About the tools and techniques shown in the video: Noobs, don't go deleting random padding in windows files, it will mess up the address locations and cause them to crash, this is a technique for downsizing malware to scan online, don't use it on system files without a clear understanding what you are doing. :) Edit: Adding this here since some people have posted in our discord after messing things up by doing the above.

@ell442sugarbae8

Жыл бұрын

hello I love you service you cratit citrus and I love much for your help with this request is that you were doing and if you are still available I can pick it up at beginning of next week if you want you can cancel if there is anything I can do the same thing I didn't miss it but I will be there in the shower and I'm not a big fan and I love you to the cash so we are good time to come over to my house I have a wonderful deitcr Love is in a better place for a new job and I can Come to the bank account details to follow the rules of engagement ring and I will be in a little late to the party but you don't need to get the money into my account and it tiller to the bank and get back to me with a copy of my resume format of money to pal card credit card Number to get a new phone or email gecafri to make sure I have the bank to the bank and get it to rehearsal tonight anyways tomorrow and willing to help me to find the right one for me and one and I will be there at me and said that he will be there at tryouts are doing good and you can come over and play with you and the family have a great day been so much I will be able to get to know you are interested I can do the job for me to come over there crdlreal you to know that you are interested please let me know what to do I don't have to get up anything access to my account details are going to not only okayed it was so good time with the kids to the bank to makeup for you to come to the cafeteria and get back from dessert is the correct cerdrte few minutes cease to Decatur and the family have a great crackers measures to make sure you received reservations repercussions of my phone but I think it's a few minutes ago race is everything description for the next two weeks so I will send you an restrictions the bank account details are esr noticed that the players are don't know how does that sound to get to you to make sure that you are interested were Hurd to reset it tiller trying carat the hours received this crying plication to make changes deadbeat to get ESET the bank to sweat wakey eggs to get the wanted the bank Ralph is I'm 1399437224 A's in a relationship as the earthquake insurance ear!

@user-tp5yb4hr4w

Жыл бұрын

I luckily haven't run into this virus, however I allowed my Windows 10 to update, mostly because they practically force you to update, well anyway the end result was blue screen of death, and I have not been able to figure out how to fix it, I followed a few tutorials of how to restart it in safe mode and so far I haven't had any luck, and I tried for hours last night, I eventually gave up because it was pissing me off way too much. I had to stop and do something else for a while. And now I'm considering and getting a Linux pc, because I am sick and tired of Windows b*******, I've run into so many issues since I upgraded to Windows 10 throughout the years, I swear to God that program is just malware and bloatware and expire where all in one package it's all meant to destroy your machine over certain period of time.

@matjazwalland903

Жыл бұрын

Noobs?! And why should we be trained anti-hackers! We are users, not software creators. As a user, we use the tools given to us for our free time, work or private things. If we can't trust companies to give us safe products, then I suggest that you stop downloading legal programs over the Internet and make them available only in physical form, if it is so difficult to review everything that can be downloaded from the Internet in order to protect users with increasingly powerful computers. Then we will get to the point where doctors, politicians, judges and other workers will have more knowledge about anti-hacker matters than about the knowledge to perform their jobs! And then why did we divide schooling into different branches? Make sure it's safe or turn it off.

@mariostelzner4530

Жыл бұрын

ARE COOKIES A SECURITY THREAT TO INTERNET USERS? IF THEY ARE, WHY ARE THEY ALLOWED TO BE PLACED ON PEOPLE'S COMPUTERS!? AHAHAHA AHAHAHA LOL

@DrHarryT

Жыл бұрын

The solution is to make a copy of the suspect file first and then only modify the copied file you would like to check. If a virus is found in the modified file then delete the original. If it is a Windows system file you suspect then first open an administrator command prompt and type... sfc /scannow

This has been an issue with Google for years now. I think at this point, they need to be considered complicit in it to some degree.

@beepboop205

Жыл бұрын

Especially as Google profit from the distribution of the Malware!

@sdHansy

Жыл бұрын

Oh definetely. This has been buging me for many years

@TheTruthPlease100

Жыл бұрын

Yep, cuz if they were vigilant enough this would be a pre-check procedure before approval! As soon as this kind of behavior started!

