Let me know in comments if you have received dodgy emails like these and you are a KZreadr.

@welshtony1

Жыл бұрын

Not a big enough KZreadr yet for the scammers to try this with me haha

@CattopyTheWeb

Жыл бұрын

@@welshtony1 You know when your popular that scammers and bots hit your channel lol

@ExperiencersInternational

Жыл бұрын

Had a few, basically all my emails are scams though

@JayRee1993

Жыл бұрын

Do the KZread Telegram scam accounts count? They post on popular music videos / pages.

@lezbriddon

Жыл бұрын

@@welshtony1 in the words of corrdor digital / crew, were finally so big we've been hacked!

One of the problem was the file was 700Kb. viewed in a Hex editor it was comprised of mostly zero's and dots. because of it's size most antivirus would not even be suspicious enough to scan the file. Now that it's happened all data bases have been updated so it would be detected but before that not even virus total would have detected it! I'm glad you touched on the Britech. By the way The Pc security channel which is Leo of Emsisoft has a vdeo that's an in depth analysis of this threat if any one would like to watch it. Keep up the good work Britech it's much appreciated.

@Britec09

Жыл бұрын

The solution is simple, don't click on the links or attachments. That was the biggest mistake, human error.

@jockrocks7392

Жыл бұрын

700 MB I think it was, 700 KB is pretty small & would have been detected. 🙂

Part of the onus is on KZread as well. They should not allow renaming a change and deleting videos without further validation. The hacker did not have to enter any passwords or 2FA to perform this mass deletion/channel renaming. KZread like other services has aimed for ease of use vs security.

Great video, I will be sure to check all emails even more than I currently do. Also use a VM to. Thanks for the video.

@Britec09

Жыл бұрын

You're welcome

The problem with signatures are when the malware shellcode is re-encoded with encoders to obfuscate them, the signature can never be recognised, but they execute just the same and the only way to pick it up is by behavioural analysis of a well designed AV product

I nearly became a victim of these hackers. I received similar emails but I sensed something suspicious and I logged out immediately.

That was quite a saga. Thanks Brian for all the useful tips🙂

@Britec09

Жыл бұрын

Glad you enjoyed it

even if you don't do anything else, the one recommendation you made to do all transactions on an isolated computer was the best advice

@VirtualTrucker74

Жыл бұрын

100% agreed, I'd even go one step further and have the os on the isolated computer running in a virtual machine, that way you could completely refresh everything if anything was attached to certain files.

thanks for this information Brian great work.

@Britec09

Жыл бұрын

Glad you enjoyed it!

BACKUP. Nothing beats a good backup. If you value streaming as much as Linus does, I would have thought that having a copy of everything would have been adequate.

Very good explanation. Thank you.

@Britec09

Жыл бұрын

You are welcome!

Not sure if it's me, but i tend to what alot of vids, specifically on this channel, but it be interesting to learn how to find out if a systems or phones been running these things and how end it. So far don't recall seeing a video on this here anyway. I run a scanner and another program but don't think scanner works to well on phone anyway. Interested to hear back ur ideas and or watch a video on correcting if someone might have clicked anything or has a similar problem.

@Britec09 Where can i find this file(s)? I want to analyse it. Thanks.

Sometimes it a scr or a com file. You can use a hex program to delete those junk data and scan the file.

Thanx, Brian. Would this sort of malware still be able to hijack your sessions even if you're running linux? I'm guessing yes, but I'm really curious.

@Britec09

Жыл бұрын

I would think so

@notjustforhackers4252

Жыл бұрын

Well this hack is created for Windows, so, no not this one. A Linux version could be created but it would be incredibly difficult to execute ( run ) on a Linux system without the user actively giving it root permissions to do so. Linux desktops and apps run in "user mode", if you gave it user mode permission to run it still doesn't have root ( admin ) access so wouldn't be able to do much harm. *You* would first have to give the file root permissions with either sudo or as root for it to execute. Sure it could happen, but only if a major moron is behind the keyboard. They would have to work at getting it to run. In the real world, no, not much chance of it affecting a Linux machine... if you're a Linux user with basic knowledge running the system that is. MAC's are pretty well protected in the same way, user, root and giving permissions. I imagine whoever it was who got LTT hacked was also running Windows in Admin mode, which you should never do. A simple user account should have protected the system from executing the file.

