This channel was not hacked. I NEED HELP. My channel is about to get terminated. I can't upload any videos for a week. Here's the overview of the situation from my second channel: kzbin.info/www/bejne/d4vJf6eKgdN5qs0

Pretty sure they literally deepfaked Sundar there

It's actually not a keystroke logger. When you run the file, it steals the browser cookies that keep you logged into KZbin. Once the scammers have the cookies, they can put them into their browser and have access to your account without a password or 2FA. They then change the password and 2FA, and you have lost your account. It's quite effective once the victim falls for the scam.

We need a petition to make a major policy to never open email files unless requested on most sites.

I REALLY HOPE YOUR CHANNEL DOESN’T GET TAKEN DOWN I’VE LEARNED SO MUCH😭😭😭🥺🥺

KZbin. Stop striking Enderman.

I would find it odd that the CEO of Google and Alphabet reaching out to their creators. Pretty sure Sundar Pichai would have more important things than to make this video. However, CEO of KZbin is currently Neal Mohan. It would be Neal's responsibility for overseeing KZbin.

I'm sorry about it. I have been watching your videos for 3 years or so since the COVID-19 lockdown, your videos were really entertaining and educational at the same time. Due to college tests starting from next Saturday, I haven't watched your videos for a while. I hope it will be resolved.

(1:19) I remember seeing a similar thing happen where Google Drive was being abused instead of KZbin. Gmall were smart enough to file those as junk mail as they were sent to many random Gmail addresses.

Wow the CEO himself made a video about the monetization policy change. What a dedicated man.

14:00 You can likely use a Hex Editor like HxD instead to remove a bunch of empty bytes (assuming that's what is inflating the file size).

Everybody: fears that their channel could get hacked Enderman: AHH YES, FINALLY, A SCAM MAIL!

"Download document for Windows" People that have Linux: 0:19

Their deepfake of Sundar changes from a British accent to an American accent halfway through

I hate it when cybercriminals try to impersonate a real company

It's actually pretty scary to see what hackers/scammers can do these days, wow...

11:45 also deactivate from any other login session using the non-infected device (a phone for eg). The stealer uploads session cookies which works in some site even after password change.

How are they sending emails from the KZbin domain? Also, so much for the "Scanned by Gmail" feature doing absolutely nothing regarding this. With a company as large as Google you'd think they could run a virus check for larger files. Of course though scammers will just artificially increase the file size even more to combat that.

Я не могу не пожелать тебе удачи выжить в этом недоразумении Ютуба. Ты стал жертвой людей, которые ради своей забавы хотят удалить все твои каналы, думая, что они всесильные. Справедливость должна восторжествовать, и я надеюсь, что этой ситуации дадут больше внимания.

I wonder if they shared a private video with the description as the scam message. Would make sense why it says Shared a video with you

(Slow clapping) Way to go, scammers.

We need Linus Sebastian and LMG to watch this now. Btw, run it on a Linux or Mac system with wine to see what it can do.

It's time for a class action lawsuit against KZbin/Google. No mentally stable person would share a video using the share function via email. This makes no sense. Yes it's a feature from the late 2000s but still... This really feels like negligence. Why did this not have been removed years ago?

We should be able to set an anti-phishing code/passphrase on sites, so that when a real email comes from the company it contains this code. If it does not contain the passphrase we set, it should ring a bell that it’s a phishing/scam email.

ayo! nice video. i miss sometimes old video type like showing how virus works (like petya). i still like this type but would be cool to see more malware videos!

11:26 What does it mean to "force shadow" the computer?

Somehow this isn’t official, it’s a fake message which is a scam.

BTW if You look at the subscriber count, and see that it's fake. Also I don't know they would private the video, they have them public and I would also compare the name (not the display name but the name with the @) with the real and fake KZbin channel.

You might also want to pin a comment with the video here. If that's even possible... I'm not sure abt the editing rights, but you could also add a "showcasing purposes only" disclaimer into every description, maybe that influences the algorithm. Good luck, let's hope there will be a real human looking over it before they can terminate you and your communication attempts are more than speaking to a wall.

Starting to think KZbin should move communications to KZbin studio

The "Anti-anti VM" i didnt expected that XD

Stupid me downloaded the thing because I was scared of loosing monetization ( I know im stupid). I opened the zip but did not touch the document in it. My question now, am I safe or did it already infest my system?

Notice the "confirm=no_antivirus" in the URL. Wonder what that does 🤔.

I witnessed something similar back in February 22 of that year. This time, it's with Playrix's job inquiry through DeviantArt's Chat.

hey enderman i noticed this youtube team account only has 719 subscribers

i might be thinking too simple about this, but can't MS just warn users like if theres a . followed by 3 letters in the name before the actual extention?

I noticed after a while that I hadn't gotten any notifications from KZbin about you uploading. That alone had me a little bummed. But when i saw the title to this video. My heart truly started to melt. I absolutely love your videos and simply the thought of your channel being terminated brings a tear to my eye. Hope you get through this with your channel still in tack. I wish only the best for you Andrew 🙏

.scr also prevents window's smartscreen from coming up when running it.

That's why do I think that LTTs rented out their account.

Just a note, the email is actually from KZbin, it's using the share feature to send a video containing that malicious link

Why does Windows never show extensions by default

Ah yes, I love when KZbin Team shares a video with me on KZbin. This video's good to make me forget about polynomials assignment I've got to do.

Works this virus file on IOS? Or only windows?

