This is why Ad blockers are a MUST for everyday web browsing. Yet Google wants to take that away from us

@3TDEV01

6 ай бұрын

Not an ad

@greatveemon2

6 ай бұрын

Just don't visit malicious or 'you don't know' site. Also Google only discourage you to not use adblock on YT and not in other site. I still have all the adblock turned on on other site just to prevent something like this.

@andrei.01

6 ай бұрын

@@3TDEV01 It's a pop-up. Pop-ups can host any content: ads, scams etc

@paulmoadibe9321

6 ай бұрын

they already did with YT ...

@tiranobanderas5655

6 ай бұрын

@@greatveemon2 "just don't visit malicious sites" bruh what? Just don't browse at all then. What kind of logic is that? Like, I'm sorry but if your solution to not pressing suspicious looking buttons and links is not to enter suspicious looking sites, then I'm sorry but your access to a device with internet access should be revoked. How can there still be people like you on the internet?

Imagine my confusion when I got that popup on Firefox 💀

This just goes to show how important it is to NEVER open an .exe file until you are 100% sure it comes from a reputable source

@UnknownX.Trash-Gxng6

6 ай бұрын

How to remove this bad update virus thing

@user-fd4il6pi9i

6 ай бұрын

what @@UnknownX.Trash-Gxng6

@user-fd4il6pi9i

6 ай бұрын

You can't remove it if you ran it that's it@@UnknownX.Trash-Gxng6

@jimmyhopkins1

6 ай бұрын

​@@UnknownX.Trash-Gxng6reinstall windows buddy

@meltymooncakes

6 ай бұрын

im gonna run every exe file (i dont use windows, i use linux)

Funny you mention that, just yesterday some big phone manufacturer flagged google as malware. Following the forums was kind of hilarious. But that aside.

@yotoprules9361

6 ай бұрын

I have seen that on my Huawei and Honor devices (it is an Honor 20 so it still has Huawei software on it).

@Sool101

6 ай бұрын

@@yotoprules9361 hope you fixed it by clearing optimiser cache?

@yotoprules9361

6 ай бұрын

I just hit "ignore" and the checkbox so it doesn't prompt me again. @@Sool101

@madeidiot2430

6 ай бұрын

where you see the forum? because i see notif in my phone huawei google as malware and i can't uninstalling, and i dont know what must i do now

@Sool101

6 ай бұрын

@@madeidiot2430 you have to go to: settings - apps - optimiser - clear cache

OK, that was pretty scary as my wife asked me about doing an update like this a few days ago, and luckily I said let the auto update do it. Thank you!

@HazyJ28

6 ай бұрын

chrome will always update automatically. All browsers do. If you want to do it manually, go to settings>about chrome. If it ever pops up bc of a URL/while on a website like the above example, it's definitely fake and probably malware masquerading as legitimate.

@lovelost234

6 ай бұрын

I'm glad you said that, because after watching the video, I was thinking 'So, how should a person deal with this problem?'. Thank you for the answer.

@RunicSigils

6 ай бұрын

​@@HazyJ28I don't know why so many of you keep saying that like you haven't turned it off like you should.

@gelmir7322

6 ай бұрын

Not all updates bring good things. Sometimes it will be bug ridden, sometimes it has compatibility issues. Sometimes it will introduce terms of service that you do not agreed or consent with (like DRMs for apps and games) So I will alway turn auto-update off. Then I will join discussion forums and check-out if other users/subsribers are having issues with any latest updates before I do the update myself.

Advertisers need to be held liable for all of the malicious ads they put up.

@AlienXtream1

6 ай бұрын

in theory they are. in practice it can be a lot harder to track down the parties involved and they are often in other places around the world like Russia or China which means prosicution is even harder.

@RianQuenlin

6 ай бұрын

@@AlienXtream1 Then go up the chain. Can't go after Lao Chang in China? Go after the company serving the ad, go after their hosts, go after whoever handles payments. Find an ass to kick.