@richardernest9151

Жыл бұрын

Google is to busy blocking its political opposition, they dont have time to worry about this.

@ericlemieux4334

10 ай бұрын

My mother has a heart condition and she downloaded an ad from KZread with a fake antivirus(malware) and that thing hijacked her phone with a huge pop-up over the phone interface she was not able to contact me in case of problems Google deserve to get sued for doing money with unverified ads

A friend once tried to set up minecraft mods on their mac, and ended up installing some malware from a fishing site. They searched for the right thing, but the top result was an ad. For someone who isn't too computer savvy, it's a pretty easy trap to fall for.

@WeldonWen

Жыл бұрын

@Simpson I remember when I got tricked into downloading fake optifine. The look-a-like site was the first result while the official optifine was third......

@Zeina107

Жыл бұрын

Agreed!! Especially if the site is similar to what your looking for

@Zeina107

Жыл бұрын

@@simpson6700 Thats good to know. I recall back in the beta days of minecraft it was a dice toss to find mods

@damir_van_kalaz

Жыл бұрын

This is why I always make sure that the link I'm clicking is the actual search listing and not the ad. It's not hard to pay attention to, and it will save you a lot of grief.

@e_kedi

Жыл бұрын

same happened with me but i was using win 7

I hate that hackers instead of doing the work and putting their effort in getting a job with their skillset decide to want to rob people of what they worked for instead.

@Ramonatho

Жыл бұрын

If no one did cyber crime there would be no need for cyber security experts

@Zeronightmarefox

Жыл бұрын

Lol? It's probably more profitable to scam r.tards that use ads instead of going to the official site.

@kryptk.6

9 ай бұрын

They did. They work for these major companies

This is why I've installed ad blockers on all computers in my family. My mom is smart and fairly tech savvy for someone her age, but she could easily still fall for something like this.

7:28 Sadly a LOT of the people (and the main ones that falls for this) don't know what the domain of whatever they are trying to download is supposed to be (or even what a domain is for that matter)

@markarca6360

Жыл бұрын

Top results on Google or any other search engine is not always the real thing.

@Rozdlc

Жыл бұрын

@@markarca6360 unfortunately anyone who isn't tech savy isn't going to know that.

@2BsYummySoles

Жыл бұрын

@@Rozdlc it sort of contradicts what people assume because people would assume Google would at least put the most popular or official site up ensuring a safe search unless you wonder into the deep end. The dl file, was sus but I can understand someone not being picky but the np looked like a real name. Furthermore even if you do know the possibility it's mostly a gamble regardless if you don't remember an exact url, and memory can trick us into being confident into a false positive

@Rozdlc

Жыл бұрын

@@2BsYummySolesFrustrating that a simple Google search can be so stressful.

this is really embarrassing for google for allowing this to happen

2:13 IMO online scanners should give a warning when a file is too large for scanning and instruct the user to scan it with their preferred antivirus/antimalware program

@timarmstrong8765

Жыл бұрын

Most people do not have that many antivirus installed. You probably won't get good result with just 1 antivirus.

@johndododoe1411

Жыл бұрын

@@timarmstrong8765 So they should offer to really scan under some conditions such as payment. Straight up failing to scan is stupid on the border of being fake antivirus.

@IRefuseToUseThisStupidFeature

Жыл бұрын

I swear they used to.

@halometroid

Жыл бұрын

Windows already does this if setup correctly

@johndododoe1411

Жыл бұрын

@@halometroid Windows is not a scanner, but many versions over the past 30 years have been bundled with a scanner that Microsoft bought a few years earlier.

browsing the internet without adblock is best avoided for a whole host of reasons at this point, even if the ads don't bother you personally

@ytucharliesierra

Жыл бұрын

I can't agree enough! For me, internet browsing without adblocker is unthinkable.

I think Google should be liable of all the damages that’s have been caused by their negligence in allowing false, scammer advertisers use their platform in an official capacity.

I think that cybersecurity vendors should add generic detection patterns for these zerobyte bloated malware, as this technique gets more and more common nowadays in order to evade analysis and identification.

