Let's say we installed a info stealer, Is there a way to prevent it from reading cookies?

@HoshangGovil

22 күн бұрын

I also want to know the answer of this question.

@Electrify_

22 күн бұрын

Not really. You are kinda fucked when you download the infostealer.

@garrymccracken9775

22 күн бұрын

Immediately disconnect from the Internet then Investigate

@Electrify_

22 күн бұрын

@@Plazmal You could... But who has that time lmao

@brawldude2656

22 күн бұрын

It reads your cookies at the exact milisecond it starts to run. And your data is already sent to a server (probably) overseas somewhere

pirating from github 💀

@Xcczs

22 күн бұрын

ikr who tf pirates from github

@MikaelKKarlsson

22 күн бұрын

Not that Github isn't a mess anyway. 😅

@theycallmeken

22 күн бұрын

Eyebrows were raised 😂🤦🏾‍♂️

@ForDeath16

22 күн бұрын

Tbh best KMS script is hosted on github

@Zenith_Star69

22 күн бұрын

​@@ForDeath16I just used this and it had me doubting myself for a second loll thank you

A download button in github? That's suspicious. I never managed to see one.

@imperiaonlinebr

18 күн бұрын

And the link is from another repository 💀

@JonathanBytes

17 күн бұрын

Easy to download on GitHub? Hmmm sus

@NarcoSarco

3 күн бұрын

gets me every time

I instantly noticed the download button to be a different repository. Major red flag.

@TechnoMinded-qp5in

22 күн бұрын

You should see how stupid phishers are in emails it's gullible that people don't check and trace headers for any signs of flaws or have a link checker someone tried phishing my brother by claiming he didn't pay for his "Apple" phone when he never even bought one I called them out and they never replied and the funny part is the idiot was using his gmail what fucking idiot uses their own gmail to try and click bait someone?

@user-cl1rq1sg8m

21 күн бұрын

As Thio Joe shows you can upload a file as a comment to any repository and it will show that repository url as the source of the info stealer .zip file

@3lH4ck3rC0mf0r7

21 күн бұрын

@@user-cl1rq1sg8m I know. And they didn't even bother to do that.

@sourkefir

20 күн бұрын

@@user-cl1rq1sg8m Here the file appears to be in a release, not as an attachment, since you can upload any files to repo releases. (not tags) EDIT: examined the repo, looks like the user themselves released the malicious zip, the code itself belongs to some kind of role manager app?

@shroomer3867

19 күн бұрын

Usually, software released on github doesn't have a direct download link and instead has a download in the "Releases" tab since things can change with each version. It doesn't mean that if it does that it's safe, no, it still could be malware, but the telltale sign is a sketchy download link.

No smart person uses Google results to search for pirated software. You just use reputable websites which Google of course doesn't show on search results.

@staying_substantially6186

22 күн бұрын

Disagree on that one for video games

@Xcczs

22 күн бұрын

@@staying_substantially6186 what do you mean?

@Xcczs

22 күн бұрын

@@staying_substantially6186 all sites that google lists when you type cracked are straight-up malware wdym?

@askeladden450

22 күн бұрын

@@staying_substantially6186 who tf uses google search for games? You go directly to fitgirl and the likes.

@LatvianVideo

22 күн бұрын

@@staying_substantially6186 opposite for me, most things on google arent that good, excluding a few. General search results, not reddit

You can def legally upload malware on Github but u have to write "Those files are dangerous and shall be ran on isolated environment for testing purpose". If the repository miss this statement , the author is trying to social engineering. Github itself can't stop this attack effectively, cuz (again) malware can be uploaded legally in some scenarios.

@wsg1231

18 күн бұрын

I will legally steal your Social password 😊

@Nico1a5

18 күн бұрын

For teaching purposes you would make the user input their own dump IP instead

@FlamingSwordful

17 күн бұрын

​@@wsg1231yes dadi

@ChineseRatfaceCHANG

13 күн бұрын

...yes they can. It's their platform thus they can do whatever they want on it. My God, people are stupid these days.

