Use code "SOG" to save money at www.gfuel.com Check out the newest episode of the podcast: kzbin.info/www/bejne/l3q2i4Jmfdx3kKs

My mom got hit by Emotet last year. They somehow managed to seamlessly recreate a work document and make it look like a colleague sent it to her. Luckily, she immediately noticed something was off as it said "enable makros" instead of "enable writing" and she got it fixed within a couple of hours. Still it's scary to what lengths some of them go through to infect people.

Just wrote an oral presentation and a 6 page presentation on the importance of security and protocol reforms my college needs to implement. 2 hours after I turned in the assignment yesterday my college was hit with ransomeware, lovely.

I'm glad I went into the IT security field. Appropriately, it provides a lot of job security.

ive been getting so many "receipt" emails lately, so this makes perfect sense.

Unlike the killer hornets in 2020, the deadly malware story arc is finally getting its conclusion

I have never seen a PowerShell injection attack before. That's actually pretty cool and I learned something new today

I feel like everyday there's a new catastrophe in the cyber world.

I tend to get those "Amazon" emails that say you need to finalize the order, or you made an order and it's like a massive item like $5,000. It's like trying to get you to click the url or download the attachment because you would normally be concerned since you don't have the money for such an item or never bought that. I'm always skeptical, but when I get my dad's age and new ways of scams go around. It's going to happen, but as long as you know, you know.

I've recently started going into a computer science degree that has a bit of cybersecurity classes and Muta's videos have been bangers for me lately. Love the channel dude.

as someone who really isn't tech savvy I always appreciate Muda making these videos so I can learn and be more aware. Side note Muda looks like he lost some weight, please don't stress yourself too much man we worry about ya! Love the videos

My entire University was just hit with a giant ransomware attack, so all of the university's computers are compromised. It has affected the pos systems of every shop, restaurant, and security checkpoints. They have even had to cancel final exams for some classes.

i love this, Muta's channel turning more and more into educating people

Shortcuts bypass the PowerShell execution policy, which is what normally prevents untrusted or malicious scripts from running. It's such a dumb security flaw even a child could exploit it.

EMOTET even sounds like the name of an ancient evil entity that some jackass released one day.

Got a phishing email “from” my doctor’s clinic. Claimed to be an invoice and y’all they had me in the first half not gonna lie Watch yourselves out there, gamers! Thanks Moots for keeping us in the loops

Been getting the same email named receipt the past like 3 days at the same exact time (3-4 am). Luckily, I know not to open these. But it kills me knowing there are people out there who just don’t know man. Everyone stay safe.

There are two reasons why Windows will always be more susceptible to attack than Linux and MacOS: 1) Everyone not in a corporate domain environment runs administrator accounts. 2) Windows does not treat "executable" as a file system flag. If it's called ".exe" it's executable. On Linux/MacOS every file downloaded needs to be manually set executable by user intervention.

Muta you talk abour what not to do, but I'd love to hear how to check if you're already infected and don't even know it.

Been wanting to say this for a while, in my college they had an art gallery with a lot of art made by high schoolers. One actually made a portrait of SOG. the Piece came out really nice!

With something that is 3 kb and the shortcut having secret power shell code, there’s something about it that shouldn’t be tampered with

Muta, you're probably not gonna read this, but you have to look into the controversy surrounding Motorsport Games. I just started digging into it and at first I thought it was just a seemingly shady company that has been buying into the sim racing world, snatching a lot of licenses to various racing series and releasing a lot of mediocre products, but the rabbithole goes much deeper than that and it's fucking wild. We're talking investors suing for being lied to, stock market manipulation, broken game releases, financial collapses and ties to Russia. It was so wild to read about that I could barely sleep afterwards. It's too fascinating to pass up.

What enrages me the most with this outbreak again is, that we apparently went backward in terms of virus awareness. I remember 10 years ago, it was second nature to check whether the suspicious file you download of the internet/got via email from unknown sources is actually the file it's supposed to be/expected to be. You don't expect a random "receipt" you got to be a .lnk. And yes, I specifically mentioned, downloading shady things on the internet and downloading attachments from Emails you don't know are actually certifiably good, something you should never do in the first place.

