What Kaspersky really discovered...
Рет қаралды 237,640
7 күн бұрынHead to brilliant.org/DanielBoctor/ to start your free 30-day trial, and get 20% off an annual premium subscription.
In this video, we take a deep dive into EternalBlue, the infamous exploit behind many of the most impactful cyber-attacks, such as WannaCry, NotPetya, TrickBot, and more. This is the most sophisticated exploit I have covered on this channel, due to the sheer rigor and length of the exploit chain. I wanted to build up to a comprehensive understanding of the exploit, starting with the buffer overflow / out-of-bounds write, as well as the arbitrary memory allocation, before outlining how the attack is executed. Whether you're a pen tester, security researcher, or cyber security expert, I hope you'll find this attack as fascinating as I did.
JOIN THE DISCORD! 👉 / discord
EternalBlue technical sources:
research.checkpoint.com/2017/...
• DEF CON 26 - zerosum0x...
media.defcon.org/DEF%20CON%20...
• SteelCon 2018 EternalB...
www.cs.toronto.edu/~arnold/427...
www.virusbulletin.com/uploads...
EternalBlue non-technical sources:
www.foi.se/rest-api/report/FO...
web.archive.org/web/201902200...
www.kaspersky.com/about/press...
steemit.com/shadowbrokers/@th...
web.archive.org/web/201705160...
www.justice.gov/opa/pr/three-...
www.fbi.gov/wanted/cyber/gru-...
• Three North Korean Mil...
SMB documentation:
learn.microsoft.com/en-us/ope...
MUSIC CREDITS:
LEMMiNO - Cipher
• LEMMiNO - Cipher (BGM)
CC BY-SA 4.0
LEMMiNO - Firecracker
• LEMMiNO - Firecracker ...
CC BY-SA 4.0
LEMMiNO - Nocturnal
• LEMMiNO - Nocturnal (BGM)
CC BY-SA 4.0
LEMMiNO - Siberian
• LEMMiNO - Siberian (BGM)
CC BY-SA 4.0
LEMMiNO - Encounters
• LEMMiNO - Encounters (...
CC BY-SA 4.0
#programming #software #softwareengineering #computerscience #code #hacking #hack #cybersecurity #exploit #tracking #softwareengineer #vulnerability #pentesting #privacy #spyware #malware #cyber #cyberattack #zeroday #security #cybersecurity #breaches #databreaches #bug #bugbounty #pentesting #penetrationtesting #backdoor #hacked #CPU #eternalblue #wannacry #notpetya #ransomware #worms #computerworm #NSA #leak #bufferoverflow #memory #exploitchain #zeroclick #microsoftexploit #windowsexploit #cyberattack
@DanielBoctor 6 күн бұрын
To try everything Brilliant has to offer -free- for a full 30 days, visit 👉 brilliant.org/DanielBoctor/. You'll also get 20% off an annual premium subscription! THANKS FOR WATCHING ❤ I'm finishing up with part two now - hopefully it will be out within a week. This entire video was just a set up for the exploitation phase, so stay tuned. **EDIT - please read** Just to be clear, Kaspersky are the ones who discovered the Equation Group in the first place. They announced the discovery on February 16, 2015, at the Kaspersky Security Analysts Summit held in Mexico. The quote @ 3:38 was actually taken from their official report, that they published on the same day. I definitely should have made this more clear, and I can see why there is a lot of confusion. JOIN THE DISCORD! 👉 discord.gg/WYqqp7DXbm 👇 Let me know what type of content you would like to see next! 👇 Thank you for all of the support, I love all of you
@Dreamer66617 5 күн бұрын
Change the thumbnail it’s easier to share if it doesn’t look like I’m sharing some conspiracy stuff
@user-fx7li2pg5k 3 күн бұрын
SOMEONE WITH HACKING SKILLS could be very dangerous in the coming months and yrs,all it take is the right motivations/attitude and mind set /bad bad actor villain lvl
@luislongoria6621 3 күн бұрын
So many malware tutorials all using the same attack vector clearly emphasize how exactly nothing has been patched. The real upsell of updating your OS is free tech support (monitoring) for the current generation OS
@darkhorse29-yx8qh 3 күн бұрын
SO NSA is behind it
@user-wg2vw3mz1v 2 күн бұрын
$300 seems like a really reasonable price for an online course on the importance of making regular backups 😁
@trephy2999 4 күн бұрын
Kaspersky calling them out on this (and many other things) makes banning them now look like a move to protect future backdoors and get revenge
@Tb0ne212 4 күн бұрын
That makes sense!
@the_expidition427 4 күн бұрын
Saving this
@IT10T 4 күн бұрын
What was their reasoning to ban Deepcool then? it is actually just as simple as their relation to Russia... And what of the other previous bans years prior like DJI or SMIC?
@distorted_heavy 4 күн бұрын
Kaspersky isn't under the thumb of the US gov, so they can't be forced into silence. Easy as
@ignore_for_your_sanity 3 күн бұрын
Oligarchy Russia: 😒 Oligarchy USA: 😃
@OverAndOverAndOver 5 күн бұрын
Common NSA and Big Tech moment
@danwic 4 күн бұрын
More like NSA. They never informed Microsoft until it was too late. Microsoft patched the vulnerability almost as soon as they were eventually made aware by the NSA. So big tech doesn't really have much guilt on this, the guilt lies with the NSA.