@supertaakot

12 күн бұрын

You should be using the wording "allowed by their ToS" because literally no state in the world legally allows info-stealing never mind in the form of malware.

I just love the fact that every cyber security tip leads to "Just don't run anything untrusted on your device" at the end

@3lH4ck3rC0mf0r7

22 күн бұрын

When it comes to digital anything, it's always about trust. Piracy isn't actually any different in that regard. That's just the ethos of digital security.

@CyberTechSRB

22 күн бұрын

Windows for example 😅😂

@globalist1990

19 күн бұрын

What if i don't trust any software?

@3lH4ck3rC0mf0r7

19 күн бұрын

@@globalist1990 Not even a program you wrote yourself?

@brawldude2656

19 күн бұрын

@@globalist1990 then good luck man life is hard for you

My favorite part about cracks (in this case for Microsoft's Office) is that only Windows Defender recognizes it as malicious software while other antiviruses don't.

@perahoky

18 күн бұрын

because microsoft flags software they dont like as malicious, even if isnt.

@Oruta563

18 күн бұрын

Bro you don't download crack for Microsoft office 💀

@in_vas_por8810

18 күн бұрын

@@Oruta563 You used to not long ago. I think many people still use older versions of Office so they don't have to do the 365 version (which was Microsoft's attempt to stop pirating).

@shantilkhadatkar1195

18 күн бұрын

​@@in_vas_por8810So is MS office virus?

@KaitouKaiju

12 күн бұрын

​@@Oruta563You can absolutely crack office365

That readme should already bring up a huge red flag

@cyrus2387

21 күн бұрын

Why is that?

@Not_Aran8276

21 күн бұрын

Only having readme and the license on the GitHub, and having the download button, that downloads the whole software on the readme is completely wrong anyways. Real and legit piracy tools are going to be some sort of patcher with the source code provided and the download is going to be always on the "Releases" tab, and the readme going to tell us how to exactly use the tool and sometimes it is simply a CLI tool meaning you need to run some sort of terminal first and pass in some argument / parameters. Only thing you have to worry is the tool probably won't work "on your machine".

@pold111

19 күн бұрын

a github repo even having a download button is a huge red flag, like..... just build

@caxacar8901

7 күн бұрын

Says readme is a red flag Proceeds to not elaborate why

I downloaded the file (dont try at home) and Kaspersky did not detect its hash. It only detected it after I did an "in depth" scan. Virus total also shows that none of the popular antivirus software recognise the hash. What a joke, the file has been up for 2 months.

@erroroliver

21 күн бұрын

> I downloaded the file (dont try at home) I mean, it's not downloading a virus that gives you a virus, it's opening the virus after downloading it but i get it

@bmxscape

20 күн бұрын

@@erroroliver this file isn't the virus though so it will never be detected as such, this file downloads a chain of viruses that continuously download more in order to scrape as much of your data as possible. its not like an active keylogger, they just searched for all your saved passwords from your web browser and all currently logged in apps and dumps all the info it gets so if every virus it downloaded isn't blocked immediately by your antivirus then your passwords are all compromised. i was dumb enough to fall for it a couple months ago and had to re install my operating system because for every 1 virus you detect they have downloaded 3 more. weird part to me is they only took my steam, reddit and instagram. also it detects if you run a windows scan and shuts off your pc lmfao

@xavier4151

18 күн бұрын

Yep! It's not the downloads that activates it. It's the executables.

@dbkarman

18 күн бұрын

@@erroroliver i know but why risk it, i did it in a VM because Kaspersky didnt detect it and I might have accidentally ran it. until the hash is known to all the different AV companies its dangrous. Its now showing as something like 50/100 on VirusTotal but before i reported it to Microsoft, Norton, Kaspersky, BitDefender and McAfee, it was 9/100.

@Oruta563

18 күн бұрын

When you ran it did it immediately got detected?

It's not even just softwares, even "corn" videos too. I think it's very keyword specific, like if you search for leaks, google will return results from github too. Very modern day limewire I'd say.