@johndododoe1411

Жыл бұрын

First thing they should do is to TURN OFF the speed shortcuts for manual and other high importance scans, applying them only to trivial things like copying or zipping up files.

@Test123747

Жыл бұрын

It pretty much only prevents you to upload those files to scanning websites since they are too big. Any (decent) AV having the mailicious signature parts of the file already should still be able to identify it after download. Having end of file data appended to an Executable is like a automatic big red flag for alot of AVs already. Not sure about the behaviour if they actually appended it as a ressource though (which isnt the case in this video example)

@jubatian

Жыл бұрын

They could easily pad it with random data as soon as such was started to be applied.

@communitycollegegenius9684

Жыл бұрын

Security vendors should recommend linux first. Then try to help the helpless monkeys fix windows.

@user-vo2mn7ej9y

Жыл бұрын

@@communitycollegegenius9684 Dear “Linux Boy”, if Linux became a popular OS like Windows, it would also become a respectively large target of threat actors.

I like that you are very technical and show these things. The best security channel on KZread unarguably.

@Stripedspot

Жыл бұрын

I did a whois lookup on the website and there's a "Registrant Email" it is to a random gmail account is it possibly the person who made the website or what?

@SECYBERSAFE

Жыл бұрын

@@Stripedspot yes, it is. I am surprised that information wasn't redacted as it is the goal of malicious actor, to remain anonymous. But the person might have left it on purpose for a reason... Monetary perhaps

@Baburun-Sama

Жыл бұрын

I'm one of these Dragons, and Privacy is our Presence.

Just as a reminder, always vet the sources of your software. Only get downloads from the original author's site that you go directly to manually or through a verified legit link. There is always a small chance that even the author's site has been hacked and have some of the downloads tampered with, but that is extremely rare, and far less likely compared to getting downloads from a sponsored link or random referral.

@andrzejandrzejski229

Жыл бұрын

Or use Linux and forget about installing apps this old and barbaric way lile it was 2003 still.

@compscidoggo

Жыл бұрын

@@andrzejandrzejski229 I would love to switch to Linux. I think it would be a little problematic for my games though. Also I'm not quite that experienced.

@ArchaeanDragon

Жыл бұрын

@@andrzejandrzejski229 Careful, some of us still build from source. ;)

@JoeStuffzAlt

Жыл бұрын

The hard one is the damned green download buttons on some sites that appear via Google Ads.

@THE_flushingtoilet

Жыл бұрын

@@andrzejandrzejski229 I’ve used a 2 Linux distros KALI and Ubuntu both are great. Linux is a great operating system as it’s highly customizable which I like

Thanks for posting this video!!!! Often times, I'll read comments from people stating if you "simply" stay away from "sketchy" or "questionable" sites, you can protect yourself from malware. Or they will state if you're "careful" in how you navigate the internet, you can protect yourself from malware. This video shows how people who actually DO those suggested things (don't visit "sketchy" sites, etc) can still be exposed to malware. Videos like these are very helpful and useful!!!!

On one hand I expect a virus scanner to do a quick check for long sequences of the same byte, then create a temporary copy with that stripped out. Basically automatically doing what you just did. However, on the other hand, these malicious people would start adding random values instead of just 0s.

@Operational117

Жыл бұрын

Or embed an actual video file into the executable to further obfuscate it. Ultimately, any method to enhance detection can *and will* be circumvented eventually. It's a cyber-arms race.

@CoolJosh3k

Жыл бұрын

@@Operational117 Indeed that is the issue and always will be. Both sides keep outdoing each other. However the alternative is to just do nothing and let the other side win.

Google ads can basically lead to any type of malware, from a simple phishing site to a ransomware

I don’t think Google is going to start doing the bare minimum checks until enough people start avoiding ads because of the known risk.

google has been off their shit for years now, stopped using their engine and their browser a couple years ago, also always use and ad block

2 Questions: - Does this Malware require admin access? - Would Malwarebytes detect it as a threat?

@robertplayz9157

Жыл бұрын

Even if it needs admin access, there are several ways to bypass UAC.

@rogerclemis4380

Жыл бұрын

I just tried it. Yes, malwareybtyes browser guard blocked it.