DUDE! I think I almost got hit with one of these! I got a random email congratulating me on my motherhood and offering about $400 as a mother's day gift even when I'm male!

Shoot me a link I’m gonna click it 100 times for science

I was doing research for the MyDoom Virus back in 2004 for a high school Comps Sci project (Which you should totally check out btw), and got the inspiration to research it from these types of virus investigations. Props yo

as someone who's now studying cybersecurity, I love when muta drops these vids - his excitement on the subject makes my day. it's honestly inspiring

Thanks Muta, I love videos like these. Especially since I’m not too educated in anything desktop or computer-related. I know I’m many of your videos you have mentioned and even showed VMs. I was wondering if maybe you can dedicate a video on how to create one, or download one, how to use it, and how to delete it if it ever does get compromised like you mentioned in this video. That would be very helpful.

"We thought you were dead!" Emotet: "My death was... Greatly exaggerated."

2003 people watching this: oh no, *My Doom* is coming!

I've never heard of this Malware but I'm scared now.

I've had two PCs destroyed by some weird malware that causes your RAM to work exponentially harder until it destroys your PSU, and once my BIOS was destroyed beyond repair as well

Perhaps the most worrying part is at 5:58 - it implies that they managed to infect the website of a school in Spain (among other more inconspicuous targets) and use it as a remote control for the malware targets. Looks dangerously well coordinated to me!

you're looking well rested and healthy, muta! happy to see bro

My son-in-law gave me the best advice when it comes to email. He said that since my life doesn't revolve around email and I only set it up to manage other accounts, only open an email when I'm expecting it and never click an unknown link. I know this won't work for most people who depend on email for their jobs but it's great advice for someone who has a TBI or has other factors that make them vulnerable than those who grew up with this technology. Great video! Stay safe!

From the thumbnail we can agree daddy Muta is excited. This brings joy to my eyes

2:50 I literally had to make a history of malicious links for my computer science class. It was talking about how to avoid HEAT they have started to send the links through social media as they aren’t as suspicious of that. It was specifically about hackers targeting people working from home who’s security is much weaker then the companies they work for

after watching this video and doing research, I can confirm that this is in fact malware.

Back in my edge boy days in 2010-12 made a dropper using the screensaver ext. and used power shell as a back up way of making sure the downloaded file ran it’s funny to see older type exploits reused after a bit of time that’s passed

Love your videos Muta, I never keep up with news and stuff because I just don't like the misinformation that goes around. But you keep everything real and while my friends just start hearing about a piece of information, I've known it for a few days from your vid

Basic email security is a simple rule everyone can follow. -Don't click a link on an email unless its a onetime setup link you just initiated. -Don't download attachment's unless those attachments are expected and or you have the knowledge to verify its not malicious. -Always have 3 tiers of emails. 1. Top level bills and highly secure services. banks, home provider bills 2. Lower importance services and social media 3. Spam and website signup account. The email you use that they will probably sell.

Fuck Malware, all my homies hate Malware

This is why I just tell everyone to not open anything even if a friend links something I verify that they sent it

We need to blow this video up. This information is super important to literally everyone nowadays!

You broke it down real good. People so used to small programs to spread malware but may not understand how they are using links that are tiny in size but equally dangerous.

Tldr: Emotet is a trojan disguised as or hidden in an office file. DO NOT DOWNLOAD ANY OFFICE FILES ON THE INTERNET (EVEN IF THEY LOOK LEGIT) If you download any Office file and it says "Enable Macros" Close it down immediately. Do not click ok. If you do it will infect your system. If your system is infected you could try antivirus or if that doesn't work, contact an expert or reset the machine. Make sure to make backups! Keep a drive with backups of your files just in case! They are spyware and can be used as a backdoor into your system.

I basically educated myself in these link file attacks because I once downloaded a file which on surface was good but for some reason I was having a bad feeling of it, I right clicked and checked the priorities window, and behold it was supposed to create a server on my PC, yes a GTA San Andreas save file was supposed to create a server on my PC, I didn't extract it and I was safe.

I know it isn't ment to be a meme, but it is a bit funny to hear Muta saying "VM Programs are free" for the thousand time. He's just begging ppl to use it and get off windows

"The year is 4058. EMOTET began infecting computers again after a dormancy of about 500 years."