The sneakest ones(and these have been around for a long time) are repacked cracks where its the actual crack for a program but either due to a badly written crack or some simple exploit they can tag along extra things that get executed or they just write a wrapper for the original crack either way there are plenty who look like they did the job and thus make you way less suspicious about anything having gone wrong and makes it less likely you try to find a way to get rid of it. Seen this happen to a few friends who all used the same reuploaded version of a game instead of getting it from the group who originally did it and they all had their info stolen and none of them knew why until they realize it all started after they got that game. the ones making the malware get smarter but the average user seems to be getting more stupid.

@pipacombate393

14 күн бұрын

Bro atleast tell us where did they download the repacks from. I always use fitgirl repacks are those safe?

@tigartar

14 күн бұрын

@@pipacombate393 Listing the site here will most likely get the comment removed as they typically do when people mention places like it but her stuff if it comes from her .site are safe that much i can say.

@jofx4051

Күн бұрын

​@@pipacombate393There are lists on Reddit, if you are downloading from the original website, that should be safe

Thats a smooth transition to the sponsor segment

@janisbanis6882

22 күн бұрын

braucu ar vilcienu

@lussor1

22 күн бұрын

Sponsorblock 😊

Hi, another great video. But I once had a question of interest. Do you know of any other channels (or would you make a video) that shed more light on spyware and malware on cell phones (especially iPhones)? As this is a topic that is often neglected, I would be interested to know whether users really notice whether malware or spyware is installed?

i gott a question, will having a portable chrome and having duplicated exe but there no trace of it saying chrome/google in process will that negate a stealer searching for those processe/default paths? also filecr is a site i use a lot lol

I would not be even slightly surprised if it was a publisher that placed the malware.

beginner question but is it possible to get hacked merely by clicking a button in a web browser without receiving any kind of downloaded file?

good information, nice channel, subbed

Sailing the seas hones your bullshit detector on pirating things

@GregorianMG

17 күн бұрын

As a person who occasionally sails the sea, having a trusted platform helps a lot to find your pirated copy.

@veteranhamster7410

16 күн бұрын

@@GregorianMG My issue as a newbie is finding safe waters to sail upon.

@Blankult

16 күн бұрын

True but my bs detector has failed once =(

@adityananda9126

15 күн бұрын

​@@veteranhamster7410But those waters are home to large sea monsters😔

@user-lr5kf5qf8e

9 күн бұрын

@@veteranhamster7410 1337xx is a good start. FitGirl and DODI repacks are highly respectable, and from that you can find more trusted sources.

Flaaaarreeeeee!

@brawldude2656

22 күн бұрын

Yooo it's the legend himself

@pcsecuritychannel

22 күн бұрын

Heyyyyy fellow Flare user! for those who don't know, John and I do a monthly (somewhat) hangout on our discord: discord.com/invite/y7q3qMM So if ever wanted to hear KZreadrs talk about behind the scenes stuff, that's a gold session to join.

@stage6fan475

22 күн бұрын

Hi, John

@anirudhakumar2271

21 күн бұрын

@@stage6fan475 i thought he isn't real john, (there's a underscore in name) 😭

smoooooth sales pitch. Interesting site.

I've been thinking for the last 2-3 years that the "big dogs" of malware (wannacry, etc) will gradually fade from common attacks. It's much easier and cheaper.

but even if you're not downloading a crack out of github you can never know if the crack is ok or not because Antiviruses don't really like cracks on games - and when i'm downloading a cracked game - i downloading it with the crack in the installation of the game

Does also means they gonna make your computer running slow too right? Especially in windows explorer! 5:08

that's why I look for source code of the crack, then look at the code and inspect it then finally compile it myself. I use stuff like pykms and etc.

Woaw your video is SOO good, because i definitely download malware off github daily. You sure are a "security researcher"!!

thanks for the knowledge

This is why I couldn't get into many direct installation Ai systems and Git repositories that some influencers are pushing. Some in the instructions even encourage to disable your AV.