@merasmus9992

6 ай бұрын

@@RianQuenlindifficult when they could give a portion of said funds to their government, thus making it against their ideals to hand over free funding

@zerosam5541

5 ай бұрын

That will never happen

I actually ran into this on a website a few weeks ago. It looked totally suspicous to me and the blue button to "Update Chrome" had some very strange address so I closed the page and notified the owner immediately. I consider myself pretty tech savy and I almost fell for it so the average person would easily fall for something like this.

@everypizza

6 ай бұрын

I don't like updates so I just close it

@tpd1864blake

6 ай бұрын

I would have looked at the url and saw that it took me to some completely random website that isn’t associated with Chrome at all

@everypizza

6 ай бұрын

@@tpd1864blake im not that smart

@benx2230

6 ай бұрын

You use Chrome. So you're not as tech savvy as you think you are.

@fus3n

6 ай бұрын

I dont think there will be any point in history where a browser will show a popup and block you and tell you to update it so you can view the content, it would rather break the website and show nothing.

This is a reminder that "your browser comes with automatic updates" PSA that we sometimes see isn't out of nowhere. People need to know that every browser these days updates automatically and popups like these are all bogus.

@icantcomeupwithnames469

6 ай бұрын

Mine doesn't (Librewolf), but I just update it when I do my regular checks with winget.

@RunicSigils

6 ай бұрын

No one with any sense of security has their browser (or anything for that matter) doing automatic updates. People screw up. You don't want to be a victim of their screw up. Depending upon the prevalence of the thing and how you use it you're talking at least two to four weeks before you should be touching an update so you have plenty of time to know whether or not they're likely screwing you over with it. The real point is that you should know that the browser doesn't pop up a full on webpage asking you to update.

@ultimatedarkkiller7215

6 ай бұрын

​@@icantcomeupwithnames469It does automatically update now if u also apply Librewolf-WinUpdater

@JCO2002

6 ай бұрын

Not with Linux Mint and automation disabled.

@ultimatedarkkiller7215

6 ай бұрын

@JCO2002 Ah, I meant for windows users, I use arch so I manually update too

Step one: don't click every download button you see. Maybe Google should make it clear that chrome updates itself without needing to download random exe files. Maybe they should do something similar to Microsoft, in terms of Microsoft actively detects when you go to a Chrome download to essentially beg you to not. They should detect fake chrome, download pages and warn users.

@dustycrophopper2743

5 ай бұрын

correct, google and all these tech companies need to issue a press release

This why adblock will never die

Thank you for educating us and keeping us safe!

@HazyJ28

6 ай бұрын

No doubt, his channel is required reading for my family 🫠😂😂

Let auto update do updates and click nothing especially downloads. Man it is dangerous out there these days.

Reading through the comments, it seems like so many people still have no clue. This problem is not limited to Chrome, or Firefox, or Windows, or Linux. It is a JavaScript thing, so it could happen on any system. I'll try to summarize and keep it simple for those not as techy. When you're browsing the web and a pop-up appears telling you need to update your browser, do NOT click on it. Not even when you're browsing your frequently visited sites because these sites could have been hacked to send you the fake prompts. The malware may steal your accounts' information in split seconds, then unload itself before anti-virus could detect them. If you need to update your browser or *any* software for that matter, always go through the official website only, and not by some 3rd party or "convenient" pop-up.

This happened to me but from a crack file, I was so stupid and confident about my knowledge since I also use 2FA on all my accounts. I ran the exe file and nothing happened. Then, i wasn’t aware about things like session hijackings and suddenly my youtube has weird ass watch histories, good thing I was able to change it quickly

I remember seeing a fake malware Firefox update that kept popping up years ago when I was using the real Firefox. I accidentally downloaded it not knowing it was fake. I was a kid when I did it and i realized that it was a malware because my grandpa told me it was and I told him I didn't know because it looked real

good that i know how actually update browser properly, but this ”kind of update” is very scary

That's scary how convinced I would have been by that update page, I would have been really sus of the downloaded file, though.

There are people who will see their anti-virus block it, then decide to override that decision thinking their AV is wrong because it is “just a Chrome update from Google.” I think it best if the AV silently blocks it and then if checked for info it shows why.

@JCO2002

6 ай бұрын

Anti-virus? Linux.