@Kardfogu 3 күн бұрын
@@danwic You assume that Microsoft did an oopsie that noone discovered within their development and the NSA didn't ask for an obscure backdoor... ...again. Which is a very bold assumption, or should I say, a quite mentally handicapped assumption. Eternal Blue wasn't necessary an accident or a coding error, it could have been and most likely was a feature, intended for the use of USA government agencies - not necessary limited to the NSA -, then the NSA decided to act like NSA does: not reminding Microsoft in time that they got hacked, hoping their favorite toy wasn't stolen.
@christophertoth9810 3 күн бұрын
@@danwicyou assume this wasn’t intentional by Microsoft. They created it when they were told to and patched it when they were told to. I mean notified
@cid3384 3 күн бұрын
@@danwic just look at Snowden's revelations. Microsoft does was Big 3-Letter Intel tells them to, pun intended. Microsoft builds soft-side code, alphabet smiths exploit it, not to say they're spoonfed, it has to look innocuous. I have zero proof however similar instances of intentional backdoors have been well documented.
@NorthernChimp 3 күн бұрын
@@christophertoth9810 Not to say it's unlikely, but you're assuming as well.
@ignore_for_your_sanity 4 күн бұрын
Impressive, now let's see Paul Allen's packet injection mechanism.
@0xFDFA 3 күн бұрын
OMG! It even has a watermark...
@ImproMooray 3 күн бұрын
Isn't Paul Allen the guy he hacks to death @@0xFDFA but when he says let's see his card the guy smoking who's clearly someone else pulls out Paul Allen's card. Did Paul Allen give it to him?
@Seikatsu121 2 күн бұрын
The tasteful if statements
@J0K32R 2 күн бұрын
Is there something wrong, @ignore_for_your_sanity?
@urracojalpa4481 2 күн бұрын
Paul Allen from Microsoft?
@KillianTwew 5 күн бұрын
Sounds like Microsoft and NSA are the real adversaries here
@RockyPixel 5 күн бұрын
Tale old as time
@MaakaSakuranbo 5 күн бұрын
Well MS just wrote Buggy code. NSA found the bug and decided that rather than to alert Microsoft, so people could be protected from malicious actors, do keep it for themselves.
@jtjames79 5 күн бұрын
Richard Stallman was right.
@metalhead2476 4 күн бұрын
No. It's CCP and Russia.
@nobeltnium 4 күн бұрын
@@MaakaSakuranbo these bug might be introduced by microsoft on behalf of NSA request
@jooch_exe 3 күн бұрын
The fact that this exploit was only discovered by hacking the NSA is insane.
@omarjimenezromero3463 Күн бұрын
haha, every security department of a government has those tools under their sleeve, specially "capitalist" ones, you will be surprised if you catch the embebed code of VISA and MasterCard debit and credit card code, those also work in that way, macOS is the one with the most notable backdoors, microsoft second, and for linux you need to cling into the tools the system use (because you can find a custom linux OS that does not require outside the country code to mitigate backdoors).
@systemhalodark 3 күн бұрын
"It was North Korean hackers" Yeah... riiiight. How convenient.
@homeistheearth 3 күн бұрын
Also - NK only have shitty old western computers..
@mrbuttocks6772 2 күн бұрын
@@homeistheearth That's really all you need. 'Brute force' style attacks are the ones that require insane computational power, and for the most part those don't happen any more.
@Userf384gw 2 күн бұрын
@@homeistheearth got sanctioned by the us to death. literally.
@mycelia_ow 2 күн бұрын
@@homeistheearth and the ever glorious RedStar OS
@rusername 10 сағат бұрын
@@mycelia_ow nothing wrong with the OS tho, its linux and probably runs faster than windows 11
@UtubeH8tr 5 күн бұрын
That's why you should own 2 computers. 1 plugged to the internet 1 not. They won't ever steal my quake arena mod maps.
@christopherleubner6633 4 күн бұрын
Yup that's how you do it. ❤
@LeMicronaut 3 күн бұрын
RELEASE THE UtubeH8tr MAP PACK!
@Thalanox 3 күн бұрын
Run one of those self-learning AIs in a match for a decade and they'll develop world peace.
@Celestial_Cryptid 3 күн бұрын
@@Thalanoxthat’s how you start judgement day. That will find a way to get itself off the computer.
@sylfraeaveniore2684 3 күн бұрын
They won't collect my Club Penguin LAN server
@christopherleubner6633 4 күн бұрын
That the NSA had their little keyhole to spy on everyone used against them is comical. 😂❤
@daryljenkins4391 3 күн бұрын
Maybe we should all use open source OSes like Linux.
@ashade2877 3 күн бұрын
@@daryljenkins4391 YES Welcome to the Open Source world comrade
@masterTigress96 3 күн бұрын
@@daryljenkins4391 The "thing" that happened with Debian showed us that open source doesn't mean anything, unless it has been audited independently by reputable auditors/cybersec experts, multiple times in various different ways, with the results being published. Good luck with finding something like that. Maybe Red Hat/SuSe products but I highly doubt it. Potentially something like OpenBSD comes to mind but I don't think it can meet all of the listed requirements. I do think it comes the closest to them.
@tuamaputanna2897 2 күн бұрын
@@daryljenkins4391 not even linux distros are safe sadly: just as an example, systemd's main maintainers are microsoft employees
@sloppycee 2 күн бұрын
@@daryljenkins4391oss is not immune to infiltration. You didn't hear about xz?
@BobertV702 4 күн бұрын
I must say, after 2 years of studying IT, programming, red and blue team, no one ever explained this vulnerability better than you did here. Subscribed. I'll watch all of your videos, and will be waiting for the 2nd part. And thanks for sharing that defcon talk, I'll watch that as well!