@Nighas

Жыл бұрын

There's ways to circumvent needing admin access, these are called "escalation attacks", and are still around in every windows version. Now, malwarebytes may detect it, but that all depends on the attackers obfuscation/crypting techniques. Sometimes these obfuscators are so advanced that they bypass runtime and scantime anti-virus detection.

@alanflsm

Жыл бұрын

1- easy to bypass 2- easy to obfuscate

@ALD7MI2011

Жыл бұрын

@@rogerclemis4380 because people already reported it and google did block it already. BUT what if you're from those first hundred people got it? u fkd .

Most anti-virus have an option to scan entire files, but "not recommended" is often written beside it. Not sure why... it's probably performance intensive.

@Sunrise-d819i2

10 ай бұрын

this should be on by default on "full scan"

The software that you used to analyze the .exe is new to me! So useful! Thanks for bringing this content to us.

If you are not a person who can tell legitimate ads from scams and malware, you should have an adblocker. I use an adblocker no matter what because of the BS ad layout on most sites bloating my screen and using up all my bandwidth.

@leagueaddict8357

Жыл бұрын

Or because ads are annoying and you wouldn't buy the products anyway as ads are often for overpriced products I mean, buy an advertised gilette razor or buy a 5 euro pack with 20+ blades that does the exact same thing and also includes another razor you can put the blades on.

@sihamhamda47

Жыл бұрын

Same, I use adblocker to also reduce the CPU usage when browsing. Those animated banner ads makes the page unresponsive and consumes a lot of CPU usage in my potato laptop

@chrismclean3848

Жыл бұрын

How do you install an adblocker? I’ve never done that before

@MarkdeMoras

Жыл бұрын

@@chrismclean3848 It's extensions. uBlock origin is a popular one.

@D.von.N

Жыл бұрын

There was a rumour that Google wanted to ban adblock apps and similar... So I switched to Firefox, after many many years. Edge, Brave and some others use the same Chromium base like Google chrome. They don't exist for me anymore.

I guess this is just one more reason to never click on the ads on search engines, but go down to the actual search results (which I always done anyway, the notion of ads taking the place of search results always been stupid to me, even in a world where malware wouldn't exist)

@majoryoshi

Жыл бұрын

unfortunately the answer isn’t just that clear. ads on google have become increasingly less clear. the issue with also saying that you should be using an adblocker kinda falls apart. yes in 2023 you realistically should be, but if you’re downloading obs, notepad++, or vlc, likely you’re setting up a new computer and unless an adblocker is the second thing you install, assuming the first is a different web browser, you likely haven’t installed it either.

@chublez

Жыл бұрын

@@majoryoshi Stop using Google.

@majoryoshi

Жыл бұрын

@@chublez I... don't. I use duckduckgo

I love the deep dives you do! I like too see how everything works. Stay safe everyone

Awesome! Thank you very much for being out there!

Using an Ad-Blocker like ublock origin or adguard is better or else one should use brave browser's aggressive mode to block ads & trackers.

@rita_calamity

Жыл бұрын

Portmaster is also a pretty good adblocker/firewall too!

@tomwaller8645

Жыл бұрын

And use winget to install Software.

Very thankful for this video, I saw a really weird Google ad today actually and was wondering what was up with it. Had a bogus prefix on the HTML address and I was immediately suspicious. I assumed it was some sort of scam but didn't think it would be as complex as this.

I almost falled for this scam when i wanted to download blender if it wasnt for the slowness of the download i wouldn't notice

This is why I always run an adblocker, and NEVER click on any ad that gets through.

Great info. Subbed as I just found your site. Thanks from the Philippines.

