Predictions & Analysis! Crypto News"
the only channel takeover malware i've seen has been elon musk related for some reason, does anyone know of other common impersonations by these scammers?
that personalised code gave me id10t vibes even before rus -> eng translating 'hui v rot'.
Eric, watching your videos has made me do all my browsing and downloading within a VM, started using analyzing detection services online, never thinking of running anything cracked for "research purposes" on my main OS's and I have started triple booting my machine on isolated SSD's from each other. I a salute you for my newfound paranoia of being hacked :)
XD
What do you have in your PC?
Like dude
He has the launch codes
@@cideltacommand7169 he absolutely has a "homework" or "Taxes" folder with 100 GBs of files in it. guaranteed. thats the only reason someone would be this paranoid.
@@cideltacommand7169he has the right for privacy, and responsibility (shouldn’t have your computer being a part of botnet) in him. Also electricity bills and computer parts are money lost if you catch a miner.
why tf am I listed on this website at the beggining of the video lmaooo, I’ve never heard of em 😭
They probably didn't expect a non-english youtuber to notice
no worries we will send you the contract right away, check your email and download all attachments 👍
Mdrrr Julgane qu'est-ce que tu fais là ? 😂
@@Mr.Gungineer J'ai cru que j'étais le seul à remarquer ça
@@Obilaxo Non non, c'est marrant de voir des français par là
3:00 "People ask me why I am not a believer in anti virus scans" LOOL
Nor is he a believer in signed equals safe
Pros use to Re-analyize
also Triage.
what did the solara user said before getting all of his acc and cookies hijacked:
The first warning sign was that they put you under time pressure, then the "invitation code" prompt and of course the suspicious domain.
And of course the EXE file with a logo that looks like a document.
the day someone fully steals a malware analysts channel...
Hey, this is malware researcher Elon.....
U know deep humor? I've subscribed to the both of u recently so it's perfect timing lol and I don't even subscribe to channels frequently
This just happened to me, thank you for keeping everyone informed ALWAYS RUN THINGS IN A VIRTUAL MACHINE IF YOU DON'T TRUST IT! I had someone try to send me some fake tank game and it had electron stuff in it and a .exe named "elevate". Thank god for virtual machines!
Im pretty sure that fake tank game was a campaign to steal cryptocurrency from north koreas APT, Lazurus.
Hey there, just wanted to quickly explain the link at 1:24 which was not working inside your VM:
I am certain that the link is supposed to prompt you to open a fake already downloaded file in Explorer.
It used the Explorer Syntax (AQS) to trick the user that they downloaded a file. But actually it’s just a connection towards a WebDAV share. The share then contains .url Internet Shortcuts which reference another .url within an archive (because of MOTW not working there). This is related to CVE-2024-21412.
The 2nd url then redirects to a malicious file which loads further malware (too many variations to further explain/guess).
In some windows versions there won’t be a smartscreen warning, therefore all the above mentioned steps would take place in the background when the user doubleclicks the first .url file.
Additionally I want to mention that the first .url file likely had a double extension name and a fake icon. In Windows even if you toggle “show file extension” you won’t be able to see .pdf.url but instead just .pdf.
With the fake pdf file icon it’s a very good disguise.
I just tried creating an empty PDF File and just appending .url at the end and was quite surprised to not see the .url suffix. huh. The only way to tell with changed icon would be the "Type" column, but you could probably hide that too.
@@mr_confuse wow.. i did not realise that.. you are right..
Dude, the "undetected" malware scare me all the frick out. Because, as the video shows, the scanners doesn't work here.
Sorry my bad bro
"heyy man as a cybersecurity youtuber you mind if i send you this file to run and trust you to not make sure its malware even tho thats what you do" - clearrly the smartest person alive
my bad
I wonder if this is the same guy trying over and over again to get you with different tactics. I bet he thought, “yeah this one will get him.”
2:30 lord almighty, the .exe format is a dead giveaway but that descriptions kills me haha
"there's no way he'd be able to suspect a thing!"
Eric Parker: "nah, i'd win"
I've said it before I'll say it again, if your gonna hack someone don't target a malware analyst
Wonder if Udemy (the actual company) knows this is happening, if they file a takedown request with whoever is hosting the fraudulent site if it's possible, it would save a lot of tech-unsavvy people methinks.
Normal people can take down websites if you contact the registrar abuse email
Nowadays, even if you breathe wrong, you'd get an undetected malware.
you forgot to link deep humor in the description haha
Great video, please consider showing us your setup for malware analysis. Thank you!