Hey Enderman, I have a idea. Making an Windows based OS that just launches a program and that's it, and you cant do anything else. We will use Windows PE For this process, I have tried so many times but i get the same error or just bigger errors and i don't have enough brain for it. This is how i imagined: Windows PE Launches from ISO/any boot-able Source, Installs necessary files as like system32 and the libraries, Installs some drivers for the program to run at all, Restarts. Launches the Program and that's it. Could please do a topic on This?

That's some next-level trickery right there

If the ceo of Google sent me a video about the policies of KZbin changing I wouldn't believe that in the first place

When some russian guy (probably with one of his arms broken) has to tell you not to execute files from e-mails, there is something wrong you had just done.

That's why all my friends in youtube has a backup channel in odysee, rumble and tilvids

Can you do "Upgrading" from Windows Longhorn to Windows XP? (it requires a special application called "Application Verifier")

5:10 if you pay attention to the guy's lips you can see that its not syncing with the voice. giant red flag

notice how the description is unupdated that’s great.

Enderman's the type of guy to install windows 11 on a potato

I already saw something wrong as the file protected as said in the email. Just a rules and policies document why they need to encrypt it

But HOW? Google doesn't let you make an account with the same email as another account! How did they bypass this?

"no ones gonna run this file" i wonder to what happend to linus drop tips

i'd like to see the malware! (also i thought you used chrome not edge lol)

This is why I watch out.

Screensaver? For me those are AutoCAD scripts. 😉

If you listen and look closer at the last bit of the video of the CEO of Google, you can tell it was a voice over the original. His mouth movement and what is said in audio doesn't match.

I don't understand how almost every scam has bad grammar which gives it away.

Where do you get your MP3’s from?

The deep-faking levels here are scary. I think deep-fakes should be illegal.

I see what they did. They shared a video via email.

So did he trashed that phishing e-mail or not?! (I also got a phishing e-mail on my Gmail too yesterday!)

Big companys like google, youtube(owned by google), amazon, facebook, ... should really just sign their outgoing email using SSL certificates, that user can just look for the little checkmark (or however the users email program/website/app shows it) to see wheter or not the email is real or fake, just like the litle padlock in the browser. But for some reason nobody using SSL email certificates. Wouldn't help in this case but it would help against some types of email spoofing (where they just change the sender adress)

hey everyone he has 1 strike WE NED TO HELP HIM NOW pls if u can pin it

Finally a chad who has the taskbar on the top

Naming a KZbin channel KZbin should not be permitted in the first place

Have you uploaded it to the github repository? i'd like to take a look at it.

Next video pls! Downloading malware on MacBook

12:46 thats .NET framework (it is just launching that because that scr was a .NET app)

When YOU don't TUBE the KZbin, you get scammed. Stay safe guys.

One way to prevent getting tricked by this type of scam is changing the way .scr files are opened. Create a new action for the scr and set it as default. For me, i created action 'open2' and set it to open 'notepad.exe "c:\Users\Public\screensaver_warning.txt"'. Windows will still launch screen savers normally, just the user will not. Also by right clicking it, you can still launch it using 'Test' action.

Now we gotta develop a scanner that can scan files that are under 1GB in size.

is this right? generate me 30 sets of strings in the form of "xxxyy-OEM-NNNNNNN-zzzzz" where "xxx" is day of the year between 001 and 366 (for example, 192 = 10th july) and "yy" is the year (for example, 94=1994). your range is from the first day of 1995 to the last day of 2003. "OEM" mus remain intact the "NNNNNNN" segment consist of digits and must start with 2 zeroes. the rest of the numbers can be anything as long as their sum is divisible by 7 with no remainder. the last segment "zzzzz" should consist of random numbers. "z" representing a number.

Probably a variant of Redline

Cool video. I had a video idea that is impossible. Install windows on a hdmi cord

So, basically, the entire premise of this scam consists of assuming that the file is a PDF file, just because it comes packaged with a PDF icon in the executable. This is combined with completely ignoring the simple fact that this so called "PDF" file just happens to have a .scr extension.

what happened to your "limbo free download" video?

mrbeast, e-mails, deepfakes, youtube scammers find every possible way to scam

DUDE! You use edge!!???😂😂😂

Silver Chariot Requiem is always a problem 😂

Even since I haven't got anything, looks like I'm good for a moment. Thanks for alerting us!

Just noticed, HE WAS USING EDGE OMG

How did you not instantly notice it was a deepfake bruh

random question but do you think you'll ever make merch?

Hello which software you use to trace that file exicutive location plz tell i mean which software you use to find that virus location

"720p can't see crap" *happily watches in 144p, since my internet is too slow for anything higher*

I was listening to one of my playlists on spotify, and I heard your intro music! Is it Drive Slow - Windows 96? Anyways, I love your videos and they have inspired me when creating code. I hope to keep watching your vids.

I have a question: If I download a virus that steals my data and uploads it to the user and run the virus, will it work if my internet is disconnected?

what is sim.exe on your desktop?

The download link from Drive has "no_antivirus"... Is it the imposter?

I remember GroovyDominoes52 being scammed by a similar scam. BTW, I'm using Windows 10 22H2, an OS I highly regret using.

What VMware version do you use?

KZbin if you see this, Dont terminate Enderman. (pin this)

Bruhhhh he dubbed the clipped, Listen to the Audio and watch his lips. Scammers tried to lipsync his short clip

Whatever his mouth moves separate to his voice sounds

well in this cakes, i shall rename the cookies into pancakes now that's a pastry joke my friends

Hello, I have vmware workstation 17.1, when I turn on the virtual machine, the vmware logo does not appear when I press the esc key to go to BIOS, that is, I installed Windows XP, the Windows logo does not appear, the welcome message appears directly.

Great to see you uploading again!