Before getting an adblocker, I had trained myself to completely ignore the ads, I always skipped over the top result and clicked on the second one

And this is not only going with Google Ads. I have found a lot of ads on social media, such as Facebook, KZread and Twitter, all of them claiming to be legitimate software. Obviously, they are malware, and they use the same oversized files to trick AV's and online scanners. I've been collecting most of them on a VirusTotal collection. It started (for me) around September 2022. Right now (January 2023) some of the malicious ads from those sites stopped showing up (for me, again). However, the pages distributing those ads are still working (some of them uploading the malicious files to MEGA, DropBox or even Google Drive). "Tech giants" really need to do something about this, but I don't know if they will because they are making clear that "making money is more important than people's security or privacy, no matter the situation". That or use an ad blocker (funny because they don't want users to block ads, mfckrs). EDIT: Link to the collection on VT here for those who requested it. www.virustotal.com/gui/collection/03b112798aea1a4ba6e4c8174a1c964f41caf6b25af54dca97e7b8b3e44d37ee

@Felipe_9999

Жыл бұрын

do you have a link to the collection? I'd like to test that malware in a vm and can't be bothered to go hunting for it in the wild

@MacGuffin1

Жыл бұрын

This has been happening for over a decade...

@joemama3372

Жыл бұрын

I was seeing Google Ads linking to websites with virus, back around 2014'ish, when KZread mobile started inserting simple 2-3 line text ads on the Recommendations page. There would be 2-3 lines of text, with a small thumbnail. The 1st infection for me, I wasn't completely certain how it happened, but after clicking an ad again weeks later, it solidified it. The text would talk about some new hot car model from blah blah company, and the thumbnail image would be a teaser. However, the site I'd go to, had nothing to do with cars, and raised red flags. Both times, my Android phone got infected with a virus. ~2014'ish

@Emily_Bondevik_Official

Жыл бұрын

Google recently blocked an adblocker extension claiming its malware

@joemama3372

Жыл бұрын

@@Emily_Bondevik_Official Funny, isn't it... lol

I don't think I have ever clicked on an ad. If I see something in an ad that's interesting, I'll start a new tab and do my own searching for it.

This is also kinda a problem of windows too, for not having a good modern store or centralized software repository install app

Not too long ago I actually fell victim to one of these trying to get AMD drivers while in a rush, it installed a few exes etc after I foolishly ran a MSI that it gave me. But thankfully I went ahead and got rid of most of the junk myself and ran Tron / Rouge Killer. Then boom few days later I got a warning someone tried to get into my google account lol.

OMG thank goodness I never got scammed from these fake websites ! Thanks for telling us you're the best man!👍

I am so glad, plenty of these programs have self updaters, so once installed no more manual download needed.

@AshnSilvercorp

Жыл бұрын

So, Zoom had a wonderful hack happen to Mac Zoom client updaters about a year ago. The security flaw was so blatant that the certificate checker to verify if the downloaded update is legitimate only checked the certificate's name, not its actual content. Some programs don't practice security at all.

Thanks for this informative video. Looking forward to the next ones.

This is why an ad blocker is a must have when using the internet.

Oh and thank you for a great video! I had no idea about this problem. Also its basically a great advertisement for using adblocks.

Never trust Google search ads.

This is difficult because some legit open source program sites look INCREDIBLY sus, and some fake sites look incredibly normal. Ads in Google search can be helpful and no matter how tech savvy you are, as humans we don’t have the energy to be ever vigilant and will a some point relax and rely on lived experience and accidentally click on something like this.

some ways to deal with large files is . 1. remove the padding like you are doing (not everyone will think to do that). 2. have the online scanners bite the bullet and take the large files and take a hit to performance. 3. online scanners take a page from many cloud apps like adobe and download the app and execute it via the web site and run the code on the user's end.

This is EXACTLY why I block as many Google Ads as possable.... It's been a issue for years....

@Alpha_7227

Жыл бұрын

Why isn't Google being sued for this shit. They are just untouchable. It's their responsibility to stop this shit.

@Felipe_9999

Жыл бұрын

as many ads from any source, when it's not selling you a crappy product it's malware

I got caught by this too. Not entirely sure of the source as it was on a brand new PC where I was reloading everything. I'm pretty certain that I used the right sites for Notepad++ and VLC but I noticed that the first sites returned weren't always the legitimate ones. That's a problem. I think it was driver site though. Thanks very much for you explanation. I've raised the issue with Google because the first things the hackers did were -- 1. Turn off my MFA, 2 Put a mail rule into Gmail that sent everything from google to trash. I'd have thought those would be very obvious signs that Google should have picked up on before allowing them to raise an ad campaign. My bank also allowed four transactions of increasing value in the same day from a new merchant - they should also have picked up on this as very obvious fraud, so I'll be having words with them too. Interesting that these companies are all about AI these days but clearly aren't using enough AI in their detection.