@DanielBoctor 4 күн бұрын
wow, thanks for this comment. I appreciate the support, and I'm glad you liked the video. Happy to have you on the channel!
@user-wg2vw3mz1v 2 күн бұрын
@@DanielBoctor TBH $300 seems like a really reasonable price for an online course on the importance of making regular backups 😁
@paladro 2 күн бұрын
@@user-wg2vw3mz1v or, you could tell people for free...
@IAT1964 3 күн бұрын
Department of Defence is a misnomer. It's actually the Department of War
@benitomgomez3290 2 күн бұрын
It was it's original name! They changed to try to cover the truth ! !! 😮😢
@szjakesan 6 сағат бұрын
So do other ministries of defense in other countries, which may not be for defense only
@recgar 3 күн бұрын
So what is the REAL reason the US government has labeled Kaspersky a national threat?
@milutzuk 3 күн бұрын
Maybe it's because Eugene Kaspersky was an FSB graduate? That's a secondary reason, the main reason was that KAV has ring 0 permissions (required to scan for rootkits) and is able to push overnight updates. Just add 2 and 2. Ring 0 is the most privileged ring. Everything that runs here is said to be in kernel mode because, well, the Windows kernel runs here. Also the drivers. Here everything has the most privileges. The other ring in Windows is ring 3. Processes that run here are said to run in user mode. There are no rings 1 and 2 in Windows (technically Windows wasn't implemented with rings, but the principles of segregating the privileges still do apply). Any antivirus needs to run in kernel mode for obvious, now, reasons. And, to make that 2+2 for you, albeit Eugene Kaspersky didn't prove to do everything his "colleague" Putin probably asked, the risk is there and the risk is to have in the morning tens to hundreds of thousands of computers being completely Russian puppets. It would be impossible to scan every antivirus update for backdoors especially when you don't see the source code. That scan would have been mandatory because Russia put cyberwarfare in its Military Doctrine in 2014 as part of the hybrid war, basically declaring war on the whole West. So the US took the sane approach: when you have no defense against an unconvicted criminal, better not invite him into your home.
@thecianinator 2 күн бұрын
He literally says it in this video. They discovered closed backdoors that the NSA was using
@helixwash4508 2 күн бұрын
Truth
@jamieevans5979 2 күн бұрын
It's based on Kaspersky Antivirus being the source of a leak of classified material originating from a NSA contractor's home computer. That's it.
@Conserpov 2 күн бұрын
In the empire of lies, truth is a national threat.
@GaryCameron780 3 күн бұрын
NSA being hacked is a form of poetic justice. LOL
@Conserpov 2 күн бұрын
Do you also believe in Saddam's WMD?
@paladro 2 күн бұрын
its just part of the landscape, what army(even IT) doesn't attack or have to defend, at some point.... not entirely sure it's justice, since nothing will come of it.
@nigelrhodes4330 13 сағат бұрын
The NSA was not hacked, a stupid employee took files home and had Kaspersky installed on their home system and the files were exfiltrated that way.
@Trizzer89 5 күн бұрын
Ransomware has to be the fastest way to make money ever invented
@PenguinCrayon269 5 күн бұрын
the fastest way is to print it 💀
@blindedjourneyman 5 күн бұрын
@@PenguinCrayon269Not everyone is a banker o thr government.
@anekodot. 5 күн бұрын
@@blindedjourneymancounterfit money exists
@Trizzer89 4 күн бұрын
@@PenguinCrayon269 Cant print in one day enough to multiply your net worth by 100000x
@Kenionatus 4 күн бұрын
@@PenguinCrayon269 Conterfeit money at the hundreds of millions or even billions might be really hard to actually spend. You can't just walk into a bank and slap down a few tens of millions without having to answer some questions. If you're paying in cash you also will only be able to use relatively small quantities in order to not become extremely suspicious. Then again, that does in a way apply to all kinds of illegally obtained currency.
@mx338 5 күн бұрын
The US State Department just accuses however meets their current strategic goals the best, so I really don't trust their attributions to North Korea and Russia. Ultimately their cyber weapons are to blame regardless.
@raiden72 4 күн бұрын
Well the USA did invent the internet and they accelerated computer development to where the world could have computers so, they basically own everyone's computers anyway. No matter how much China tries to steal our technology we will always be ahead.
@Sammyli99 3 күн бұрын
DOH. Deciet in the Deceit, deflection is the new projection, actually since 1776.
@dannydetonator 3 күн бұрын
If it was just US whatever or NSA i'd get you, but no software engineer who looked at it, from US to S. Korea has objected to the evidence, of which there are more than plenty. And you, worm for a brain, are doing _exactly_ what all US enemies whant you to do. Becoming an enemy to yourselves.
@FitraRahim 3 күн бұрын
Russian, Iran, North Korean hackers = Euh.... Bad man... US, UK, EU hackers = It's not exist, not bad man.
@HammerStudioGames 3 күн бұрын
What a braindead take.
@dennisbuswell 4 күн бұрын
idk why but my brain read your channel as Daniel Backdoor.