What do you do in those cases tho? Do you report the hack (in this case, the attempt to hack) to any kind of law enforcement agency or just report their account or something?
I feel like law enforcement wouldn’t really care about some random person being hacked and getting their passwords stolen (especially if the hacker comes from another country), nor do I feel like companies that get reports of users on their platform using their account to hack people would really do much apart from banning the account and going on with their day.
Am I missing something here, or is it pretty easy for those malicious actors to do small scale hacks (like hacking people and stealing their passwords compared to building a big botnet for example) and never have anyone coming for them?
I've been nominally doing both, but you're correct that it doesn't appear to do much.
best bet would probably be contacting the FBI
they have a dedicated cyber-crime section on their website, you can fill out a form there.
You could contact a local FBI field office too, I think you're more likely to see results that way.
Maybe even Microsoft or globalsign
@@selectionn Not if the attacker lives in a country like Russia that doesn't cooperate with US law enforcement, at the end of the day it's a matter of how many wanted the hacker is because you can bet your fortune in most cases rarely something gonna happen if victim is a simple civilian
I had a friend get a undetected sample manifesting as a game via discord. It was interesting. It was some kind of discord and other cookie/session stealer
I confronted the scammer after playing along for a while and they said they made it. I doubt it but i suppose its not impossible
It's trivial to automatically create infinite versions of "undectable" malware (or any program) if you have basic knowledge of assembly. The concept of virus checkers is fundamentally flawed.
could've done a uno reverse
i hope you did report all of these security risks to virus total?
the fact that when i clicked on this video it show me an error so i restarted the website which is yt obvioulsy 3 TIMES and then it worked
so im confused. if a victim does seemingly fall for this scam, opening that at 1:48 , can the victim get malware installed without his/her knowledge of downloading any unsuspecting files ; i.e. just opening the webpage? thank you
can you make a video for minecraft cheat called "mio client"? a lot of people says it's RAT also a lot of people says it's safe to use
what is up with these sketchy malware video game cheats LMAO
do people bundle it with malware and hope dumb little kids will click the download button
@@starryskies0yeah.
@@starryskies0and dumb little kids do fall for them
I can confidently say it's a well compiled rat 😂
hey im a software developer student and i really enjoy watching your videos but I dont know most of the cybersecurity terms like "EXOR" attack and "offset" it would be really cool if you could explain them a little bit love the videos tho 👏👏
these are not really cybersecurity terms; XOR is an arithmetic operation and offset is just an offset from a memory address
I don't understand why people do this, I downloaded it oncesomething similar and it's a very unpleasant thing, I had and still have problems and a lot of stress because of it
Have you reported to the CA that one of their issued code signing certificate is signing malware?
Which idiot sends a phishing email to a cybersecurity specialist
A brave one.
what virtual box u use
and another question can a malware escape from your virtual machine to ur main pc if yes how to prevent it ?
Yes, cannot prevent, just don't be a influential person in political, religion, or other high status group
3:05 Well there we go, it must be legit… or is it? *vsauce*
Wow this one was really fancy. Thank you for informing now I realise you should never trust it %100 even if you have all the quick tools saying its safe
How can a person acquire this type of knowledge
Great video 🔥
How do you secure your VM so that if there's a virus, it doesn't escape to host machine in your case?
Disconnect the network adapter of that vm, disable drag and drop, disable shared folders, disable clipboard sync. And don’t give the VM any pcie pass through. Yeah it’ll suck operating it but you gotta keep yourself safe
Can anyone let me know, What tools are used at each step?
Damn careful out there man
i have no idea how this video ended up in my recommended, and i have no clue what this guy is talking about, but it's a good video so i can't complain
I wonder why windows doesn't show file exntensions by default. Would certainly make falling for such scams less likely.
Do You have a list of the programs You're using? I'm interested in trying them out!
My headcanon is that they keep sending you these scams for you to review how good their malware is LOL
Hey Eric, why not use Jotti too?
They use different AV parameters, and Trend Micro also detect packers by default (unless whitelisted) while VT didn’t.
weird, i discovered Deep Humor and you in the same week, now you mention him! small world
Norton working ???
Hey whats the virtual machine you used in this video?
Can my accounts get hacked after getting a trojan in my windows ?
Most malware are either adware, Spyware, password and cookie stealers or ransomware.
It can only "hack" your accounts if you have the password saved on there(or get keylogged)and no third party authentication.
can you trust anything now?
apparently not lol
well, not a random exe. i hope that's obvious
Not really, no. Even with trusted sources it doesn't hurt to be skeptical because of supply chain attacks. Personally, I just try to minimize how much software I download and execute as much as I reasonably can.
