I guess it makes sense that crypto scammers didn't think to hide from people inspecting elements on their site, they know cryptobros can't right click.

"Oh you're getting a virus alert from our software? Try disabling the anitvirus, that should get rid of the alert."

Wow, a scam that pretends to be a different scam. It's scamception!

I have an Aunt Nancy, and it's good to finally know she isn't real. Thanks, Jauwn

Reminds me of that GameStop NFT creator who made tons of sloth NFTs. They opened some malicious file to "collab" with someone, and ended up losing his seed phrase. This resulted in all the existing NFTs that had been sold to become worthless because the scammer had control of the wallet and could theoretically create more NFTs (although he just stole his money). Then the Sloth had to re-mint every single NFT with a new wallet and send the NEW, REAL nft to the old holders

8:15 It's also worth noting that a stealer malware can also steal your cookies, which allows them to bypass your 2FA because they don't need to actually sign in.

Not only was this entertaining, this was also educational.

i think this is the video where I realized this guy knew way more than I thought he did about tech stuff

Amazing quality breakdown, as a cyber security person I love to see advanced topics broken down into human basic English for those less tech literate. I wish I had the production skills you have to be able to help build this bridge of awareness and avoidance for vulnerable people. Keep up the spectacular work

My favorite goof-up in their chain of stupid steps here was the 760M file magically coming out of a 26M zip along with several other directories "worth" of files. That implies the data was trivially compressed (IE, like you said mostly 0 bits) or self-springing, because there's no way in the nine hells an actual proper program, not even a launcher, scrunched that effectively.

Hey! You forgot about the other places that style of ASCII art appears. Old all-text game walkthroughs and mod readmes.

I'm not in cyber security but seeing the breakdown of the virus, what it does on a virtual machine, and everything else was very educational. Much better than repeating "don't download weird things" again and again. You did a good job.

Great video! 👍 Just wanted to point out @ 10:32 that reporting these scams is _very important,_ even if no-one responds to your specific complaint. You might not notice any immediate action being taken, but that doesn’t mean the report doesn’t achieve anything. Scammers rely on people's reluctance to report, knowing it's not feasible for cybersecurity teams & law enforcement to investigate small numbers of incidents… so reporting “near-misses” or attempts like this one always provides valuable info while helping the issue reach critical mass to prompt action by authorities. “Near-miss” data is also incredibly valuable for big-picture analytics & being proactive with security, _especially_ when there’s a significant social engineering element to it. If I get a scam text or email for a company I’m a customer of, I always report it to them because I know how useful that info is from the other side of the equation. Cybersecurity whack-a-mole is much easier to play if you can work out which hole they’re likely to pop out of next!

I bet they stole the assets of an old failed crowdfunding game to make theirs look legit.

Fun fact, Magical World is a D&D slang term for a campaign or setting that revolves around the DM's sexual fetish(es)

Great work, Jauwn. Their website and art actually look quite decent which is surprising. Still, the scam falls apart if you look closer. Or if you're not in the habit of downloading and running shady NFT games from the web. I guess that's an occupational hazard for you now. 🧐

One thing you didn't mention but is a HUGE red flag is a password-protected archive next to a password in a text file. The only reason I've ever seen that done is so that your antivirus cannot snipe the file dead as you're downloading it, as it has no way to decrypt the archive and access the contents. You ever see a password-protected archive like this, it should go directly to trash, no matter what it claims to be.

"there are no real people with the name nancy" -got me laughing

Mate, I like to think I'm pretty up to date with all the scams going on, but this was mostly new to me, I firmly believe that EVERYONE should watch this video, super informative, I hope it can somehow go viral, I'll do my part.

My guess is that the art and gameplay clips look legitimate because it is. They probably stole it from another crypto project or a failed kickstarter.

I came across a facebook bot today, i posted something with the word "hacked" in a public post and almost immediately i had someone with no posts and an obviously fake account comment with a link to someone who is her "computer wiz" and then the fishy link. I instantly blocked the user, took the post private and deleted the comment.

After that ASCII art I thought there would be an installer playing a royalty free song.

J, excellent video showcasing how easy it is to create a fully fleshed out profile online that appears legitimate at the surface level, and we could all use the refresher regardless of how experienced we are! P.S. I know gosh darn well you didn't just pronounce 1337 as thirteen thirty-seven.

I looked it up and saw that there are people named Nancy😱

All things considered the level of polish they put in to their fake website and social media should have been a red flag, it looks way too good to be a crypto game.