@DanielBoctor 3 күн бұрын
haha, that's would be quite fitting
@IngwiePhoenix 3 күн бұрын
Welp, that's stuck in my mind now. Can't unread... xD immutable buffer. (:
@alienJIZ1990 3 күн бұрын
Wait, so the NSA knew about a vulnerability, but were so full of arrogance and hubris that they didn't even bother to secure their systems so that it can't be used against them? Shocker. Even if SMB2 didn't exist at the time, they tailor the OS to their needs anyway, and could've easily either switched to NFS or even wrote their own more secure protocol to reduce the giant attack surface caused by SMB1
@zeitgeistx5239 3 күн бұрын
Nope. They were banned from government comp back in 2015 after NSA Equation Group hacker took his NSA malware home. His home PC Kaspersky anti virus picked it up on their servers in their Russian HQ. Kaspersky is controlled by Russian intelligence due to Russian state laws. So in 2015 Russian hackers leaked the NSA Malware and documentation to embarrass the U.S.
@erikkonstas 3 күн бұрын
"they tailor the OS to their needs anyway" ain't a very easy feat... the switching protocols part though could be "easy", it would just involve a bunch of custom drivers.
@Acorn_Anomaly 2 күн бұрын
Was it ever specified that the attack against the NSA was carried out using the EternalBlue vulnerability? I would think that they would have secured their systems against this vulnerability, and a different attack vector was used. Could easily be wrong, but I don't recall that being stated in this video.
@letcreate123 2 күн бұрын
Super Mario Bros 2
@Xynic48 19 сағат бұрын
It's not arrogance, they were using it or planning to use it to spy on people. This is not exactly the first time they discovered an exploit and used it for spying.
@RustedCroaker 3 күн бұрын
That's why they're banning Kaspersky. Because it could detect even NSA's exploits.
@soundspark 3 күн бұрын
In that case wouldn't they have been banned in 2017?
@BloodwyrmWildheart 2 күн бұрын
@@soundspark Gov aren't as bright as they'd have us believe.
@gremirid 2 күн бұрын
@@soundspark But is banned now.
@alexandrep4913 2 күн бұрын
@soundspark How can they ban Kaspersky in 2017 and bringing this attention and have people know. This has blew it all off the lid. What's worse is that Kaspersky is so good, that it gives you a performance boost. My laptop went from 3-4 hours of work time on battery, to 6 to 8 hours.
@RustedCroaker 2 күн бұрын
@@soundspark They started a smearing campaign exactly in 2017. After Kaspersky ability to detect government's malwares went public. Google for articles from the time.
@DoMyHomework_ 3 күн бұрын
This highlights why closed-source is inherently dangerous.
@douglasgoodall3612 2 күн бұрын
Had this been open source, it is still uncertain that anyone would have noticed this exploit. In fact, had it been open source, the hack might have been discovered sooner and used longer. Don't get me wrong, I gave up Windows long ago and now use Linux strictly.
@baconofburger8784 2 күн бұрын
@@douglasgoodall3612 if it would have been discovered sooner it would've been patched sooner
@YodaWhat 2 күн бұрын
@@baconofburger8784 - You ASSUME discovery by White Hats. Black Hats keep their own secrets.
@mycelia_ow 2 күн бұрын
Potentially* not inherently. You're using a closed-sourced platform, if you really believed that then you wouldn't.
@DevelopingJon Күн бұрын
lol this is why Elon is freaking out at the people he gave money to in order to research AI for humanities greater good (i.e. open source).. now they’re turning around and selling it directly to the highest bidder. We’re screwed.
@Furry_Lord 5 күн бұрын
This is why you should always take advices and try to understand why someone is warning you to fix the bug and not just dismiss it as a joke attempt. Happens often with superiors who think they are more superior then you, just because they want it done faster and get that chachink.
@tsvetislavrangelov5932 5 күн бұрын
My friend, your explanation of the exploit is STELLAR! Even as a guy in this industry, it boggles my mind how complicated this exploit is, and moreover, how others found the actual exploit itself! Crazy stuff, appreciate the effort you put into this man!
@DanielBoctor 4 күн бұрын
of course, glad you liked it!
@adultdeleted 3 күн бұрын
@@DanielBoctorwhat does this have to do with kaspersky? the title is leading people to believe kaspersky is being banned for uncovering or "stopping" wannacry, when that isn't the case and has no correlation in timing.
@adultdeleted 3 күн бұрын
the only connection i can make here is kaspersky's leak from an nsa contractor. i am not seeing that connection explained in the video. is this an old video you already uploaded?
@himalayo 3 күн бұрын
the NSA has windows' source code and all the money in the world at their disposal
@Derederi 3 күн бұрын
@@DanielBoctorcould you out more ads in it? Its almost 60% ads vs content. You could easily reach 100% efficiency. Just play ads. Start and End with brilliant ads, and fill the rest with youtube ads.
@solanaceae2069 2 күн бұрын
And just like that their sudden banning of Kaspersky makes sense. They will not tolerate any whistle blower exposing their crime.
@tim.martin 5 күн бұрын
"but I digress", the digressions were great mate.
@andyaskew1543 3 күн бұрын
The NSA was engaged in cyber gain of function research, and it got away from them.
@AuxiliaryPanther 3 күн бұрын
😂
@onemoreguyonline7878 4 күн бұрын
Every intel computer is backdoored anyway with management engine
@humansvd3269 3 күн бұрын
You can buy non ime chips from govt sales I think. But just don't use Intel.
@BeefIngot 3 күн бұрын
AMD too with the pse. Very angry we cant have private computing. Even arm microcontrollers have backdoors.
@notaras1985 3 күн бұрын
@@BeefIngotwelcome to 1984
@NorthernChimp 3 күн бұрын
The IME and the PSE are official utilities available to the network administrator. That makes it more of a normal feature than a real stealth backdoor IMO. Although the NSA did complain about it to Intel as a potential vulnerability 😆
@slimesuchi 3 күн бұрын
I love my librebooted thinkpad
@hineko_ 3 күн бұрын
I dont get why they called it Windows. Should have called Backdoors
@user-sc7fk5ys6x 2 күн бұрын
Same idea, isn’t it. Good point.
