He tried to hack me...
Samples: tria.ge/220829-1dktasgdc6 // tria.ge/220829-ray23sbdh9
Twitter thread: / 1564246090748141568
Help the channel grow with a Like, Comment, & Subscribe!
❤️ Support ➡ j-h.io/patreon ↔ j-h.io/paypal ↔ j-h.io/buymeacoffee
Check out the affiliates below for more free or discounted learning!
🖥️ Zero-Point Security ➡ Certified Red Team Operator j-h.io/crto
💻Zero-Point Security ➡ C2 Development with C# j-h.io/c2dev
🐜Zero2Automated ➡ Ultimate Malware Reverse Engineering j-h.io/zero2auto
🐜Zero2Automated ➡ MISP & Malware Sandbox j-h.io/zero2auto-sandbox
⛳Point3 ESCALATE ➡ Top-Notch Capture the Flag Training j-h.io/escalate
👨🏻💻7aSecurity ➡ Hacking Courses & Pentesting j-h.io/7asecurity
📗Humble Bundle ➡ j-h.io/humblebundle
🐶Snyk ➡ j-h.io/snyk
🤹♀️SkillShare ➡ j-h.io/skillshare
🌎Follow me! ➡ j-h.io/discord ↔ j-h.io/twitter ↔ j-h.io/linkedin ↔ j-h.io/instagram ↔ j-h.io/tiktok
📧Contact me! (I may be very slow to respond or completely unable to)
🤝Sponsorship Inquiries ➡ j-h.io/sponsorship
🚩 CTF Hosting Requests ➡ j-h.io/ctf
🎤 Speaking Requests ➡ j-h.io/speaking
💥 Malware Submission ➡ j-h.io/malware
❓ Everything Else ➡ j-h.io/etc
Пікірлер: 985
This is my first video but right off the bat question..... BRUNCH?!?!? Brunch bro? You fancy
@calholli
Жыл бұрын
You guys have friends? wuh??
@HansBelphegor
Жыл бұрын
@@calholli imho opinion, brunch is just breakfast for those who sleep in
@dheijnemans
Жыл бұрын
@@HansBelphegor No, it's second breakfast :)
@randomyoutuberthatdoesntex5236
Жыл бұрын
@@dheijnemansbreakfast and lunch had a baby, people got so excited for the baby they fell asleep for an extra 2 hours, and so brunch was made
@ElectricoGamez
Жыл бұрын
@@dheijnemans no its a meal that occurs between breakfast and lunch
john is so good at what he does to the point where if you wanted to attack him he would think you are submitting a malware for analysis
@ultimate8673
Жыл бұрын
bruh.... XD
@visual-graffix
Жыл бұрын
lmao
@McNooby142
Жыл бұрын
that sounds pretty good actually, could get some interesting stuff out of it
This is wonderful, specific and detailed. You should consider createing a malware analysis class. FYI, you have your first student. 😆
@alimustafa2682
Жыл бұрын
He already did that
@JeremiahRamirez
Жыл бұрын
@@alimustafa2682 LOL
@biraj599
Жыл бұрын
@@alimustafa2682 link
@BrandonMoeller
Жыл бұрын
*creating
@jane2303
Жыл бұрын
The guy across the street hacked my wifi, my phone. His buddy upstairs shares everything with him. They know everything I do online, passwords included. The woman upstairs stomps on the floor and they both walk up on me from upstairs when they hear a noise and follow me around my apartment. VPN and Tor are no help, they're already in them. Got rid of WiFi because they're in my TV's, too. Any suggestions?
What do you think, would you fall for a phishing email like that? What other kinds of social engineering scams and malware attempts have you seen that have been successful?
@LeonVQZ
Жыл бұрын
I receive about 2 spam email/day, and it seems that they gave up mostly, they just send a hyperlink and google flags it as spam. No interesting story, no fancy pictures or threat, just a hyperlink.
@y3wtub3
Жыл бұрын
I don't know if it's a coincidence or not but, anytime I order something online, I will receive all these emails titled with tracking number blah blah has been put on hold awaiting potential import tax. Usually titled as DHL. I never even open them because I'm scared it will infect me lol
@GhostOfAnubis09
Жыл бұрын
This barebones, off-the-cuff, low level approach is exactly what makes your videos so interesting and relatable, John. Thank you for doing these. I almost fell for the classic 'Your work mailbox will be locked' phishing once. what tripped me off was the password box not showing asterisks or stars, but clear text. so yes, they came within 5 keystrokes from success...
@4a6f62
Жыл бұрын
Working as an ethical hacker, I'm too paranoid to click on links in e-mail that _are_ legit 😀But having something so pressing, trying to be a youtuber myself... scary stuff
@popeyehacks
Жыл бұрын
Sir can u give that malware for my study on digital forensics
I’ve received similar emails but never a Google drive notification. Interesting how they keep changing small things within the same scams.