Good luck with that one I never check my email till the point I can't physically get rid of them

Well done coverage. I used to be a car hacker for one of the big 3 and I can tell you it is definitely possible to download a car. Point of entry is that USB port connected to you infotainment unit. Then you just upload your stage 2 payload and call it a day.

I’m incredibly shocked that we haven’t come up with something even slightly better than email at this point

these sort of videos are my favorite really takes me back to some of mutas older content . Miss his older darknet browses / virus breakdowns just that whole video style , 2016 type beat.

MUTA Can you look into router RAM exploits that attack both users and the ISP's? That's kinda the shady route these malware are being propagated from.

I'm work in the domaining/parking page business and I can say first hand the number of sketchy websites that look like they had malware in them previously has exploded in the last month or so.

I wish this man taught my operating systems class

I used to be the person that would say "nobody could fall for that", but a couple months ago I almost opened a link in an email from Amazon and I don't even have an Amazon account.

Holy crap is that why I've been getting orders confirmation emails that I never placed? I guessed it was a scam and ignored it but this is much worse than a simple scam. Now I've clicked on the email tho I never downloaded nor have I visited a link of any kind but I feel bad for people who have.

Thank You for these types of videos Muta!!! As someone not super savvy person and someone who works with elderly and boomers often I’m so grateful to have a heads up on stuff like this to keep me and my buddies safe

Why is the video so good. It basically covers everything about security and vulnerability. At least the basics

Muta with a Howard Stern "Baba Booey" reference? My life is complete

malware be lookin sus today btw love your content muta, you've inspired me to pursue a career in tech

I have absolutely no idea what “Emotet” is, but since itʼs Muta, iʼll still watch it.

Just finishing up my associates in CyberSecurity and I find your vids fascinating and informative. Does anyone happen to know his background?

and it is great you know when you do all this and still get hacked or the companies gets hacked.

What people should do is setup filtering emails for regularly used stuff to separate it from non previously used stuff to separate the high potential shady and minor checked stuff

12:25 Beyond that, there is a decent chance they themselves might be hacked.

i went from watching 40 seconds of this video, to checking twitter, seeing an image i wanted to steal and post on my tiktok, get close to posting it but start to have second thoughts, to remembering i was watching this video.. crazy

Thank you heaps for educating people about these things. I had absolutely zero idea that this even existed, and now I can protect myself from it. Tysm 🌹💜

My question is does this apply to mobile devices? Most of my Emails are checked on mobile. I would assume they don't have any resources to Android system.

Am I the only one absolutely stunned at how good Muta looks in the thumbnail?

The world needs to be secured by Blackberry. The most secure software on thr planet.

dude i was playing gtao two days ago we finished survival wave and i died out of nowhere, got booted to another lobby. i returned to the survival and later that morning i got a mssg from steam, that i logged in from another device and the logged out my pc. i tried to reconnect but my passw. was not right. my son who is connected to me on steam could see that someone was playing dayz ,which i never play. he contacted the guy and asked why he was on my account , he was told he bought that account as a modded one, from a russian hacker. im lucky my son could buy it back from him . after that my social media was hijacked for a while. which is really annoying. Keep up the good work man . thnks 4 the info

I had a sus email myself from "Amazon" saying my account was on hold due to a card declined, or something along those lines. Which I thought was extremely odd so I went into my Amazon account look at my prime subscription renewal and saw it was May the 5th so I deleted that email without opening it because I knew that was very odd behavior coming from "Amazon" Weirdly enough I got that email shortly after watching this video....... the timing of that is very SUS since I've never heard of this malware before until now.

Fun (and a bit frightening) fact from working within the industry: I'm working at a cybersecurity company in a team that deals with botnets actually and I can tell you that bots are knocking at the door of your devices every few minutes, continuously. It's just that, if your device is not the type of device targeted by the bot such that the bot is unable to infect it, is not vulnerable to the type of payload the bots come knocking with or is protected in any way, then the door simply doesn't open. There's not that many ip addresses in total, and a botnet comprised of a few dozen thousand devices running bots that are trying to propagate themselves by sending multiple payloads to random ips all over the world every second is enough to cover the whole range of existing ips and reach essentially almost every device connected to the internet multiple times per day. IoT devices such as smart bulbs, smart tvs, smart fridges, conventional routers, smart security cameras that generally stay connected to the internet all the time without someone constantly investigating what's running on inside them are the ideal and the preferred targets of such attacks.