I thought that this is just a crypto scam uncover channel, I was pleasantly surprised when you start pentesting, packet capturing, and reverse engineering the scam

This is the most clean and simple exposition of a real scam , i see now how little one has to know to "hack" people... All you could do with just money and almost none computer knowledge. Thanks for this video

I've taken a reverse engineering course as part of cybersecurity coursework, and worked with debuggers like IdaPro. Windows defender probably couldn't scan it for at least a couple reasons. One, it is novel, and lots of scanning is signature based, and perhaps the file definition table wasn't up to date, especially if you are using an unpatched windows VM. Two, and probably the biggest one, is that lots of malware is packed, that is compressed, in such a way as to obscure its intentions, and make it harder to analyze. The unpacking program will decompress the actual instructions before running those. It's possible the program was packed, though having at least one scanner successfully figure out what it was tells me that it wasn't THAT novel, as most malware worth their salt will use a custom packer (variants of UPX packer are common) and require manual analysis of some kind to reverse engineer. The inflated filesize is a separate issue which I think you covered well.

you should of cobbled together a game launcher for the game and sent them a screen shot of that

"Dear" and "Kindly" are instant flags that whatever being pitched is a scam

The most suspicious part of this was seeing the ASCII art without hearing some banger of a chiptune song blaring.

obsessed with the way you systematically deconstructed their whole deal, informative ~and~ satisfying

Dang, now Jauwn is getting into investigative videos? I can only like a video once my dude! Also, I would so enjoy a video just going over the cringe email offers you get ngl

1:16 These are SUSPICIOUSLY similar numbers. You'd expect them to have closer to 16,000 Twitter followers if they have that many people on their Discord. It's a much less high-commitment action, so you'll automatically get more traction on that platform. Them being the same implies bots purchased in equal amounts for each Social Media Platform they're engaging on.

Immediately after this video I got an ad from (legit) bank warning about opening links that pretend to be postal service, your bank, IRS etc. and to stay safe online

Running a virtual is crazy useful to protect your pc I wish I understood more about this kind of stuff

Thanks to this video, I could tell a friend-of-a-friend was hacked when they asked me to test an indie game "she" and "some friends" were "working on." They had an actual KZbin of fake game footage and a fake website, too.

Probably worth noting that SMS 2FA is usually considered one of the least secure 2FA types

its not entirely pointless math its a enlarge prompt, its entire purpose is basically to fill the code with pointless data, it basically is a bunch of math that is designed to increase its own file space, with the malware attached to it basically what happens is the code runs and gains the same error over and over wile secretly running the malware in the background. at least as far as i know

i've taken down a couple of websites like these, the scammers are always from countries where the police don't even care even when you send them their address and full name of the scammer, they just open another website and continue stealing money

Awesome work Jauwn. And, just for the record, I believe March 28rd will be the day of the MOASS. Buckle up.

Dude seriously tried to Bioshock you? “would a you Kindly to be turning off your abitivrus software please now kindly.”

Best. Thumbnail. Ever. Thumbnailed.

You are a gift to humanity; thank you.

It could just be stolen art, do a reverse image search

the “no real people are named Nancy” made me actually have to stop and think, because i actually know no one, family, friend or celebrity, named Nancy. my mind just kept going to Nancy Wheeler. i know that people named Nancy exist, but I don’t know any

I like the explanations and programs featured to give a deeper look at things. Would a list of the sites used be put in the description or via text on screen for reference?

still hard to believe people like this can exist, it’s great how there are websites to handle these viruses

"Crypto Scam" Next time someone asks you for an example of a tautology.

The sheer amount of tools and techniques you used to pick this malware apart is what really impressed me. I consider myself pretty computer savvy but have not heard of 2/3 of these applications. Thanks for the detailed breakdown, inspired me to look into how some of these tools work so I can at least feel like I can browse more safely.

I'm a Police officer and I'm tired of taking these reports where people are scammed anywhere from 100 to seriously $50,000. It's quite unfortunate tho, Grind Techiei Seriously thank you for flagging down these swindlers. You make me want to spend my next 10 years learning how to do this𝘀

I had my discord almost stolen by this type of scam and trust me it is ALWAYS smart to have 2FA, if i didn’t have discord support help me i would had been done for I had to completely restart my PC and that was always my most embarrassing moment, and to be honest seeing that scam being shown still scares me

well NFTS are always a scam the way i see it

8:18 Please remember that token stealing will bypass MFA.. that's the truly scary part. Also, SMS 2FA is among the weakest type, as your phone number is a fairly easy target for social engineering.

Came for the crypto scam, stayed for the fun malware analysis work.

It says something about the quality of crypto games when you get better website design and more effort from direct scam attacks then the actual 'triple-A' games.

i watched this and expected your subscriber count to be like 500k wtf, this video was awesome + you’re definitely gonna grow very quickly :))

Man...... You are tickling my fancy making me feel internet savvy and unscammable in this video. The ASCII art brought me back to TPB glory days.