@Cyclically
Жыл бұрын
Wsg bro
Funny, it's a good time to bring up how DMCA requests actually work: you don't typically receive them, KZread will give you a notice they have received it but they won't provide you, the creator, with a copy. That may be slightly different now, but generally you won't receive some lawyer-speak notice about violating copyright unless you are a company, own your own business where you are the CEO. In that case, you should have your own lawyer(s) anyway. So, don't open anything in any emails ever, don't trust DMCA notices because you wouldn't personally receive them anyway, and definitely question all links and attachments. If you get an attachment from a coworker, notify them and ask if they sent it, even if it's a legitimate email address and came from them. Remember, emails can be spoofed very well, just as phone numbers.
@BobBob-qm2bm
Жыл бұрын
Thanks for sharing the knowledge👨💻
scammer sends email to scam john john: "so you have chosen death"
@rkvkydqf
Жыл бұрын
More like public malware vivisection.
@markusTegelane
Жыл бұрын
The scammer tried to hack John, but be basically just pulled an Uno reverse card
@learneducateteach9624
Жыл бұрын
I want scambater to expose them
@superJK92
Жыл бұрын
@@learneducateteach9624 @Scamer Payback
@superJK92
Жыл бұрын
crap it didn't work
I just completed a 2yr degree at community college for cyberdefense and digital forensics, and it was still fascinating and instructive to see such a brief, streamlined, walk-thru of how it's done. 2yrs of school summarized in 30 min. Lol. It's really great to see it in practical application.
Insane how well crafted these security threats are becoming. They’re literally almost easily able to get any IT professional to fall for it… that’s scary.
@xulux9028
Жыл бұрын
yeah it's not 2010 anymore
@drygordspellweaver8761
Жыл бұрын
don't click any links or run any executables on your desktop
@anonwilczek6044
Жыл бұрын
yes its nice in bad way... show how evrything change and if you dont know how to adapt, you be in trouble
@lazix9769
11 ай бұрын
@@drygordspellweaver8761 😂😂
@dark_sunset
11 ай бұрын
@@drygordspellweaver8761 Put your PC in a Faraday cage and board up the windows and move to another state. Never use technology again.
I'm taking my first steps in cyber security. To see such a pro how you deal with this was extraordinarily educational and very interesting. Thnks!
@maxwellcatlol
Жыл бұрын
Correct your thnks
Your face in the thumbnail had me like 😂😂😂😂
This was so awesome. Kudos to you John. Really appreciate you taking us along with you.
Incredibly useful and helpful video, thank you John! It's interesting seeing under the hood for threats related to content creators.
DEFINITELY not boring. If you're serious about cyber security then ANY knowledge is good knowledge. Thanks for the video.
Great video! The Twitter thread was excellent too. This dissection was a fantastic learning experience, thank you for sharing it and going so in depth.
I loved the “rumbling”. This was fun, I subscribed, keep going!
One of the best TI and Malware analysis I've watched. This is a great video for new SOC analysts. Thank you so much JH 💓
Your the best John. I work in IT myself but not in the security segment, you always make content so interesting to watch. Love your work. Keep it up!
This right here! Is why I enjoy learning from you my friend. This was super enlightening. Thank you for doing a deep dive and sharing your findings with us. Stay safe John! 💪🏼
It's always a pleasure to have your insight on malware attacks, there's habits we need to have in "alarming" emails/messages even calls
Such content should reach out to every KZread creators. It will surely help them to stay away their hands on clicking such links !! Thank you for posting it,
I honestly love these kind of videos if im honest. Good stuff John thank you
Thank you for digging so deep and for sharing all of your findings! Please do more of these
i am very thankful that i found this video. I've been just starting in content creation, and being aware of this is super helpful for the future (especially this early in the game when one may not know the emails of youtube, google, or the common formatting used for these emails). Thank you for spreading awareness
It’s nice to see what an analyst would do. Very well explained, and use free tools to do your PoC. Bravo!
Educational, fun, not boring at all! Thanks a lot for your work. Studies computer networks myself and I only regret not having a teacher like your. Certainty would have a much better professional path by now! You, Bombal, Chuck: great lads! I wish I could study and learn more from you. Such a knowledge base!
Every content creator need to see this video!!! This analysis is so simple yet so effective i bet everyone would understand.
I love these videos - your analysis really helps me and my career. Thank you
Hey John, thanks for sharing your thought process with us. I love the detailed explanation of how you analyze suspicious files.
Great video and clearly useful information for many people! You can always add a writeup in the description with that uber-elite hacking skills you used. My degree is network security and I enjoy all of your content, especially those that include more technical information about what you're doing. Many of us don't have time to do what you do so get our "hacking" enjoyment from social media content.