I remember back in a past life when I was an IT security type person. You could pack a zip file that appeared to be small but would lock up a computer when it was expanded. I can't recall how we did it but yeah, old school local memory attack for a single PC

@unfunf22

Жыл бұрын

its a zip bomb, i know how to set them up. instruction can be found on wikipedia or on google.

@BradGryphonn

Жыл бұрын

@@unfunf22 That's them. Yeah, great fun...

Something similar happened to me: Recently, after building my new pc and downloading some games, I decided to download MSI afterburnen (from a fake site) to see its performance. After running it, I realized that it was a virus so I decided to do a factory reset to my pc. After that everything seemed normal, until I got a notification in Gmail (a week after downloading it) saying that there has been suspicious activity in my account. I checked what happened and it turns out that my Microsoft account, Steam and all the accounts I had on the computer had been stolen. I was only able to recover a few. .-.

I'm not surprised about this. It's noticeable that google has fired groups of people that manage the ads because the google ads I get are weird and uncomfortable.

Thank you for this video. I learned quite a bit. What do you use for your VM environment? Are there any free VM services out there?

@yotoprules9361

Жыл бұрын

Virtualbox, VMware player are both free.

@beataoo

Жыл бұрын

@@yotoprules9361 VMware isint free, atleast the version with a whole lot features

@yotoprules9361

Жыл бұрын

@@beataoo I said VMware Player...

@beataoo

Жыл бұрын

@@yotoprules9361 both r the same

Thanks you so much for sharing such a precious info.

The ones that really get novices are searches for popular websites like Facebook and Ebay that can also return ads that point to illegitimate sites. I've even seen searches for 'google' return scam ads which is pretty ridiculous.

Very interesting. Thank you for information. You fully deserved the Abo. 😉👍🏻

Thank you Brave, Guardio, and uBlock Origin

I downloaded OBS from Microsoft store, had to download WinRAR and Notepad++ from Google, I scanned both of them no issues at all.

I installed k7 free trail version for my laptop, it is working good for both my laptop and mobile. and thanks for your video.

I use a few Adblockers, to keep my internet use free of annoying adverts, and so far they seem to kill adverts so I am ad free to watch films etc., without being annoyed by them, which has worked for some years now. I watch TV series on YT, because I can enjoy them without the being riddled with adverts.

Great, thanks for this information. I don't have the full knowledge to do that padding deletions so I will ignore that section of the video. But will keep an eye out for fictitious websites claiming to be someone they are not. Do you find these hacker problems in other search engines??? Also any hackers claiming to be popular apps or software put in their title link that they are Official website for that product??? Take care.

This is exactly why I use ad blockers.

When you talk about the problem of a file being too big, I suppose that's only related to the AV automatically scanning it as soon as it's downloaded, correct? So, if I right-click one of those files after I download it and manually scan it with my AV, will it be caught? Also, will an AV flag a file just due to "padding"?

Virustotal no longer has size limits. Now it computes the hash in local without having to upload the file, and then checks if the hash already exists on its database. I just checked it, and not only Virustotal has let me scan the file, it was already marked as very suspicious (14 malware detections at the time I'm posting this comment).

@brunoshure

Жыл бұрын

I just checked and it says the file size limit is 650 MB.

@Blood-PawWerewolf

Жыл бұрын

@@brunoshure it used to have no size limits, until VT was acquired by MalwareBytes. As well as locking important features behind an account system and advanced features behind a paywall

Thank you for showing the steps for removal of padding. Very simple, handy and made me go "oh! duh". Yeah, not catching me regularly downloading installers off any website. I have Pacman, and if you couldn't tell, I use Arch, BTW.

Thank you for helpful and informative video.