@@Flad.same
@@Flad. you weren't supposed to answer
no way another youtuber featuring DeepHumor. Thats so cool! Ive watched that poor guy's journey when he has like 35k subs.
My YT Sub list has one of those Ripple crypto scam videos and live feeds on it right now.
Which means some unfortunate YT content creator got pwned by some malware.
what's the name of the program he's using to analyze the asm code?
The dark themed program is Binary Ninja (I have the commericial license $1499, but you can also get the personal one for $399), the light themed one (that I'm stepping through) is x64dbg (free download x64dbg.com/)
A question, if you're browsing a browser and a 0 byte file downloads on your computer without consent and your antivirus don't pick it up is it a virus, Trojan, RAT etc?
Yes
How do I find that out? I've tried to do everything.
0 byte is empty and can't do anything. Maybe it's a temp file which defender usually detects if it's anything malicious. Usually it's a PUP
@@BushraTahseen-t7q It was a HTML file
@@gugalaxy7772 Just sounds like a malfunctioned server. Nothing to worry about.
the invitation code💀💀💀💀
those who know ---> 💀💀💀💀
You didn’t link deephumor’s channel in the description, Eric
2:59 that's why the best antivirus is the head on your shoulders :)
how do you set up wire guard
Very clever of them to hack a security analyst 😂
2:33 nice invitation code
DID IT BRING UP AUTOITV3 SCRIPT?
3:10 funny and caught off guard
Hey, hows it going. I saw your video about making vm undetectable on vmware. Since I use HyperV, is there an alternative?
eric please never die i love you
why they always seem to target this guy as if he was a computer noob
what VM do you use may i ask?
antiviruses should really stop looking at a signature and just let the pass be given to them
Thats why only the good ones use heuristics.
Only zero day can get u but you not "high person of interest" maybe not yet to buy or zero day exploit from black market to use it on you
Zero days can only do so much if your attack surface is as small as possible with CIS or NIST configs.
The name was really familiar so I looked it up - they're trying to imitate an online course selling website - down to the design of the name.
You wouldn't need to worry about anything malicious if were you were using TempleOS
amen
🙏 Jesus is the one true antivirus
I won't do this again sorry bro
How do I download more RAM?
You need to do 5013 surveys, download 20 totally not sketchy links and then wait 12 days.
Delete system 32
They are getting good, maybe they dectect your vm
Every single time i look at titles of your videos i shit my pants
Where is the cat wars at 100k
Hello Eric!
The power of a nametag
astolfo latest zip file?
Someone show this to LTT before Linus gets hacked again. 🤣
Is it safe to download images from google images section.
Chat gpt says yes but i want to see a well explained video of how
yes because pngs and jpegs can't have viruses lol they're not executables
@theairaccumulator7144 idk man bc Gpt says that downloading images from untrusted sites can got you
No, it’s definitely not 100% safe. Hackers use a technique called steganography, where they are able to embed and obfuscate malicious code in a picture or audio file. Yes, image files like JPEG and PNG aren’t executable but the way it works is the malicious code attempts to exploit the software or editor that opens and interacts with the image, which would result in an infection if successful. Always check the website that particular image came from before downloading it
2:14 lmao
may be its because of vm
vm is well disguised. It has no anti analysis / vm checks, it's just missing a stage :(.
y they wanna hack your pc
steal the youtube channel and get money or promote scams
Have you never heard of youtube channel hijacking?
@@qlintenFX Wait tbh hacking his account makes sense he makes security videos
@@randomazzy11 yup but i dont think he'll ever get hacked i mean he's an security expert
@@qlintenFXI don't think that even HE THINKS he' unhackable
they are trying to hack one of the experts!! are they dumb or what?
damn sometimes the content just happens to you lmao
w tickle tweaks
Is it malware use Administrator rights and command.exe
Only if they use a root exploit or you give them it.
They just actually tried to hack a cibersecurity youtuber 💀
Someone even actually tried to hack cyber security companies and some of them were successful. You act like every cyber security experts is immune to attacks
Hi
So, everything is malware oh, great… jk.
im a hack tool/software seller for a popular game and its actually ridiculous that how easy it is to sign something. i have a method that i use to digitally sign everything i make for NVIDIA
whyd you join 26 minutes ago lol
@@jjsanimationsyou're right
first time I've seen someone's youtube join date be under a day
@@jjsanimations just wanted a somewhat throwaway yt acc
@mmmhm-w8k ahh
do these people even watch the people there attempting to hack? 😆
Dang