How do we know if the software we already installed have info sealer

This is so accurate! My co worker downloaded something on GitHub and she confessed that it was an attempt to pirate a software. The infostealer manage to steal her notes and her cookies trying to hijack her sessions which was disrupted shortly since it was suspended by our IT Dept thereafter. We watch in real time how the infostealer did it's work and leave without a trace. So everyone! It's not like those malware or trojans where your computer are infected through a backdoor. It requires you to sort of execute it for it to run and operate it's working command. The best way to avoid this is to not pirate softwares or games. Period.

@Oruta563

18 күн бұрын

This is why companies need to limit regular employee access

@xavier4151

18 күн бұрын

@@Oruta563 Yes and constant vigilance against behavioural patterns that leads to such penetration in the first place. Though infostealer isn't as heavyweight compared to other type of viruses such as leaving it's presence behind for future backdoor, it certainly warrants extra precautions such as changing your password for all accounts to prevent successful profiling penetration thereafter

I've found quite a few of those on github, been making sure to report all the ones I find

Same thing happened to me with a Mod for an Assassins Creed game yesterday. Exe was clean but the dll had a logger payload. Unfortunately i found out after running it. None of the normal tools (NPE, HitmanPro, Malwarebytes etc.) detected anything. Reinstalled windows anyway. Didnt format my other drives tho. Is there anything else i can do?

@user-od4gs3iu4t

18 күн бұрын

you mean besides taking more care about what you install on your PC? well you can try some advance HIPS utility like COMODO utility pack, some registry watcher like mjregwatcher. They MAY help you to make a right decision, but it's always your decision to run or not to run an unknown app or to hook a dll

What should u do if you got infected by this? Format?

I trust the song "RiveR - Solo" for my games and "known/trusted" pirates in the good ol pirate bay for other software

I noticed this a while ago but forgot about it

Hey, you should point out in another video in github or something, there is normal software in the malware repo's BUT at the veryy top of the repo's you scroll sideways, you will see a payload installing a malware

Does Microsoft Office app (cracked) that i got it from filelist can be a virus?

please do a video about rav end point protection by reason labs

Not saying that you should pirate, but having a FitGirl manning the ship can help out a lot.

I tried to download malware like that but my AV removed the file before I had a chance to test it with virus total

I don’t want to give anyone idea (just typing this I might), but wouldnt github activation stuff like Windows activation or whatever may be, contain one of these?

@DCCB7550

21 күн бұрын

If your referring to MAS no that’s completely different, they have a whole dedicated server and page explaining how it works but fakes do exist so be careful

Why can't github/Microsoft scan for threats? I also found hacks for warzone on github/Microsoft. Probably root kit. 😅

Good info. Thanks. I'm sure so much of my data has been stolen, not like this, but still...

somewhat unrelated but seeing that a "Toon-Boom" crack was apart of these campaigns made me realize they also go after artists and aspiring animators. I know I shouldn't be surprised but it still upsets me

Why is Defender UI actually recognized as a virus? You can also check that

Hi can you make a vid on atlas os. I think your input on whether or not its safe would be a cool topic.

@youravghuman5231

2 күн бұрын

I used atlas OS on top of the ghost spectre iso. It's safe. Even more safer than stock windows because there's no telemetry running, my processes only have like 50 processes on fresh install.

So lets say, I use a VM with GPU pass-through. What will happen? Will you please make a video about this matter?

@kolkoki

16 күн бұрын

The stealer will grab anything on that VM, GPU or not. Basically if you have that VM solely for gaming, it may not steal your credit card info, but will steal your online games credentials, as well as any game launcher info installed on that machine. On a blank machine tho? Wont steal what's not there

Theres no way this is happening, and theyre not all even gone, but when i uploaded memz to one of my repos to use on a vista vm (no tools moment) my account was banned after 1 day💀 and i cant get it back

I was about to sign up with flare but they don't except gmail addresses. That's so strange

if you pirate from github thats on you tbh

how is that repo still up...

Hey Leo, Thanks for the video and sharing awareness. I would like to recommend a few steps to the audience on how to protect themselves from these threat actors. 1. Always use non-privileged user to operate your system on a daily basis 2. Run your browser using a different account. 3. Use Admin account with care and ensure you are 100% sure what you're doing. 4. Enable "Core Isolation" in Windows 5. Enable "Controlled folder access" and ensure to add only the known programs to the "Authorized" list.