Perhaps you could do a video on the setup and configuration of Windows Defender Application Guard to sandbox the edge browser (or chrome or firefox) in a lightweight container/VM using hyper-v. I believe that's what Microsoft calls Virtualization Based Security (VBS). It should be able to protect the host from a bad browser session, or protect a trusted browser session from malware on the host. I think both Windows 10 and 11 Pro editions support Application Guard.

surely gmail and outlook should have attachment scanning built in? also a decent av should detect on launch. scary thought though that 2fa and everything can be so easier bypassed

@Britec09

Жыл бұрын

Nope

right on the point I loved it

@Britec09

Жыл бұрын

Thanks

How does downloading a PDF run as an EXE application on Windows?

What would happen if you opened something like that on Google Docs? I had a fake copyright claim the other day

Had no idea something like that was possible then again just like technology evolves so does malware

@Britec09

Жыл бұрын

dangerous times

Your information is priceless. But it's annoying that I usually don't see your writing when I'm using my mobile 😒

Thank you

@Britec09

Жыл бұрын

You're welcome

Of all people, the tech King? He's the one who teaches us of such things. He didn't have any AV running ? Shame on him - shows you what familiarity & complacency reaps. Good episode Brian. Demonstrates NO one is safe. G'day Mate 👍👍👍

@Britec09

Жыл бұрын

Thanks

@enginerd80

Жыл бұрын

Windows does have Microsoft's AV in it, but apparently the file that stole LTT's browser data had been artificially bloated to be hundreds of megabytes so antivirus would skip checking it.

I watch your videos. I will share them.

@Britec09

Жыл бұрын

I appreciate that

Stealing a banking session would be MUCH harder and probably not possible using Redline.

Very surprised this happened to them. Something doesn't seem right. 🤔

@Britec09

Жыл бұрын

It could happen to anyone.

@GregM

Жыл бұрын

When you have 50+ people working for you with multiple people having various admin rights and poor training apparently for new hires which is apparently who opened this attachment.

Poor Linus. God knows how he recovered from that. I hope my channel never gets hacked! 😬

@Britec09

Жыл бұрын

Yeah, not good

@technoWZ5598

Жыл бұрын

@@Britec09 Hackers ain't going away anytime soon, so we, as users, must be super careful opening attached files in emails

It seem a convenient time when he is catching heat for employee pay disparities

I always open a linux virtual machine to deal with these kinds of scams and also have some fun with them.

Linus media group hasn't been the only one that has been hacked by this. Another of my KZread channel got hacked by it. And another one had received it but didn't follow it.

@Britec09

Жыл бұрын

I know

When YT is your business and you have the money and equipment like linus, everyone who has access to the business email account should have a dedicated email only pc just for situations like this. Email is the easiest way to get payloads onto a target computer, all you have to hope for is someone falls for the social engineering aspect of it.

@Britec09

Жыл бұрын

I agree

@Jagosix

Жыл бұрын

AnthoJoh - Exactly. I was thinking the same. A separate LINUX based email Server with AV and Malware checker. Thankfully, nothing of this magnitude has ever occurred while I've been using Linux over the years. I still find it puzzling why more people don't use Linux for applications like this.

I had emails from amazon and one other , congratulations you have won a kettle, the other was for trial of one of these new air fryers I have deleted both both of them. Although they continued to send me emails

@Britec09

Жыл бұрын

a kettle lol

Cool!

@Britec09

Жыл бұрын

Thanks

Redline stealer steals cookies passwords and deletes cookies and passwords (sometimes gives access to users phones so attackers format their phones remotely)

So his AV didnt scan email's . Thats the most important thing for av scanners to do . Sadly, some free av that some recommend dont scan emails

@Britec09

Жыл бұрын

I don't know, sometimes they don't get detected, the problem was clicking on the file.

Use a Virtual OS not connected to a network to deal with emails.

@seediffusion

Жыл бұрын

How, if it's not connected to a network?

The curse of windows users, they never learn that the problem, is not hackers, is the operating system itself.

right

The truth is, unless your KZread channel has reached a certain size, which I cannot say definitively as a threshold, no one will be interested in trying to hack you. Especially in the case here, where the LTT channels were hijacked to broadcast a specific livestream. This is NOT to say to be lax and not do all the proper things mentioned here and in other channels' post-mortem on this situation. That would be idiotic. And obviously, the old rule about never opening files you don't absolutely trust from senders you absolutely trust and can verify. For sure do all the right, safe things to increase your security. But no one will bother to hack tiny channels with little to no meaningful visibility - there's just no upside.

