yo im seventh

Bruh I’m first not [Dam KZbin refresh]

Just show case your pc instead of using it. Then you'll never get any viruses.😂

yeah massive bruh moment

Certified 🅱️rah moment

Just because you're not paranoid, that doesn't mean they're not out to get you!

Absolutely! @ThioJoe Can you also describe your rules for AppLocker in the description text? I have been scrolling over and over through the video, which is good for the 'view time' of course, but it would be more practical to also have some kind of overview.

​@@Twinrehzhow abt using pirated software & activating office windows using batch files?

"this stuff happens all the time" I haven't run into a virus since around 2005. It's just user error to download and run files without verifying them. It's yet another reason you should code things yourself instead of importing libraries for everything.

@@jirehla-ab1671 Why do that when you can use LibreOffice for free.

Imagine working on a virus for hours and days even just for one of your first victims to be him. Reported it to his antivirus developer, even multiple AV devs, made a video about it and showed how to protect yourself from this RAT, but also many others. If I was behind this virus, I'd probably be in depression if I wasn't already xD

@@qkzalswns He doesn't need to. He just need the virus to run on a few dozens computers, steal some CC info, some crypto wallet keys and wallah he has good ROI.

@@qkzalswns he was never our first victim lol we got loads

@@qkzalswns the person running it probably didn’t work on it at all. Since it has marketing, it’s probably being sold off to people. The scammer is definitely slamming their keyboard over having their money wasted though

Lol “batch” like their some food or something…or at least thats the picture i get

K

The moment you think you know everything, You know nothing.

@@crisnmaryfam7344 absolutely

@@KobrokoHere K

@@GodofToast absolutely

you seen thiojoe is kind of sketchy as he got virus attacked🤣🤣🤣

the malicious code can also be injected in the designer if you are using winforms

If it adds winform or wpf controls then displaying them in the designer will execute it .

I think that's what they call supply chain attack.

@@raven4k998 like how nobody is immune to propagnada, nobody is immune to viruses.

Plus reinstalling windows is a multi-day job when you have to reinstall all of the open source apps, utilities, chrome extensions etc… It’s something I only do when I upgrade the OS. Also, I found that when I install security suites, file Explorer starts hanging, so I use Windows Defender now. I’m not happy about that, but I am super careful and scan downloads with virustotal.

@@thebritishindian1 some of the apps have portable version, like browsers, it saves a tons of time when I reinstall the windows.

i think he means for most "light" or "casual" users, people who only browse the web, use social media, emails, gaming etc. much easier to just download a game and a few programs again from a list than to get all of your programs and dependencies and settings, directories etc back how you had them.

Microsoft didn't enable this by default because they knew it would inevitably lock people out of a lot of apps, possibly even their own

lol. Why do people still use Windows by choice in 2023? If you want a secure Windows version, use Windows 8/8.1 RT or Windows Phone. They're not very useful in terms of additional applications, but at least you can't run 99.9999999% of malware on them. Or just don't be pit stew. I stopped using Windows back in 2017. The spyware telemetry doesn't feel like a big deal until you use a metered connection and Win10 uses half a GB of data in 15 minutes without your knowledge or consent.

K

if u werent then u wouldnt be installing packages with nuget anyways

Well, Nuget is rather sketchy still compared to official Winget (all packages basically screened by Microsoft-related entities). Inbuilt Windows tools even do singature checks for trusted issuers (which you would only expect from most Linux distros or official stores). Though, of course Chocolatey & Nuget have many more packages available.

Good morning sir

Yeah sounds like they also found an SQL exploit

Same. I thought it might have been a false flag after looking at that in the video too lol

Glad it was helpful, thanks! 🙏

True. It's really an ethical responsibility of the original developer to give advanced notice of such.

1. If it ain't broke, don't fix it. 2. Stop using other people's code and write it yourself. A big reason why software now is full of buggy messes is because people just include every library on the planet. The npm left-pad debacle shows just how pointless many of these imports are.

the internet is a joke

And it would be believable if the numbers were similar for only Discord and Xbox plugins as they are both for gaming. But I am not sure how OpenAI, Discord, Xbox and VRChat would be used almost exact same number of times like they can all fit in a single project made by everyone who used them. Even if the plugins were all logical to work together, 200k projects using ALL of them? And I am not sure that many people would use the Discors plugin with Xbox and OpenAI.