I am wondering if the scammer got the assets of some abandoned project to make their website looks legit?

March 28rd is one reason i love this channel..like for real, this is one of my favorite channels. And im not a gamer, its just such good content. You have a great personality and you do a thorough job of explaining stuff while keeping it engaging.

Thanks for the reminder to set up 2FA. I have it on a lot of my stuff but I had forgotten to set up non-email version on one of my more important passwords.

Yeah this whole thing just screams "scam"

My mom’s name is Nancy and our last name starts with B. Suspicious.

i feel like that website is probably built off someones school project, which is why it looks so good... they likely WANTED to make a game at some point but dropped off because they realized it was more difficult than they expected. files fall into the internet cracks, some random shmuck rebrands it as a web3 project, bam boom scam time.

Great analysis! I am particularly interested in your knowledge of the intricacies of this. Are you just a power user, or did you go to school for InfoSec? I did myself, so it feels to me like you did too, or you just do a lot of good self research. I'm curious to the case. I'd like to see more content of dissecting scam attempts, they are fun to watch the scammers fail spectacularly

This needs far more views to spread awareness of this kind of scam

I know this will sound stupid but I actually ran the exe on my PC. Took me 20 mins to realize what happened and I wiped my drives clean, reinstalled windows and did a ton of scans. This was about 7 days ago and I had text docs with some semi-important info. Nothing has happened so far though. And I safe now or can this thing survive even a clean reinstall?

I appreciate getting to see how scams like this work There's been a few times that this kind of knowledge came in handy when helping my parents with certain situations

Hearing Jauwn spell out "thirteen thirty-seven" instead of saying "leet" kind of hurts me

I love this IT investigation arc.

Jauwn you did it again, this video is extremely entertaining, well put together AND informative. Your content is getting better and better with every upload :') Can't wait for the next crypto scam XD

It must be good that i'll like never interact with this blockchain stuff then

"If something seems too good to be true, it probably is." I learned a slightly different version studying business in college: "If something seems too good to be true, it is."

i declare marshall law against crypto scams

These 27 megabyte zip files that extract into a full game-like size are real funny. They are usually just endless downloader links and download an insane amount of bloatware programs and add toolbars to your browser. The only reason they can be compressed so much is because the file is padded with a bunch of zeroes/ones.

My childhood remembers ascii artwork at the start of walkthrough guides back in the day for games.

You'd be a great malware investigator, Jauwn. I'd watch the fuck out of that.

"Our new game engine, a program ran on a local device, uses Blockchain Technology, a means of intercommunication between a set of devices!" What Does That Even Mean

man, the website looks so good too. they should have made an actual game XD

No reference to old Gamefaqs with the ASCII art smh.

"Your game is filled with viruses" "Yes" Oh. Ok then. They literally said yes

Imagine when bots are going to become sentient. OnlyFan bots and crypto bots are going to rule the world.

ASCII art like that is a safety blanket for people for the real people of the Internet, seeing it being used to steal money from real people and not corporations breaks my heart.

Hey that ASCII text isn't JUST from nefarious files, it's also from every gamefaqs walkthrough circa 2010

The AI Detector will also say that clearly AI generated Artwork, has less than 10% AI in it. It's not reliable Proof.

I find it funny how crypto games keep asking to be sponsored and end up getting completely exposed

Oppa Gangnam style. Elite haxxzor defending skills on display. Good vid!

I teach computer science. This was an excellent video about the importance of following basic safety practices when online.

Y'know, gameFAQs still uses that ASCII art

Pointless math? Wow it is a crypto game after all

There's a darker aspect to this interaction, considering your anti-crypto stance and the possibility that a worm like that could be used to capture the credentials of say, your youtube account. It could have been a targeted attack

Brother please take care always and your team, *VortexTrace* you're the hero of us who helped watched out for this scumb**gs and give us knowledge not to be scam by these animals and aliens. Please never give up helping to those innocent people….!!!

I thought I was watching a no text to speech video

2FA that sends a code to your phone is actually pretty bad these days. Too easy to Sim swap people if they think you're worth it. An authenticator app is a better option

Thats some nice detective work their Nancy Drew

explaining it like i was 5 was Very good and i rly liked this vid. Educational , simple 2 follow and quite Funny tbh

Wow, that easy to get hacked huh? This has been really educational :O

I think the most depressing thing to me is that (assuming not everything on the site is stolen) they have what could be an interesting looking game. Like drop the NFT thing and make it some kind of Card Battler or Darkest Dungeon style game out of it and they'd probably actually make money off it.

honestly I already don´t click links or download random stuff but this video spooked me a bit, I now feel like I can´t trust any links ever

Depending on the credential stealer, its possible that even 2FA won't save you.