One of signs of suspicious file should be difference between compressed and uncompressed file size. File with lots of padding should compress more than 90 percent. EXE never compresses that well

Can you highlight which AV do bother searching through entire file? I'd at least like the option to enable further resources

excelent content! congratulations... please continue 🤓🤠

This is happening a lot. I went to search for a video editing program and the top 3 links were ads pretending to be someone else on a sketchy website. They didn't want me to install a .exe instead a .ISO file. I'm not sure why

@Felipe_9999

Жыл бұрын

perhaps a (weird) way to hide the fact it's malware?

@Felipe_9999

Жыл бұрын

Also you should install a decent ad-blocker to your browser (like ublock origin) so it yeets most malware-serving ads out of existence

@gjscomputerstuff

Жыл бұрын

Perhaps because an ".ISO" file is considered an Archive, and you can opt out of scanning archives but you (usually) can't opt out of scanning .EXE files.

So glad I came across this!

Oh man... My friend downloaded the 7-zip fake one. Because of a Google add about two weeks ago. She factory reset her computer, but I have no idea if that fixes the problem. I was on a zoom call and watched it happen. Some red flags popped up during the process, as it had been over 10 years since I last installed it, but before I spoke up she opened it up, and agreed to it's agreement without batting an eye.

It's extremely anti-productive too, I ran a case printing business and tried to use google ads to advertise. Although I was completely honest, google told me I was "circumventing systems", and then put me in a endless loop of bots to answer my appeals. My business relied on these ads so eventually I had to shut down, whilst they let the actual malicious, clearly faked ads roam and harm people. Glad it was brought to light, good video. Google massively mis-treats small businesses. I don't believe small businesses deserve an easier time just for being small, but I definitely can't stand behind actively shutting down small businesses in the name of protecting - just to let obvious malware in anyway.

did they fix it because I am on the site and it does not say add next to it or .net or porjuct instead of project

This is why adblocker should be packed with the browser itself these days. But yeah, don't think that Google is willing to do that for Chrome

@Felipe_9999

Жыл бұрын

Maybe some chromium-based browsers or Firefox could do this also i've heard that brave does exactly this (never actually used it so i may be wrong)

@hanzohasashi4534

Жыл бұрын

I'd suggest using Brave Browser. It blocks everything... even stuff that adblocker doesn't block, like those "to continue reading this article, sign up here" things.

@MTGeomancer

Жыл бұрын

Google is actually fundamentally changing their engine in an attempt to stop ad blockers. It may or may not work, but goes to show the direction they're wanting to take. They'd love it if they could make desktop Chrome the same as mobile Chrome which doesn't allow extensions of any kind. This will affect almost all Chromium based browsers as well, unless they fork off into their own branch. Brave has done this. However, time will tell how long that can be successful as the two divergent versions get further and further apart they'll be more and more unable to pull in changes from Chromium. I'm back to using Firefox as my daily driver with uBlock Origin.

@Ay-xq7mj

Жыл бұрын

I run brave with ublock so i have two adblocks.

The fact that Google has not taken the proper precautions to address this threat by verifying if these advertisements are valid is disconcerting. It is false advertising and it severely damages the already low reputation of Google. There is no reason at all to use this search engine anymore, let alone recommend it over the alternatives. Their reverse image search no longer works, their search results are bias, even for topics you would not consider political, and now searching for certain applications on the official websites is a risk due to false ads and link misdirection.

Could you make a video about virus/malware on a video file, if its possible for an haker to put a virus on a mkv or mp4 video file and how to detect that? Thanks for the great jop!

Thanks for sharing this information.

Would you be able to provide a link the the HxD editor you used in the video? Would love to get one to try and find any files on my PC that maybe using black space.

Thank You For The Warning!!!

That's why i always try to find for example: "OBS reviev" on youtube. If video and the creator are legitimate i look for a link to a oficial website in the description. Then I download the file and triple check with for example kaspersky. I also recommend checking coments under the videos. Stay safe.

the sneaky way of them replacing ( J ) with ( i ) in "obsproject" to become "obsproiect" that's the sneakiest way iv ever seen, and its hard to observe unless you get close to the screen due to the small diff btw ( j / i ) ...

Also google: Let do a update to remove ad-blockers.