@Britec09

Жыл бұрын

My channel is not big and they have tried to hack me the same way

@joesatchton212

Жыл бұрын

@@Britec09 Brian you know what i meant. You have nearly 733K subs, a pretty darn respectable. sizable figure for a niche genre like tech. When did they try and hack you? In any event, I stand behind my main point.

they get enough money from ads, why are people soooo greedy! still happy he got his channel back though

Thumbnail 😂😂😂

@Britec09

Жыл бұрын

Got to mate

I have been using the internet for a very long time, and this kind of shocked me, I had to watch it twice to fully understand how they did it, I guess there are people out there that are smarter than they appear online, it restores my faith in this generation, but stop it not cool, and if you get caught you will go to prison for a very long time, or be forced to work for Microsoft, I shudder to think.

I laughed when I saw how he got hacked, I mean come on, seriously? I've been using virt-manager and a none persistent VM for opening downloads for years now... never mind the fact a dodgy exe file won't launch on Linux anyway ( not without WINE ).

Is there any such thing as bad publicity? Commercially he didn't suffer at all. He had a video (sponsored) up the same day and it has 6M views. He does acknowledge he has one to one support from youtube and it would be much worse for other tubers.

@Britec09

Жыл бұрын

who knows

Yes, but why are file extensions no longer trustworthy? How can a file ending in PDF be able to launch a malicious program? The PDF extension and file-type was INVENTED exactly for the purpose of providing a web-safe document type for shared internet use.

KZread content creators are really milking the "Linus Tech hack..." They know it'll impact their KZread algorithm, hoping to get a piece of the cake. LTT already explained this and in theory this is their content "we" piggyback on. Same issue with "react to" videos, where the reaction video gets more views than the original content, making the hard work less rewarding. It's pretty unfortunate in my opinion.

@Britec09

Жыл бұрын

This is my first and last video on it and at least mine is bringing awareness and helping other KZreadrs

Your a bit late to the party but thanks anyway for making a video about it

@Britec09

Жыл бұрын

No point making a video about it when no one knew what had happened until he told everyone.

@WrestlingFace

Жыл бұрын

It's never too late to be safe and secure 🔐

@CattopyTheWeb

Жыл бұрын

@@WrestlingFace True

@CattopyTheWeb

Жыл бұрын

@@Britec09 Linus told everyone on Friday but never the less good to stay up to date :)

sir i need your cureent all slideshows sir use in this video our all 11 slideshows sir plz reupload i need you use in your cureent videos plz reupload on discord plz

NoOoOoooo! Not Linus!! haha

@xdarkdragonx2727

Жыл бұрын

He has already recovered his channel

@Britec09

Жыл бұрын

Oh yes

wasn't linus, he was in bed when it started, and he's not saying it was colton.......

@Britec09

Жыл бұрын

Don't matter who it was, limit the amount of power people have

@lezbriddon

Жыл бұрын

@@Britec09 :) sounds like the government...

There are some very fraudulent adverts on your KZread channel. I don't understand how it is legal to use them kinds of advertisements online

I think this was bogus to get attention.

@Britec09

Жыл бұрын

I guess we will never know.

@Britec09

Жыл бұрын

will do

@CattopyTheWeb

Жыл бұрын

I don't think Linus would delete his channel to get attention.

@welshtony1

Жыл бұрын

@@CattopyTheWeb the half a million dollars he made from it would possible suggest otherwise but who knows lol

Doesn't the US government have an issue with Kaspersky?

@Britec09

Жыл бұрын

I don't know, I live in the UK

@cbbcbb6803

Жыл бұрын

@@Britec09 I think that Kaspersky is Russian, and Americans are just terrified of them. Or just like making political controversy. 🤪

This is the main reason I've been off, i have a bad virus..how i got it well who knows !!!

@Britec09

Жыл бұрын

If you need help, hope on our discord

@RRan-dk7ct

Жыл бұрын

@@Britec09 Thanks Brian you know it had to be something wrong if I'm not here.

linus ghey , so makes sense.

Coder_Do_As_Impossible is also wanting to be unbanned could you unban him?

@Britec09

Жыл бұрын

You never comer back, so why pester me to be unbanned?

@CattopyTheWeb

Жыл бұрын

@@Britec09 I haven't come back because I can't join yet as I am up against my server limit. Once I make some space I will join

@CattopyTheWeb

Жыл бұрын

@@Britec09 I know that you unbanned me but Coder_Do_As_Impossible is asking to be unbanned too!

@Britec09

Жыл бұрын

@@CattopyTheWeb So you constantly pestered me for no reason. you can't off want to come back that much

@CattopyTheWeb

Жыл бұрын

@@Britec09 I do want to come back. And I will in a few days when I leave some servers. But I am not talking about that I am saying that Coder_Do_As_Impossible is asking me if you could unban him

I will get 80 million subscribers in one day

lol!

IT'S A PDF.SCR FILE !