@jamiewilliams1410 16 сағат бұрын
Providing those backdoors gives Microsoft permission from the government to remain in the Apple, MS duopoly. We all know Linux is an option but remains an option for nerds only and is nowhere near any form of mass adoption. Microsoft is a member of the Linux board to keep it that way.
@sidensvans67 4 күн бұрын
The Backdoors are now Barn Doors . 👀
@lukeumhoefer 5 күн бұрын
The part of the story that never gets told on the news... Great video!
@DanielBoctor 4 күн бұрын
Glad you enjoyed it!
@WifeWantsAWizard 4 күн бұрын
On behalf of all Linux users, let me just say, "Not EVERY computer."
@timmeh87 3 күн бұрын
Linux users were lucky the xz utils backdoor CVE-2024-3094 was caught in time, Different OS, different exploit, nobody is really safe these days
@o0Donuts0o 3 күн бұрын
Didn’t someone try to insert a back door in SSH and only found out by accident? That’s just laughable.
@o0Donuts0o 3 күн бұрын
Just as aside, our servers were invulnerable to WannaCry because we disabled SMBv1 YEARS ago as per MS security guidance, which is freely published. That’s the difference between knowing what to to and “install Linux because ima rocket scientist now, hurdy durdy”
@AshTag 3 күн бұрын
@@o0Donuts0o 🤣
@MyCompAndGadgetHacks 3 күн бұрын
@@o0Donuts0o I don’t know which is more laughable. The fact that the attack was planned years only to get discovered because some dev didn’t like his performance numbers. Actually thanks to that we learned not to rely on critical libraries that are maintained by a single person.
@ronin_user 3 күн бұрын
That British researcher wrote Kronos on an amphetamine binge.
@nogrammer 2 күн бұрын
_"Ferb, I know what we're gonna do today"_
@RokeJulianLockhart.s13ouq 3 күн бұрын
A terrible, clickbaity title (which almost caused me to ignore the video) for a brilliantly researched and explained video. Please do more of these.
@user-sc7fk5ys6x 2 күн бұрын
And the political trolls on the comments section have the same effect, giving the impression of clickbait hype. In actuality yes, this is pure tech, nice!!
@helixwash4508 2 күн бұрын
So Kaspersky found backdoors that the nsa was using? Makes perfect sense that they would be banned from the us 😂
@HasteCS 5 күн бұрын
Damn yo I’m a software engineer and I feel stupid as fuck watching this. Super complicated exploit but u did a good ass job explaining. Not sure how this doesn’t have way more views lol
@DanielBoctor 5 күн бұрын
haha, it be like that sometimes. I appreciate the support 😊
@reset5899 5 күн бұрын
u should be a software engineer then nn dog
@MaillonRecordz 5 күн бұрын
Dude but that’s with every new project or thing you learn in coding. You always feel lost and find your way lol if it was easy software/programming engineers positions would be handed out like free water
@HasteCS 5 күн бұрын
@@MaillonRecordz haha yeah I mean normally I have a easy enough time following along and have enough knowledge to like have a general idea of what’s happening but this vid I had to pay laser focus to or else I had to go back and rewatch . But I agree, the constant learning is what makes software engineering such a great job!
@ClosestNearUtopia 5 күн бұрын
Has not more vieuws because its old af already.
@Legz-sy4mg 3 күн бұрын
The Shadow Brokers have done more for IT security than almost anyone since then...
@stereo-soulsoundsystem5070 3 күн бұрын
Damn Kapersky said they're a weapon to surpass Metal Gear thats crazy
@IngwiePhoenix 3 күн бұрын
Otacon! Why is there another Metal Gear?! /MetalGearAwesome voice
@James-hb8qu 3 күн бұрын
I don't see the work "Kaspersky" anywhere in the transcript for this video.
@NorthernChimp 3 күн бұрын
3:39
@James-hb8qu 3 күн бұрын
@@NorthernChimp Thanks!
@Bob.Jenkins 2 күн бұрын
Why was the NSA never fingered as the *real* source of all the woe that these exploits caused? If, like any responsible organisation, it'd simply informed MS and others of these exploits then a great deal of fear, damage and financial loss could have been been prevented. I can, partially, understand the NSA being reticence in reporting the exploits - but weighed against the huge cost to the public and governments for their failure to do it - it's reasons are, to put it mildly, pathetic. Those exploits *would* have been found by others - there's a huge number of people constantly searching for them - and all their delayed reporting did, was give people the opportunity to find them... though I doubt those people thought they'd find them all documented on the NSA's servers.
@tannhausergate7162 Күн бұрын
The entire purpose behind the all the three letter agencies is to transform the world into a dystopian wasteland. Why would they try and seek to minimize damages? They are gleeful over every million that gets burned for nothing.
@Corteum 2 күн бұрын
What happens if US customers just ignore the ban and go ahead and use VPN's to extend their subscriptions to Kaspersky and download updates for their Kaspersky products?
@user-sc7fk5ys6x 2 күн бұрын
Experimental verification of Kaspersky’s benevolence, that’s what happens.
@luketien928 2 күн бұрын
I feel like I’ve been hacked just by watching this video. I am by no means a hacker, just an everyday computer-user, but I still watched the whole video. I understood very little, and I feel like I am not qualified to comment or compliment. That said, I felt as if the explanations were very thorough and yet succinct at the same time! Well done!