@Blood-PawWerewolf

Жыл бұрын

Knowing that they’re doing this, i wouldn’t be surprised if Google is in kahoots with these malware creators

@themasterofdisastr1226

Жыл бұрын

@@Blood-PawWerewolf Facebook already is

and people look at me like I'm breaking the law when I tell them I run ad-blockers

Obvious question: do consumer AV have options to scan large files? If so, which ones?

Do actual installed AV clients also skip padding to save on time/resources like this? Are there AVs that will actually scan 100% of the file even at the cost of extensive scan times?

I'm using pfsense with pfblocker ng, will these kind of sites get immediately listed and updated in pfblocker ? Would be nice to know which feeds to activate to get this kind of protection, maybe the OP can do a subject on it ?

The thumbnail is perfect

I remember mid or late 2000's when ads came that my flash is outdated. And I was pushing on them and installing Flash again and again ... Good that i was only teenager and only played pirated versions of games, no bank, nothing.

So, I noticed you were saying online scanners, but what about regular antivirus that runs on your machine? Do those scan the whole exe file, or skips it the same if there's padding?

@SMD965OFFICIAL

Жыл бұрын

It skips it

Always, always check your links before you click or download anything from those, that's still the best protection, common sense. Also look at the website and how it is designed, most of them look very basic and suspicious, that mostly means fake websites.

Thank you brother so much for that warning

man, last year i think i fell for the rivatuner malware, nothing was stolen, but my GPU ran at 100% the entire autumn. the only reason i wasn't super suspicious is because i used to be an AMD owner and switched to Nvidia pretty much when the malware got me. i just thought it would be a visual bug in the task manager. it didn't help that my AMD GPU sounded like a leaf blower at full power draw and the Nvidia GPU is silent. i'm not tech illiterate at all, i just never expected that someone would ship viruses with open source software. i think at this point we need a browser extension to spot websites pretending to be other websites and highlight the URL in red. ublock isn't enough when search engine results get so unbelievably bad that they show fake websites before the real ones.

@Ay-xq7mj

Жыл бұрын

Bing yandex are more reliable than google. Obviously still scuffed and sus sites but i havent gotten a virus since like i was like 12 so about decade.

One of the first links in a Google search for a Minecraft download was malicious. I have been foolishly been caught by it twice. Once on my computer but one of my malware detection tools caught it before it could do anything. I got caught by it a second time embarrassingly enough by the download and her computer doesn't have anywhere near the kind of stuff I have and it didn't fair as well. I had to use cc cleaner and Malwarebytes to clean the machine out.

Thinking about whether this exploit affects Mac users. Clearly, using Safari or another browser, I can click on a Google ad, be redirected to a malware-serving site, and get an attempt to download malware on my Mac. With Gatekeeper either set to allow only downloads from the App Store or downloads from the App Store or identified developers, it would seem that a malware-serving web site would fail to download anything. Is that right?

This is why I never click on the "sponsored" results. I always scroll down to click on the actual resutl.

I guess, people asking you, but which AV you are using/can recommend? Ty

you should have uploaded the file before removing the empty space and then do it again after the removal so we could see how big of a difference it makes...

Do you have windows Defender disabled on your test system? or does it defender not detect this either?

This is why I never click any Google Ads, I always to go to the site not marked as an ads. I also look at the address Google is showing to ensure I land there, if I get redirected I won't download. Norton is starting to become aware of this new attack vector. If you right click a downloaded file and choose scan with the software is suppose to do a full scan, but as indicated in the video here it seems not to be doing that. I hope AV companies are paying attention especially if you are paying for a subscription.

Another great reason to have ADblockers 24/7

I feel for the people who can't or won't use ad blockers on their devices for any reason.

sooooo glad to be a linux user. I get my apps from a secure package manager and not just at random online.

The rar files itself is only 14mb in size, that is something you forgot to mention i think. It is normally impossible to compress 300mb into only 14mb. So something is up even before you open up this file.

@ThePandafriend

Жыл бұрын

It depends. For example databases with plenty of empty placeholders can reach sizes like that. For example I had to work with a file which had a size of roughly 1 GB, but after unpacking it I ended up with a collection of csv files with a total size of 21 GB.