@CoolJosh3k

6 ай бұрын

@@JCO2002 If only that was true. Virus still very much exist for Linux, but the situation is quite different. I am inclined to think Linux is much safer, but only because of how it works when used right.

@JCO2002

6 ай бұрын

@@CoolJosh3k Inclined to think? When used right? You only need anti-virus applications for Linux if you run a server, and that's just to stop Windows users from transferring viruses from one to another. Can you give me one example of a Linux user getting any type of virus on their machine?

@CoolJosh3k

6 ай бұрын

@@JCO2002 That would take time and research to dig up examples, but what matter anyway is the existence of the possibility. Just like leaving one’s front door unlocked all year, you can still have no issues due to so many factors (like being a target). I can imagine a case, for an example, where a Redline Stealer infects a Linux system of a popular content creator. I would still choose Linux over Windows instantly if deciding based on virus risk.

@JCO2002

6 ай бұрын

@@CoolJosh3k "I would still choose Linux over Windows instantly if deciding based on virus risk." Then we're on the same page. It's also a superior operating system, at least the distro I use, Mint 21.2, is.

If a webpage notifies me my browser is outdated, I just ignore that (especially, when I just updated). This stuff has been around since ages (For Java, Adobe Flash) and no one should trust it at all.

Since they can detect the browser that is being used, this same sort of attack / vulnerability can affect any and all browsers (by just displaying the name of the browser rather than “Chrome”), since it tries to take advantage of unsuspecting users.

From my personal experience, Bitdefender would not even approve this download. The file would end up directly in quarantine ☺

@PankajDhande

6 ай бұрын

That is exactly I don' rely on Windows defender. You saw in this case Windows defender was way too late to detect the threat, blocking it is another question.

@lingbg2502

6 ай бұрын

​@@PankajDhandebetter late than nothing Maybe MD had problems scanning or blocking it quickly

@charliek7896

3 ай бұрын

@@lingbg2502 "Maybe MD had problems scanning or blocking it quickly" THAT'S WHAT THEY ARE SAYING. IT'S ABSURD TO DEFEND AN ANTIMALWARE PROGRAM THAT DOESN'T WORK AS WELL AS OTHER ANTIMALWARE PROGRAMS DO.

So many people can be saved by just knowing never to open a .exe file unless you initiated it yourself or you know where it's from.. Adblock is invaluable in this example as those pop-ups would be most likely blocked.. There has been multiple times where I have tried to download something and notced it was a weird .exe file with a different name and stopped it in time, thanks to videos like this. Love the work man, keep it up.

What's wild about these kind of attacks is that some variants can do their job without any privilege escalation. As long as web browsers use their host OS current user session and credentials to "lock" saved passwords, it will never be secure to keep your passwords saved in them. And attacks targeting opened browser sessions are becoming more common too. Crazy stuff

@Sypaka

6 ай бұрын

They can force close programs, if necessary. For example Discord saves its token when closed - the best moment to steal the token, if a program is designed for that.

Could you do a tutorial on how to detect a virus that isn't visible in process explorer, autoruns, tcpviewer etc? Is it possible to do this in a simple way? EDIT. I forgot to mention that I would like to do this manually. As you know yourself, antivirus doesn't always detect everything.

Literally JUST happened to me and I closed the browser immediately. I am beyond glad I watched this video weeks prior. Thank you.

I will show this video to my students tomorrow!

Another thing to look out for is the site URL when that update page pops up. Definitely not a Google link. And if it pops up in a separate window where it's hidden, a definite no.

@javieremrique6086

6 ай бұрын

that's exactly what I was thinking, this is not google url, so is so easy to see

I like to think I wouldn't ever fall for stuff like this but considering the sophistication of some of these attacks I 100% could see myself clicking on one of these when I'm tired or in a rush.

Great video, spreading awareness on such topic is very significant. I would likely fall for it because it seems very convincing

Some white hackers have found ways to get control of a windows host server from the windows virtual host. So testing in a VM is still dangerous even so this specific vulnerability has provably been fixed since. (Was a virtual box vulnerability)

@TheDiamondHit

6 ай бұрын

This has actually been a thing for a long time. Especially in the RATTING scene.