Question about this tho: Isn't PowerShell from standard on disabling 3rd party skript execution? As I know off, you first have to set PowerShell into another 'mode'. Would appericate it if someone could answer this.

Subscribing to Muta is better than any anti-malware software.

Muta looking real good in the thumbnail eh

Oh I remember Emotet and Ryuk too well. One of our clients at my old job got hit with Ryuk that was spread using Emotet a few years ago, total panic mode was engaged. I didn't directly deal with it but our other techs had to gather just about all the drives from the affected computers, think some other company provided us with some kind of secure device to check use with the drives but I can't remember. And yep, 99% sure the whole thing was due to someone opening an infected email.

There’s a new browser in browser malware going around too, feigning Google 1 click sign in windows for example.

This is pretty common. Any Python dev you ask who is somewhat competent would know of BYOB. They’d also be able to script their own modules and alter that source code as a a sort of framework. Infected computers are sold for DDoS attacks, cryptomining, coordinated attacks, 15-year-old Xbox live users, etc.

Was watching this and thinking that virus scans aren't perfect and shouldn't be trusted completely and that people should always run their browser and email client in sandboxie. Good to see same conclusion was reached

The best way to get pwned is when u are looking for a job ! When u get so many e-mails from unknown senders it's easy to feel te preasure to get a job and click on everything without triple checking it !

Always enjoy when Mutahar Uploads, actually entertaining!

Each and every one of these videos makes me feel as if I'm 50 steps ahead of everyone but at the same time I appreciate the fact that you bring these topics to light. There are too many things out there you didn't know that you are not ready for. It's roughly the Star Trek equivalent of discovering the Borg (and getting goatse'd as expected). I'll say it again here just because it's the start of a new month: MAKE YOUR NEARLINE BACKUPS NOW. I'm not saying that as a fear mongerer but the actual solution to the next emergency that goes woefully ignored. 2022 is far from over. The worst is yet to come.

This may be a silly question, but can a person gain access to my data/PC If I open the malicious email WITHOUT clicking any links/downloading attachments? Can they simply do something bad If I just open the email to read it.

Thank you for looking out for all of us Mutahar! Much appreciated.

It's the gift that keeps giving, the joy in everyone's heart, lmao

"Hello your computer had virus" -Mutahar

hair lookin cute today

Still can’t forgive that time Powershell signed a task on its own to open and close itself every 10 minutes basically minimizing every app I had open

I've been seeing ads for online banks with no actual business fronts... It could be why there's an increase in the malware. And I'm not into crypto/blockchain but could you add a line into it that adds malware into a wallet if it's been affected and comes into contact with said code and therefore splinters and infects along the chain? Making one weak link become the entire chain?

I should point out on the last point that some malware have been known to escape a VM, infecting the host. Albeit rare, you never know what malware has up it's sleeves to infect you.

- 2:40 Sure, email is still a common vector, okay. But how are OFFICE MACROS _STILL_ a vector after 20 years? 🤨 🤦 - 6:02 Not quite. The files it downloads aren't the virus itself, when those programs are run, they just print text to the console. That text is a PowerShell script, which gets redirected to a file in the temp directory, then PowerShell is run with the script. It's a few levels of indirection (a pointer to a pointer to a pointer to a virus; basically NFTs 😒). Anti-malware programs should still catch it at some point, eg when the PS script is written to the temp directory.

I'm fine I have my McAfee and Karspersky both installed on my dual core gaming Celeron laptop! I wonder is it supposed to boot the same day I power it on?!

uh oh, you know its bad when even the indian guy is scared!

This was a great video, very eye opening, I was not aware of all this until you told me today. Thank you!

what if i just uninstall the virus

ALWAYS look forward to a new Mutahar video and getting educated!!

World Economic Forum Founder Klaus Schwab opens Cyber Polygon 2021 with a warning: “A lack of cybersecurity has become a clear and immediate danger to our society worldwide.”