@roryfree4707 5 күн бұрын
you are uniquely very good at laying out these exploits in a way that's simple to follow. awesome video
@DanielBoctor 5 күн бұрын
I'm honoured, thank you 😊
@j00500hall 4 күн бұрын
The complexity of the crafting of this video essay, let alone the words leaving your head by your mouth in a sensical, comprehensible and eloquent way (without stumbling at any point) is, in my opinion, as significant in effort as the input that the actual exploit initially was to uncover. How you managed to convey some of the complexity of this sophisticated attack in an incredibly interesting digestible 20min video i have no idea?! But it was brilliant!! 👏👏👏
@quintrapnell3605 5 күн бұрын
It’s nuclear proliferation in cyber form
@xecoq Күн бұрын
Except in this case everyone has a uranium mine, can hide the reactors and can develop their capabilities much faster.
@wapuvdvdv 3 күн бұрын
A part 2 on how an adversary could use the out of bounds memory write to gain control of the computer would be very interesting!
@MarcCastellsBallesta 3 күн бұрын
The connection between video and the promotion was so smooth... Well done!
@cpuuk 3 күн бұрын
If you are wondering why OS2 gets a mention, it's because IBM invented SMB and Microsoft adopted it for interoperability.
@garypinholster1962 3 күн бұрын
If something connects to a network. It can be accessed. Nothing is safe unless it's completely unattached. If you have files you want to keep safe, back them on up external drives and after back up disconnect it from the network and store it away. Use a computer not connected to the main network to access files. Middle man if you will. It's a hassle but it will guarantee security.
@jamesbenson1809 3 күн бұрын
So... the root cause is the NSA.
@sametekiz3709 2 күн бұрын
yes
@sovahc Күн бұрын
Root cause is complicated code. KISS
@m4rt_ 6 күн бұрын
This is why open source operating systems (like Linux) and open source software in general is better. Anyone can look into the code, and if they find a bug, they can fix it themselves, or ask someone else to fix it. With closed source software, like Windows, you are forced to just ask Microsoft if they could fix the issue... which in many cases they just ignore (there are several security issues that are in Windows 11 that have been there since at least Windows 7)
@Mitch-xo1rd 6 күн бұрын
This is why all servers use Linux, including much of Azure (Microsoft actually maintains their own distro), any person or group who knows the dangers of proprietary software should avoid it like the plague. Microsoft is forced to share their source code with the US government, so they can develop all the Eternal Blues they want, and Windows will be at the whims of whoever has access to that network, be it spys on our side, or North Korea. Use Linux, and samba to serve your files, it will save you much headache and security.
@artu165 6 күн бұрын
It works the other way around and the reason why security agencies like the NSA and CIA don't use open source products. Because with open source, you can go to the source code itself, find bugs and exploit them. One of the requirements to store secret and top secret information is for the device it's stored in to not use any open source code or libraries. Specially since other foreign states with almost unlimited resources and some of the smartest security actors could easily find and exploit open source bugs that no one else has found. Most corporations and enterprises do the same, you're only allowed to use open source projects if your security team has vetted an open source project and agreed there is minimal risk in using that project
@wumi2419 6 күн бұрын
@@artu165"specially since other foreighn states could easily find and exploit open source bugs that no one else has found" and what makes the argument different for closed source? Edit: I would assume that your comment was sarcastic, as claiming that closed source is more secure under a video about NSA backdoor exploit is way too ironic.
@C-aFilms 5 күн бұрын
@@artu165 your point is self invalidating, if you can read the code to find a bug, someone else can to FIX the bug
@InhalingWeasel 5 күн бұрын
@@C-aFilmsExcept that having a state funded dedicated team of engineers tend to find vulnerabilities far more efficiently than a bunch of hippies in their free time.
@PriyavShah Күн бұрын
This was so well put together and described. CANT WAIT FOR PART 2
@bowarc 6 күн бұрын
Insane video ! It's crazy to think that something like that can exist / be accepted
@DanielBoctor 6 күн бұрын
I know, it blows my mind everytime I research something like this. Thanks for watching!
@daanmageddon 6 күн бұрын
Nice vid, very interesting lets see part 2!
@DanielBoctor 6 күн бұрын
glad you liked it!
@EternalATomik 3 күн бұрын
This is easily THE most comprehensive video on the topic. Very well put together. Subscribed!
@antoniorocha9438 5 күн бұрын
After the Snowden incident, they won't repeat the same mistake near soon.
@harbinger200 3 күн бұрын
There is software CIA declared a pain, and its Commodo firewall+AV. Im not sure its authentic, but from experience i can say its tough.
@Ellarian_Liara 4 күн бұрын
"every computer" shows macs that weren't affected
@Sauceyjames 3 күн бұрын
Shhhh the Apple fanboys might get upset.
@RustedCroaker 3 күн бұрын
Macs just openly funnel all your private data to Apple. No secret backdoor could compete with that.
@jonathanhirschbaum6754 3 күн бұрын
@@Sauceyjames He is right tho. That should be clearly show affected OS. I dont give a damn about Apple or Windows but this vid is misleading AF
@tajo48 3 күн бұрын
Dont forget about linux
@Vincent_Beers 3 күн бұрын
Apple OS is a custom Linux shell behind a paywall.
@phineas7423 Күн бұрын
Your explanation of the bugs and how they work was top notch
@glitchy_weasel 5 күн бұрын
Wowiiee! Amazing video! Can't wait for Part 2.
@bigbilly29 5 күн бұрын
Great video man, cant wait for the next one!