@@qkzalswns Discord isn't for gaming...

K

And Kaspersky

Avast

+1

I want to see Kaspersky too

If you check virustotal, microsoft blocked it

What if the library is just streight up in the cryillic language?

what do you mean "why"? languages exist bruh

You will still need to find the exact file, and that seems to be the most tedious part, considering you need to go through the event log

Yes! I was/am under the impression from videos in the pasz years that paying for security software often makes things _worse_ than what Windows already offers. Is that still true?

​@@redyau_So at home I used to have antivirus, even tried multiple of them. But every single time an AV would find something suspicious and pop up the notification, so would the defender. Last time I reinstalled Windows I haven't even bothered to get or pay for AV. Been using online Defender since and had no problems. And yes, it has stopped multiple malicious .exe files. I also have it set up so that most of my folders aren't accessible without a pop up asking for the permission. So basically no app can download anything into Documents, Music, Videos, Desktop, directly on the C disk, Windows folder or anywhere else except in Downloads. And it also asks for admin permission to run everything all the time except Web browser. Yes, it is kinda annoying to have admin access prompt show up everytime I open Photoshop but that way no .exe files can be run without permission.

Doubt it would work. From what I saw on TPSC yt channel, it's not that good. Offline it barely detects anything.

Agreed! In our school, all computers are connected to the main school server from which admin is controlling our internet access as well as other stuff like our Google Suite (or however it is called, I believe it is Workspace) for our email and domain management. Something similar to what he has showed in the video is set up there too. Our website access is controlled but also what files can and cannot be run. As we have programming as a school subject, stuff like this happens to us to so we cannot run any .exe or .dll files without admin permission. Our teachers computer cannot overwrite the rule set by network admin. Teacher can only add new rules with some limitations. So when we make a program, it obviously isn't signed by Microsoft or any big company so in order to run it we need our network admjn to approve the program. We suggest adding the folder where any files would be runnable but the school did not agree. I just got an idea that we could as for such a thing on our teachers computer. That way he would have the control over which files will be stored in the folder. However, one class made a little program for calculating something school's finance department needed. As they were about to show their program to the principal and Head of IT in front of multiple Computer Science and Programming teachers, the program did not run because it was not signed by a known company and it was only allowed to run on IT Classroom computers. Once again, it was resolved later as it got approved for the whole network, but it was kinda embarrassing for the studens who made it. Also, it would be veeery appreciated if Microsoft enabled OneDrive to store our Windows settings like WiFi passwords, lightmode/darkmode and blue light settings, etc., like every phone does, so when I log into my Microsoft account on my new laptop I don't have to set everything up ONE BY ONE setting every single time I switch my laptop. Also the synchronisation of those settings between my laptop and PC would be very nice, thank you Microsoft.

These situations like his aren't something that happens to everyone so seeing it from him means that I've learned something g I probably otherwise never would.

You can ask Microsoft to fix their code, but they have a history of intentionally ignoring user feedback. 😒 (Just like all companies.)

Secure OS engineer here! You could say this about all of the major operating systems. MacOS does have the App Sandbox, which is a true capability sandbox, but it doesn't tell the user about how safe they are, and it has some interesting holes around file type groups that have been exploitable in Microsoft office. Linux really has nothing usable in that space - don't install apps you don't completely trust on Linux.

@@capability-snob Linux has AppArmor & SELinux, but both are basically unused so +1 for having nothing usable. I jumped ship to ChromeOS about 9 years ago after reading their security design docs. I'm a malware analysis engineer and CrOS keeps me safe enough. Just frustrating to see folks continue to be attacked by stuff like this and not seeing OS vendors work toward improving the situation. What do you use?

Many other Windows files start with MZ. Libraries, drivers, even some fonts. There could be a DLL intended for sideloading with a popular executable, such as explorer.exe.