@slaydog5102

6 ай бұрын

​@@TheDiamondHit✅

@H8RSAPPRECIATE

6 ай бұрын

Lmao I’m so cautious I wouldn’t even run in virtual machine or connected to my wifi lol

This reminds me of the good old flash player installer, thanks for covering this program

Thanks for keeping us informed my dude!!!

At least on firefox the update is automatically downloaded in the background as soon as you open it, and you can check by open the 3 stripes on the top right corner, go to help and About to see which version you have. That is the proper way to do things, don't do what a popup tells you to do A to get B. The developers automatically update your browser when possible, in the background.

@Rickyfffff

6 ай бұрын

Not just Firefox most browsers do this

Depending on the time of the day, I could have fallen for the "popup" But I would never click a .exe file for updating anything

This is why I go directly to the settings menu within chrome or any/every other program to check for updates that has it, never follow a pop up for any kind of download or update, especially if the program doesn't normally stop operating due to a lack of update or if there's a new update available.

Thank you for the in depth rundown! I do have a question though: how effective are these types of stealers when using Firefox's Master password or Edge's 2fa? Thanks!

Thanks for sharing these videos. Just found your channel

Set your settings for notification system to high alert and make sure you have system protection on in system configuration for configuration to high as well and turn off the remote tcp settings known as connection crossing in world connections in system configuration. It'll make it a lot more harder for malware and people to get in on your computer. And if you sat admin administrator for certain settings and makes it even harder for them to get into the system. Cuz then they need administrator access but then you have all your configuration so it makes it even harder for configuration access and administrator. Access through remote connections .. my CPU runs at 10%

Interesting that this came up. My Chrome has been telling me that it can't update for the past few days, and I had a moment the other day where I enabled cookies for something and then I kept getting windows notifications saying my McAfee anti-virus had detected a million viruses. I don't have McAfee installed. I deleted all cookies because I knew what I had clicked and it stopped. But I'm sort of suspicious now.

That's a nasty one, thanks for the heads up.

Good thing I have never used a Chromium based browser. Wise move on my part. My second one was switching to Linux.

Thanks for keeping us informed.

and this at a time when YT forces ADs which themself can be infected.

I remember these back in 2012-2013 on the macbooks. Our schools website got hacked and everyone who visited got a update pop-up. Most people downloaded it.

@SW73_

6 ай бұрын

Wow...

I did not know about this but I initiate all my updates. Usually manually or with some programs I let them auto update. But even an auto update will not be going to a fake web site. It seems like the same general good rule of thumb that applies to emails, texts, telephone calls and everything. If it is initiated from the outside, be very cautious. It has been years since I retired from IT but even back in the day when auto protection was not as good, the majority of times I was helping someone with malware it was self inflicted.

I think people who checks email address at work to make sure if it's not a fake or scam will also realize if they need an update for browser and usually browser will do it automatically

Never had this problem ever since switching to quad9 DNS and cloudflare DNS with malware filtering

A few days ago I actually got a pop-up like that. It told me to update Chrome if I wanted to go further... but I was using Brave...

Reminds me of one of those popups that says it's an update for your phone.

If that happened to me I would just look for another tutorial or see if there was a cached/archived version of that website, because I don't want to update.

it may just be me, but ive seen these "you need to upsate your browser to view this " or "you need this plug in to view this" for years. they really arent that convincing. im suprised to see this classified "malware" instead of "really basic tactic to mess up people who have literally never surfed the web before."

In your video, you said that they probabily steal the passwords saved on the browser. How about on password managers? Extensions or Windows based ones? I know they usually are encrypted on device, but still, are there a chance they can get to it?

@stratvar

6 ай бұрын

Yes and no. The passwords saved inside your password manager would be safe. What wouldn't be safe is your password manager's main account itself in case you have chosen to always be logged in to it from your computer (i strongly advise *against* it). If that gets compromised then yes, they will have access to those too.

@gabolm

6 ай бұрын

@@stratvar So they would have the "session cookie", okay thanks for answer!