This is not boring at all John. I watched the complete video and it was hanging tight in my chair and being fascinated for the last half hour in my university library! I learned some things i had no idea things like a Linux Distro existed for Malware analyses until now. Thanks for being such a great help in the IT comminity!
The details, the way you dive in to the malware is superb. Nice video. You earned a Sub and I'm your student now even I'm new to these threat analysis
Welcome... to Jurassic Hack 👏 great video
I'm always amazed by just how far down the rabbit hole its possible to go looking into these malware attacks. Keep up the good work
honestly the best soft tutorial ive ever seen. short and straight to the point ! i love it
Wow, so well done! Thanks for posting, man! Very helpful.
Honestly feel pretty fortunate to be able to watch videos like this while I’m going to school studying cyber security 😅
John Hammond, I feel confident enough to say - "we", as in the community can most definitely feel as if this was absolutely amazing! This (as well as most of your videos if not all), are always practical and showcase actual steps. Steps that a "poor man's" way of doing things is most likely a more advance way of doing some actual poking for those of us who value cyber security and ethical hacking but haven't made it a career. For all of the tinkerers out there, and even for just study purposes this is an excellent! We don't need to see the Mr. Robot type hacking all the time...though we love it...- Don't get me wrong I absolutely love the movie, i've done my review / some of thee tactic used are legit. But anyway, this video was an absolute treat for us and all the more very educational indeed. Definitely appreciate as always brother, stay blessed and safe out there. I'm very thankful you did not fall victim to this attack! ~ Cheers!
Very useful, and intriguing. You aren't rambling or anything like that, thank you mate!
It was very interesting and informative! Great job John!
@sebastianwojewodzki8588
Жыл бұрын
Exactly 👨💻
John keeps dropping gems for us! Thank you so much for your endless efforts to spread knowledge and awareness among the community, very much appreciated!
You got a new subscriber! love the content! Always nice to see a tuber that really goes in depth with this sort of stuff, as curious as I am I love seeing this especially as someone who has no idea about this sort of thing, it really lets me appreciate this line of work more!
great work on that one ive seen that going around for a long time i know a few that did fall for that one. hopefully now that you busted it people will be more careful on what they open. great work
Really interesting to see how something like this actually works.
Imagine thinking that John Hammond would have hidden file extensions turned off
@ScottyDMcom
Жыл бұрын
Yeah, Window's default is to hide all known extensions. Call me old school, but I agree with you, this is a massive security hole in Windows. Same thing in Mac OS. The default should be to show extensions. Remember anna_kournikova.jpg.exe? Everyone should turn on their extensions. However in this case it was a virtual machine, so not much customization.
@helloitismetomato
Жыл бұрын
It's literally the first thing I do when I install a new OS: turn on file extensions. In fact I think it's irresponsible of OS designers to have them be invisible by default.
this was so informational & exciting to see & definitely not boring, hope to see videos like this in future!
probably the most informative video i have watched in a long time, learned about reverse engineering all the cool sandboxes and some really useful utilities, Thanks alot.
I honestly really liked this video because it showed a real-world example, and gave me an idea of how someone might begin scratching the surface of malware to figure out what it's trying to do and where it comes from. I'm a web developer with a passing interest in cyber security and reverse engineering, so seeing your process (even if you consider it a fairly basic, poor man's way of doing things) was really fun and educational for me.
Imagine the hackers themselves watching this videos. Well if they are, just learn from him 🤣🤣🤣
Dude, so fascinating! Found your channel through network chuck! Subscribed!
You're my hero! That knowledge level on cyber-security... dude, you're the absolute best!
As a person with and analytical mind I do find this segment extremely interesting and I’m making a big shout out to you and everybody who views this film to have good luck and everything you do thank you for listening to me
Awareness of these TTPs is just as vital for those who are responsible for protecting access to critical infrastructure. Content creators may sometimes be more visible targets, but everyone should remain vigilant.
I just started my security+ classes and I feel like I’m learning a totally different language. Look forward to your content to help in my journey!
It is indeed beyond helpful and you are so modest.
We really need MORE people to enter the cybersecurity field. Like, even if they don't get a job in cyber, these are becoming life skills for survival.
FYI guys- at work we are seeing alot of "student loan forgiveness" phishing emails, I collect phishing emails and they are well designed. Be careful.
Heya just came from the Network Chuck channel just wanted to say that I appreciate that you explain smaller details of stuff that more advanced users probably don't need to hear. But some of us are dumb :)
Exactly what I needed and was looking for! Thanks!!
I'm not suggesting to attack to any unauthorised machines, but he did what you deserved for (as you have jokingly said, please try hack me). Love it!