You can actually start a process with any file extension using the CreateProcess API function

I thought AVG was buried to early 2010s

I heard it some months ago and since then, I compare the VS NuGet result to the original NuGet from the original GitHub repo

Not even more RAM?

Then your stuck with no sofware outside of what comes with windows, or old stuff on phsical media

I think SRP is being deprecated actually

@@ThioJoe o

The issue is when you have a trusted app that can download other executables like in this case. You would most likely mark it's download folder as trusted. If it downloads a malicious software, it will also be put in the same folder. Now you have an untrusted file in a trusted folder.

​@@aeghohloechu5022this is why in our school in IT Classroom we aren't allowed to run any .exe files. Our teacher has one folder that can run any .exe file so we send our files via network to him and he runs the program in the folder. If it was made as an exam then that's it. But if we made it for use in school like one class that made a program for our school's finance department, then our Web admin has to approve it.

@@qkzalswns this definitely won’t work for larger schools.

​@@qkzalswnsalot of the time you can take advantage of the rundll32 program to execute arbitary code on locked down devices btw. As applocker doesn't effect DLLs

Also, it has a different approach to rights on a system

Linux was built for security from the start, if you are bored enough von can Look at almost everything running on your system Windows had a other history so they never had it from the start.

That's like saying the Windows Store, App Store, Google Play Store are things to stay away from because sometimes malware makes it onto them. (Then again…)

Something tells me screensavers wouldn't exist without that virus

No. Viruses long predate screensavers. The first virus was more thought experiment than anything else and the payload was merely text iirc.

Don't forget LinusTechTips also got hacked in the past

​@@CattopyTheWebTwice if I'm remembering correctly

@@Dumb_Killjoy: I knew that one time, but twice?

Someordinarygamers too

@Inspirator_AG112 The LTT Twitter got hacked around 6 or 7 years ago. I think that's why Linus has his own personal Twitter, since the intrusion came from SIM jacking his phone number.

was wondering the same

If it is less than 100$ why don't use it for normal malware?

@@schwingedeshaehers Regular malware is distributed frequently, higher distribution is more likely to get noticed/analyzed. Certificates are more likely to get revoked.

You definitely can't get EV for under $100

@@jc̈ but even then. You only have to look when your Certificate is revoked, and then remove it/make a new one.

@@Exachad Check HF, you can’t get the certificate but you can submit an executable to get signed for ~75 USD.

Most of these programming package managers don't sadly because it's all community uploads unlike say Winget or Linux package managers where a few trusted community members/company employees vet the packages and then upload them. pip and node suffer from these issues all the time and when a project gets hacked it can be really bad if some people have their settings to use the latest version of a package instead of a specific version.

@@hostgradyYeah, but that’s no excuse for MS to not be green-flagging valid extensions & red-flagging invalid ones. They shouldn’t be allowing them to just be posted without oversight.

@@NinjaRunningWild yeah they also run npm which is what nodejs uses, they're really terrible with it

Was thinking the same.

It being publicly known doesn't mean all of the millions (if not billions) of potential victims automatically know about it.

I think they get a basic scan but nothing to stop them from fetching a remote virus

@@ThioJoe As always. You'd think the page hosts would start scanning scripts, especially autorun scripts, for commands that download files and automatically sandbox and test what is downloaded from them. Play store has the exact same issue, because they do not test for Files downloaded by the game, only the files they host themselves appearently

The more you do, the more potential trouble you run into.

That’s my secret, I’m not a tech master

What secret?

No clue

@@ThioJoe Do you know an app that I can use to protect myself on Android?

​@@VaiCaDep0893 it's called "don't install/run suspicious apps". If you only get your stuff from the Play Store and other trustworthy sources like F-Droid you shouldn't have any problems.

@@elnkr2603 I know, but at least suggest me an app

​@@elnkr2603even Play Store has some sketchy shit published to, i worked at phone technical assist for 6 months and out of countless adware ridden android phones, not one had "unknown install sources" allowed, all of it was downloaded from the play store and then when already installed had many techniques to hide the app from the menu and giving themselves permissions