I think I ran into a website that was trying to do this but my AV (ESET) blocked it (doing more research it found some code in a WP theme that someone used). However I never found out if this was the case because my AV simply shut down the connection and blocked the entire site. For updates, generally I just download the installer again and run it, since it will update the browser in question if it finds an out-of-date version in most cases.

If you ran Wireshark it would catch all of that. It might not decrypt anything easily but you would have the encrypted file and any IP addresses it went through.

What a blessed channel!

I work on the theory that if a site tells me to update my browser or turn off my adblocker then I'm not going to that site irrespective as to whether it is a legit site or not. You want me to visit your site then just let me in. If I have to do a dance then I'll go elsewhere. That's the beauty of the internet. There's always another option waiting.

ok so the malware executes then hides itself so later if u check process explorer, you wouldnt be able to see it show the total virus to indicate anything bad happens. so question is, how would u know? people would be oblivious to this. not to mention some malwares also hide their activity when you open task manager, and goes dormant. but later when u close it, it's back to ramping up cpu to 100% up to no good. would be useful if you taught how us users would be able to detect that and also remove.

If any webpage would do that to me, just reading the page and boom it spits popup in my face, the first thing I do is open the developer tools and ufking kill the element with the popup. Restore the overflow property on the page body, then continue reading. If the page would struggle more, and somehow make it absolutely impossible to get to the content without registering, the domain goes straight up into the blacklist. I don't need sites that track me, bomb me with messages, and feed me some "personalized enhanced truth", thank you very much.

A question I am curious about when it comes to the passwords being stolen would it be able to steal passwords that are inside a password manager like 1Password?

i got an ad for chrome’s malware protection before this video

This is why I don't use cookies, because I don't trust my self not to accidently install cookie and other credentials logging virus because of how common they are.

who updates browser from website. browser does itself.

@ChristophHoward

6 ай бұрын

Probably enough to make it worth making this

@ent2220

6 ай бұрын

It's a Windows user thing. And so are auto updates too by the way, the way those browser update on windows by default (I believe). I don't like either. I shall only update when I choose to, without any notice, popup or notification presented to me, and I shall only do so using my package manager.

More reasons why I only ever update my browser when the actual update button appears at the top of the browser. I would never manually download a browser update.

Another rule of thumb is, you update your browser in the about section in the browser itself and not downloaded on any website or ad .

WOULD u plezzz do the comparison video between Bitdefender , Kaspersky & Norton which one is THE BEST & comes out as winner ....also what is UR FAV or the BEST Antivirus total security software OF this year!

Where can we download the Sysinternals tool that you were using to demonstrate the infected file?

Coulda swore I saw something like this and decided against it because I didn't want to reset my browser

this is quite creepy, ngl. thankfully i know firefox doesn't do this kind of update. you always gotta go to "help" and "about firefox" to update it and then firefox will send you the files needed. no exe or anything.

when adblockers can safe your computer life oh the websites hate adblockers...

There is similar incident on Facebook few years ago where the Facebook login just suddenly pop up although you are already log in. Many Facebook user have been hacked on that phishing pop up. So read the URL as always. If the URL is from another DNS, be suspicious.

Was asked to update Microsoft edge multiple times on my old laptop I only use for like.. games and what not but yea. I never realized anything wrong since I don't really have any sites logged in on there. I think it was a legit update.

Hey Just quick question I have "Control folder access: Enabled" on MS defender mean, even if this run windwos defender will flag it as trying to access my inner root folder hence it will be bloked right??

I am not so tech savy, I have a question :bitdefender or kaspersky installed on my pc would have blocked that file or not?

Well not a surprise. Once I got a pretty damn page with a fake Windows desktop, an error saying I have to install a program to cleanup the system because there is no storage left with as well cortana voice as tts. As well they were the first times for me using a computer but I didn't fall for that.

and this is why i don't use manual updates, i'v set it to auto and as far as i know only the real update can auto update, all i see is when i first start the webapp is "its has bin updated to the latest version". i also hover over all links i'm about to click to see where it leads, if it looks just a tad iffy its a no click for me. same goes for mail, never send me a link because i'll NEVER click links inside mails EVEN if it comes from FRIENDS. yea i'm this paranoid, and even me do get infected from time 2 time, so i'm constantly changing how i use internet.