Do you think its okay to share a possible victims email address? Might be just an unlucky user who got their account compromised and might now be spammed by KZread users.
@noname4319
Жыл бұрын
That doesn’t look like a victim mail more like a randomly generated one
@zomgninja
Жыл бұрын
@@noname4319 People who use redline or other cred stealing tools have 10,000s+ of victims emails, Its harder to make new gmails accounts then to just steal them.
usually I heard many cases where the famous KZread account get hacked or compromised. Thanks John for sharing this on KZread as well as on Twitter as it helped to understand how these things works.
Ive been learning basics of linux and hacking on OverTheWire and watching you has shown how much more i have to learn. Keep making content!
This is fascinating; thanks for guiding us through it!
Thank you for sharing this! It will help us to be aware and pay attention to details before opening any emails.
Dude! This walk-through was real, relevant, and sweet to my tech buds. Got me seeing BLUE again, dang-it! Thanks John for taking us on this journey.👨💻
this was really fun, kinda interesting seeing actual analysis of real-time scams
Fantastic video!! I'm a cybersecurity noob so this is helpful, loads of great resources to flag and lots of info to be on the lookout for. Thanks again!!
Very interesting case. Thank you for talking us through it!
Your video was very helpful, I'm still learning and getting the hang of it still. I'm into House and EDM. I look forward to seeing more of your
Really cool vid John, I am getting into Cybersec and this was exquisite to watch. Thank you for the videos.
Awesome video, appreciate some extra osint tools to work with and never really heard of the Redline until now. I also appreciate the clarity and visibility you provide on each adventure.
The duality between channel profile picture and thumbnail makes this video already great before I even start watching.
Thanks so much for this! Absolutely fascinating analysis.
NetworkChuck sent me here, but wow, what a video! Absolutely superb and appreciate the breakdown. Very interesting to watch and an eye opener for sure. Thanks John, you have another subscriber!
Man you are awesome and I learn so much from your videos. Thank you 🙏🏽
super awesome content ! ty for sharing this. my cousin is learning about cyber security. and i think this will help him as h progresses through his classes. you know give him something too write a report on. again ty so much for getting the word out.
Yo this helped so much and I always appreciate the content and when i found the channel and got the energy from you from the previous video, you've been nothing but real and can vouch for the amazing content and how down to earth you are with everything! All the most love, respect, and appreciation
This has popped up a couple times recently so they're still at it. Glad you broke this one down👍😃
For what its worth, I found this fascinating to watch how it worked and some of the techniques you used to analyse the sneaky malware. Excellent video.
was listening and semi watching as I was playing a game but i realized I kind of just stopped playing my game to watch you do this...I didn't understand like most of the video but it was really awesome to watch :O
This was awesome in its detail and I appreciate John's efforts to educate but also to tell a great story. Also I might add that if I were a content creator, I wouldn’t use a Microsoft product such as windows. Windows is clearly ground zero for these folks.
I absolutely loved this video, some very very interesting information. You have no idea how many emails I get from *fake* youtube
Thanks so much for sharing. I really appreciate the way that you explain it.
Thanks for the heads up. Appreciate it.
I just learned so many things here . Thanks for the video and information you shared . We appreciate it.
John, excellent analysis. Thank you for sharing :)
Definitely not boring content! I personally just want to be more aware of how these things work and this achieved that for me. Plus, it's kind of nice seeing one of these scams put on display given that they thrive on information asymmetry.
Hey John, thanks for sharing this... definitely not boring and also not too lengthy! I suspect that the file was inflated to pass through web filters. Most firewalls with webfilter have a resource limit up to which size they scan downloads which is typically some 100 MB. So thats the easy or poor man way to bypass these. By the way, Hetzner is a large German hoster, which also has a datacenter in Finland. They rent everything from simple webspace to dedicated root servers or even colocation space. You can write them an mail, they have a good team!
Wonderful ! well explained! best work John
Am glad you shared this. Your analysis just saved me from a phishing attack just now.
Amazing! Good stuff! Thank you for this video!
Super educational! I get tons of phishing emails from Iceland and I've always wanted to know how to safely dive deeper to track down homebase. Of course I assume any risks involved.
Oh my gsoh. This was such a fun video to watch. I loved watching you analyze the malware. What a great video, thanks for sharing John!
Just got a similar email myself. Glad I saw your video first!
Dude your overview was great! I would've liked to see the whole process.
In addition to the content what I really appreciate about your videos is that you don't start with the usual "smash that like and subscribe". Bless you!
Thank you very much man, seriously you helped a lot i started from 0 to 10.
Learned a lot from this video u r the best cybersec content creator lots of love john
Thank you John, we are now definitely very knowledgedable!