@DanielBoctor 4 күн бұрын
Appreciate it!
@sangeetguha51 6 күн бұрын
As always, great video. I love how you explain things. Eagerly waiting for the next part. Pls keep making such videos :)
@DanielBoctor 6 күн бұрын
Thanks for the support! Will do - part two is almost done 🙌
@deeyadeli1435 3 күн бұрын
The fact that people can figure all this out amazes me.
@Dreamer66617 6 күн бұрын
10/10 graphics and explaination. MORE VIDEOS KEP IT UP!
@DanielBoctor 5 күн бұрын
glad you thought so 😊. More is on the way 🚀🚀🚀
@rejvaik00 3 күн бұрын
1 minor correction the NSA is not part of the department of defense they are part of the department of Homeland security or DHS meaning they fall under title 32 not title 10
@RaD-re6kb Күн бұрын
you have a great knack for making complex topics fun! ♂️
@user-wg2vw3mz1v 2 күн бұрын
$300 seems like a really reasonable price for an online course on the importance of making regular backups 😁
@banyanyas839 2 күн бұрын
Damn gotta buy some Kaspersky now
@kevinwydler7305 4 күн бұрын
This is sooo well explained! Thank you so much for your effort!
@DanielBoctor 3 күн бұрын
of course, thanks for watching!
@spirotheoriginal250 3 күн бұрын
someone who finally explained in detail, you gained a loyal sub waiting for part 2
@Mitch-xo1rd 6 күн бұрын
Love the content man, keep it up!
@DanielBoctor 6 күн бұрын
glad you enjoyed! thanks for the support
@PowerPot 6 күн бұрын
Thank you so much for these type of videos!!
@DanielBoctor 6 күн бұрын
of course!! glad you like them. thanks for the support
@GabrielTobing 3 күн бұрын
3:31 Yeah this is probs why Kaspersky is now banned in the US, only the US is allowed to spy on you and Kaspersky just outed them hahahhha
@wyattarich 2 күн бұрын
It's got a lot more to do with Eugene Kaspersky's habit of going to saunas with FSB officials. This isn't new information either, Google it!
@BloodwyrmWildheart 2 күн бұрын
@@wyattarich Nothing more than a smear campaign.
@masoodjalal1152 2 күн бұрын
@@wyattarich Question? Did he start going to saunas with FSB officials recently or he was doing it before as well? If he was why not ban Kaspersky earlier? The fact remains that Kaspersky is one of the best anti-virus in the market. Besides the US policy has been simple, if you cant control them, ban them. They did this with Huawei, now Kaspersky.
@BloodwyrmWildheart Күн бұрын
@@wyattarich *yawn* Basic slander. Nothing new.
@jakethesnake2264 6 күн бұрын
Excellent vid, excellent educational content. This is the information people don't want to hear but rather need to hear
@DanielBoctor 6 күн бұрын
I'm glad you think so! Thanks for watching
@IndyAdvant 3 күн бұрын
Dude this video is so well done. Tons of history all in one shot. Insta sub.
@DanielBoctor 3 күн бұрын
I'm honoured. Thank you!
@shutsz 5 күн бұрын
you got me with the cicada 3301 music
@DanielBoctor 4 күн бұрын
Lemmino FTW
@abdosoliman 5 сағат бұрын
Kaspersky was mentioned like once in the video and it was a comment about the NSA that has nothing to do with content of the video yet they managed to make it all the way to the title. Logic Kaspersky = Russian = BAD = Must Watch 😀
@samedwards6683 2 күн бұрын
Thanks for creating and sharing this informative technical video. Great job. Keep it up.
@Honzecki 6 күн бұрын
Let's go, new vid!!
@piratet0aster719 2 күн бұрын
Now it explains why Kaspersky falls under sanctions/ - Thank you Kasperksy team for keeping us protected.
@TheBenJiles 23 сағат бұрын
Great breakdown man. Thank you.
@rolfnoduk Күн бұрын
Almost expected: 'This is where today's video sponsor comes in - The NSA is an industry leading...'
@Sammyli99 3 күн бұрын
ANY TIME on ANY SUBJECT, I hear an AMERICAN GOV OFFICIAL SPEAK....I KNOW IT IS A LIE.
@diamondblack3776 5 күн бұрын
Offline is the new online (like the 80s)
@madhaha Күн бұрын
Does a great job illustrating in-depth a notorious and technical attack on Windows in a way that people can follow. Chose to represent the exploited machines using iMacs and Macbook Pros.
@UAVXP Күн бұрын
Thanks for explanation!
@herpederpe4320 4 күн бұрын
Dont use software that big corporations wrote - they need to follow the law - the law is malicious
@Kardfogu 3 күн бұрын
Not necessary the law is the malicious part, it's the interpretation by corrupt government bodies that is most often.
@herpederpe4320 3 күн бұрын
@@Kardfogu there literary are such laws nowadays though
@LoLrand0mness 3 күн бұрын
I would go as far as don't use anything written by an US firm. Their law has been designed for WW3, there is no line between commercial and gov agents.
@through-faith-alone Күн бұрын
and their unwritten law is even more malicious
@Ice-cz6kk 6 күн бұрын
HELL YEAH!
@DanielBoctor 6 күн бұрын
haha, first comment
@FailedSquare Күн бұрын
I worked in a SOC on night shift at the time of this, I grabbed one of the screenshots and set it as the slideshow screensaver on every machine in the room. The next morning my relief was late so i left, she finally showed up about a half hour later and i got a panicked phone call from her on my drive home. I had to pull over and catch my breath because i was laughing so hard.