Thanks for the heads up.

What methods are used to hack wordpress websites? What method or methods were used to inject those javascript codes in the articles?

5:45 jokes on you. My firefox update is disabled

People who don't use chrome: "I'm 4 parallel universes above you"

i think i might have installed it, i did found it sus that i need to install an installer for update as it happens in background mostly but the popup appeared automatically in the browser as soon as i opened it twice and not on a site so i did it and seemed petty legit too. Also after i ran the program unlike in the video chrome seemingly installed/reinstalled some stuff and a new "what's new in the update" window appeared. and yeah it happened a while ago like 2-3ish weeks So i was curious that was it legit or i messed up

This is why i have ransomware protection on, usually this kind of trick is easily noticeable

ironically enough, chrome never prompts the user to update, it updates whenever and just tells the user that it has updated

it should be common knowldge that chrome will never pop up on a full page asking you to update

this clearly tells me that everyone could fall for it so just remember to activate 2fa on each account you have.

Great info I like it keep me updated 😊👍🏼

It amazes me that in following your instruction, there is nothing the same in my computer which is running Windows 11. By searching, I have found "properties" and I found "Advanced system setting" but I can not find the page next that you talk about. Help! I want to check. By the way, I don't think I have seen the Google update you are referring

At the beginning of this video, I was thinking of Guardio. And indeed it can actually block that dam* website.

I had a similar thing happened to me, I verified for a discord server, and it brought me to a link. The link was saying I needed to update my adobe.

this is why i always check the links before clicking on anything

Great channel, thanks for explaing and showing how it works

If I click on a button that says "Update Chrome" and I _download an executable_ I am not visiting that site as long as I remember that.

Imagine having a package manager to handle software updates...

"they think it's a message from an angel" 😭😭

@gregwessels7205

6 ай бұрын

It is, but not from one on the good side.

Thank you for the info - I'm asking me if X operation systems would help ? THX

Hopefully Chrome will never offer functionality for a page to add the browser update button to the toolbar... But you always find that features are more important than security. After all, we have credit cards again that just can't wait to send purchase authorization to any card reader that might come close to your pocket. "It's more secure!"

How does this malware steal passwords? Is it the memorized passwords on the browser (isn't that encrypted?) or the cookie for the sessions?

@U20E0

6 ай бұрын

browsers' password managers all have horrible security (never use them), and the cookies can just be stolen since that's not even considered sensitive data (try to not use those either if given the option)

@RussGreeno

6 ай бұрын

Unfortunately not with Chrome on Windows, any app can suck passwords and cookies from Chrome without it asking for any authentication. Microsoft Edge caught me out recently and one click, all my Chrome data was sucked into Edge.

I remember this once happening to me with Firefox back in 2015/2017, even when I used to click “download update” nothing happened 😂

I have an question i followed an tut how to see if someone hacked your pc by typing netstat in cmd because in last time my laptop is shuting down automaticly and sometimes i cant log in my antivirus programms say nothing (im using kaspersky premium and win defender) but when i type netstat in cmd 1 link ends with 7474 insted https or http PLEASE REPLY HOW TO REMOVE THIS HACKER OR WHATEVER THAT THING IS I WHOULD BE HAPPY

I would probably think it’s fake because update google doesn’t just pop up like that in the same tab

Is it me or Kaspersky prevents the Guardio article from opening?... It claimed it stopped something from downloading yet nothing show up in the logs...

@mienoni5330

6 ай бұрын

@@PCLinke Did Kaspersky delete your report log afterwards? Because it did for me and no web report remained, not even the old ones, so I'm left wondering what did 8it actually stop from downloading..

@PCLinke

6 ай бұрын

​@@mienoni5330 No it did delete the logs, reset settings or reinstall Kasper if there an issue, here is what is stopped downloading: Type: Trojan Name: HEUR:Trojan.Script.Generic Precision: Heuristic Analysis Threat level: High Object type: File Object name: etherhiding-hiding-web2-malicious-code-in-web3-smart-contracts-65ea78efad16?gi=4edbf4706ca3 Object path: labs........