@scientificthesis

20 күн бұрын

Unfortunately that also happens to be highly inconvenient. I just do my research, rely on my antivirus and hope for the best 👍

Hi please can you tell me how to track Powershell events in windows. Like which program triggered Powershell and what script was run in it. I saw somewhere it has something to do with gpedit, but I didn't understand it. It will be really helpful to all. Thanks

@user-od4gs3iu4t

22 күн бұрын

COMODO firewall is a way to catch system intrusions, including attempts to run powershell. Or any other program with good HIPS utility

@ganeshs1360

20 күн бұрын

@@user-od4gs3iu4t thanks

What if I download from direct github? Still harmful?

The fun part is that even the screenshot of Obit states that it is the free version...

Actually my first ransomware that attack on my laptop is iobit software like their security, screen fecorder, and uninstaller, I installed qll of it and very next day my laptop now infected with ransomware I don't know what is the malware name but the extension I saw is .wrui

is that a 3 swords style pirates jolly roger?

Ι kinda wonder. Why should someone download a cracked avast? I mean, he shouldnt even the official avast. :-)

UPDATED 1 sorry to say (i am at 1 minute so dont judge me for the resoning...) but if the conclusion "Malware in Cracks on Github" only lays on 1 VT test? then sorry to say... but mostly EVERY crack gets detected on VT just because the softwar was "modified..." but may there a more reasons XD for this conclusion... update1 3:47 an gdata report is more an reason :D

i had something like this but i scanned it on virustotal it didnt give a flag tho it was virus

Hope you had a good time in Nice ^_^

Could you analyze hydra launcher on git hub?

@albryx

10 күн бұрын

hydra launcher is trusted. it's basically a torrent client, and its source is up for everyone to read (and build its own release)

Same thing if people search on KZread for free-payed software linking to a phishing software

4:24 that's just a GPLv2 license lol

A guy I know occasionally sails the high seas for software, and when he does he runs the cracks through virustotal just to be safe, how can this guy tell cracks/false positives from actual malware on VT? This person sees stuff like "packed" and "themida" on these files

@GregorianMG

17 күн бұрын

Once you have quite an experience on sailing the high seas, you will bound to know where to look at good crack and how to avoid the bad crack with malware.

nowadays people think github is a safe place to download stuff because it repos have source code, but it's already a huge red flag the repo itself only has a readme and license file and the download button redirects to somewhere else

@EpicMiniMeatwad

17 күн бұрын

It really is if you build it yourself and can read the code.

I have already suffered this breach in April due to Telegram mod hack.

@FusionDeveloper

22 күн бұрын

Telegram and WhatsApp are bad.

All cracks are considered malware of some kind even if they are genuinely harmless, because they make minor adjustments to the software on the system, just like a dangerous virus would. So you never know for sure if you screwed until you screwed,lol

why would you goto an open source software hub for access to closed source software? Am I just thinking about this too rationally or who’s the target mark here?

@detecta

22 күн бұрын

i think its just people who know enough tech to know about open source then think "open source = safe"

@romulo2714

21 күн бұрын

It preys on the Dunning Kruger effect, people that thinks they know a lot about computers and the internet, while in reality just being ignorant.

@scrung

18 күн бұрын

@@romulo2714ironically the dunning-kruger effect has nothing to do with any of this

@Handlebrake2

16 күн бұрын

Lmao, you know who. Js and web devs.

@tired9494

16 күн бұрын

because there ARE a lot of open source cracking/activation scripts

I dont have dollars or money what must i do i need the app also

wait till people learn that file names are entirely aethstetic "you can even get malware in an msi file" made me lol

Could you review ESET NOD32?

Can kaspersky block these?

Pirating software drops 99% after this video. Great video as always!

@Kalphalus

22 күн бұрын

Nah, the fact is that most of them will go to another site, I dont support it, but thats what always happens

@Cat_With_A_Lamp

22 күн бұрын

To be fair, people who pirated for years and use their head know how to be safe when pirating, these days it's easier than ever (especially with reddit). Of course there are people who don't use their head, but that's on them, those people would probably get infected without pirating anything. It basically comes down to "download from trusted sources" and "don't run anything you don't trust".