@SirPotat2398 4 күн бұрын
so all those attacker gen data over multiple years just kinda sits in the ram while its hidden and another bug can meet up woth it and evolve into an attack
@change_your_oil_regularly4287 3 күн бұрын
Just more reasons to use Linux instead of Windows
@lorenzodiambra5210 3 күн бұрын
9:21 microsojft: SrVFEATLiStTOnT!!!11!!1!!!1!!!!! linux: 0101001011⌨️🗿☕
@lshxggyl 3 күн бұрын
There seems to be a lot of those lately. I’m tempted, but I don’t want to go through the process of downloading all of my games again
@DiceMan20 2 күн бұрын
The fact that the NSA, instead of reporting the bug, caused 100s of millions of dollars in damages, just to keep the exploits to themselves, is wild.
@ericc6820 5 күн бұрын
awesome video! Keep them coming.
@user-xp8nq5mf9y 6 күн бұрын
Dam you not going to tell me how
@slobrat3556 5 күн бұрын
learn assembly lol, it's not easy, but anything worth while isnt easy.
@user-xp8nq5mf9y 5 күн бұрын
@@slobrat3556 feel like learning assembly would be useful for everything computer related
@doktork3406 5 күн бұрын
Why do you even need to know how?
@dimitralex1892 5 күн бұрын
everytime somebody asks why I want to know something I get this feeling they dont even understand life or the world and they have no clue how anything works... damn it feels so stupid to ask someone why he wants to learn that it pains me physically...
@lyoko111 5 күн бұрын
The video literally explains step by step how this worked lmao what you on ab
@palomarjack4395 3 күн бұрын
I got hit by this once, only once, back in about 2010. Being smarter than most IT managers I simply re-installed Windows, restored my backups and began my full migration to Linux, for I had seen "the light". Now, the only Windows machine I have is only used for gaming and networking is shut off. If I need a Windows driver or utility, I download it with one of my Linux machines and use CLAM to virus check. Be smarter than most IT managers and do yourself a favor, unless there is a business or gaming reason, stay away from Windows and keep backups, if you don't, you will be pitifully sorry.
@williamrgrant 3 күн бұрын
Super well done video! I love the visual components to help explain the various copying and data movements. Really helps to grasp the concept for visual learners.
@darkfeeels 3 күн бұрын
Quality work. I learned so much without knowing anything about coding. You earned my sub!
@DanielBoctor 3 күн бұрын
haha, that's pretty awesome. thanks!
@enivxn 5 күн бұрын
That's why i use arch linux btw
@lionnotsheep6048 4 күн бұрын
Im trying to make a USB boot drive for Linux but I have no clue what version to use there are like 12 different Linux OS to choose from
@enivxn 4 күн бұрын
Use the best one for your needs but I would recommend pop_os linux mint and debian and maybe Ubuntu
@lerebox 4 күн бұрын
@@lionnotsheep6048 if ur a beginner u should probably go to ubuntu, after windows ends life of support i'll go on ubuntu too
@joshix833 4 күн бұрын
If you want to learn Linux and know stuff about computers and feel comfortable following the wiki arch. Otherwise maybe Linux Mint
@lionnotsheep6048 4 күн бұрын
@@joshix833 so just use daemon tools or etch and make a iso?
@boomperson818 5 күн бұрын
You have to be special to craft these exploits
@lorenzodiambra5210 3 күн бұрын
9:21 SrVFEATLiStTOnT!!!11!!1!!!1!!!!!
@samsimington5563 2 күн бұрын
I kinda feel bad for the emergency patients that had to be turned down because of this problem. I bet the worm caused a metric shit-ton of deaths on a global scale because because all of the life-saving equipment was affected by this worm and rendered inoperable
@fckyu5440 4 күн бұрын
Absolutely superb video!
@DanielBoctor 3 күн бұрын
glad you enjoyed it
@Toksyuryel 3 күн бұрын
Microsoft's fear of ever allowing the user to encounter a fatal error, preferring instead to always try to recover from them and keep executing anyway whenever possible, is at the root of so many of the bugs in their software. They call it "user friendly" but in reality it's what makes their system so easy to exploit. The correct thing to do would have been to simply drop the packet, but then the user would see an error and Microsoft doesn't like that. My best guess for why they have this policy is that visible errors cause tech support calls so they save money by making it less likely users will know there's been an error.
@humansvd3269 3 күн бұрын
Ponies rule
@lorenzodiambra5210 3 күн бұрын
9:21 microsojft: SrVFEATLiStTOnT!!!11!!1!!!1!!!!! linux: 0101001011⌨️🗿☕
@wernerviehhauser94 6 күн бұрын
well, there's your true cost of ownership of Microsoft products right there......
@quintrapnell3605 5 күн бұрын
The Feds broke the gangs, they broke the banks, broke nations, broke opposing ideologies.
@dimitralex1892 5 күн бұрын
more important: there is the price for planned insecurity...
@Sekhmmett 5 күн бұрын
Was patched. Now patch your system yourself.
@OriginalAustinOblivion 4 күн бұрын
@@Sekhmmettit only took them years. Check how long it took them to patch mimikats…. They’ve known about it for years, got patched for a short while, then they broke their patch in may of 2023, and it’s still vulnerable
Gufee.medalin
Рет қаралды 7 МЛН
Modern Vintage Gamer
Рет қаралды 289 М.
Low Level Learning
Рет қаралды 550 М.
Blueberry Lutein
Рет қаралды 280 М.
GiaoHeo
Рет қаралды 2,8 МЛН