@lenoirx

21 күн бұрын

@@Kalphalus I do support it, F companies

@meliante-

20 күн бұрын

I do support it too, F you and the companies.

@GregorianMG

17 күн бұрын

Nah, just look at other place, I already find mine.

Wow, I found something on github and ran it, and an av provider stopped it from executing, I replicate it on a online sandbox and sure enough it is what it is, I even reset the entire computer in the end just to be extra safe.

Hey guys weird question but does anyone know any sites what you can download cursors without viruses?

@sunla

22 күн бұрын

Cursors, that sounds fun! I don't know, but I used to make them a long time ago, which is easy enough to do.

@JajaofAbuja

22 күн бұрын

Cursor fx

@angelabov3n

22 күн бұрын

Open Cursor Library, has an array of cursors. You do have to manually set everything to be said cursor in your pointer settings.

@lisapearce7655

21 күн бұрын

@@sunla how did u make them?

@lisapearce7655

21 күн бұрын

@@JajaofAbuja thanks 👍

this also applies to hwid spoofers n all that

We tried Flare, The company doesnt seem setup to accept new customers. They are insisting on phone interviews/verifications to demo their software. You got us interested in the software but the vendor dropped the ball on this one. Perhaps your next video can recommend another tool?

Open source apps for mostly alternative to proprietary software not crack them.

Even their website is very likely filled with bugs

How to know if the crack is really just a false positive or an actual virus? (without telling me to just purchase the app or install the free alternatives)

@user-od4gs3iu4t

18 күн бұрын

the short answer is: it's less expensive to pay for an app than for hiring an IT specialist who can make an informed decision about the modified file

@GregorianMG

17 күн бұрын

Yolo it, then see it yourself. Jokes aside, no easy answer here. I would say go for reputable source and then start from there.

I was saddened to see this video after realizing that my pc was infected with trojans after downloading the wox app from github two days ago

@4t4k4n

6 күн бұрын

In the meantime windows defender gave a warning message and when I scanned the pc with kaspersky I cleaned 4 trojans, but is this enough. What information was leaked?

Ants I’m about to turn my second pc into a straight virus machine with no info to steal

Great video

So what’s the correct way to pirate software?

@RockisIife

9 күн бұрын

On reputable sites.

downloading a random exe off the internet to crack an antivirus must be the most chad thing I've ever seen

usually it has a lot of tags, thats a BIG red flag

There's a Windows 11 activation script that's open source, but it's so much code I can't validate it myself but the r/piracy crowd just uses it

In the early 2000's it was understandable to look for "options", but nowadays pirated software is so outdated. There is so much free and open source software for everything, that you don't need to pirate anything as a private person. No matter what software it is, there are free, safe, open source alternatives. Obviously not games, but this is not what we talk about here.

@loupasternak

17 күн бұрын

agreed for the most part. even VMWARE Pro just went free.

now make a video on

this is the same case as "valorant skinchanger"

Pirating IObit or CCleaner is wild

@rizkyadiyanto7922

22 күн бұрын

i did that back then. 😂

@hardVatsuki

21 күн бұрын

pirating trash software is something else, truly

Yea no, never ever thought of downloading a random unverified repository from github. Its kinda obvious.

Run untrusted software in a sandbox or sandbox VM.

Request: Could you make a dedicated token and session stealing video as I'd love to see it and I've fallen victim to it in the past. Nothing like giving a key to your front door to anybody!

Is there any free resources to check if your pc has malware?

@omelette_apex

16 күн бұрын

Malwarebytes free, autoruns, process explorer

@Kastelt

11 күн бұрын

ESET online scanner seems like a good choice.

Is fitgirl repack safe??

@RockisIife

9 күн бұрын

Yes she is among the most reputable people in pirating community

Mistake 1 - searching with Google Mistake 2 - thinking GitHub is a place to pirate

can't even try out Flare

Can you do a video on Microsoft's Recall? The AI thing they've got planned