the world's worst botnet are those youtube comment reply bots ^^

Finally it's here

@@getawayunclejohn7107 fuck man at last it’s here after all that waiting.

@@getawayunclejohn7107 yeah man, oh my God I can't believe we're being saved by the Lord Jesus Christ. /s I wonder if the bots will follow/reply to our conversation.

@@hectorcanizales5900 Actually some Telegram promo bots are setup to reply with a random text, sticker, gif or even a voice message within ~30s-3m of being mentioned. It's annoying AF, but at the same time hilarious whenever they start "talking" to each other.

getting ddosed by a few first gen Amazon alexas

I'm working at a cybersecurity company in a team that deals with botnets actually and I can tell you that bots are knocking at the door of your devices every few minutes, continuously. It's just that, if your device is not the type of device targeted by the bot, is not vulnerable to the type of payload the bots comes knocking with or is protected in any way, then the door simply doesn't open. There's not that many ip addressed in total, and a botnet comprised of a few dozen thousand devices runnings bots that are trying to propagate themselves by sending multiple payloads to random ips all over the world every second is enough to cover the whole range of existing ips and reach essentially every device connected to the internet multiple times per day. All of these bulbs, smart tvs, smart fridges, conventional routers, smart security cameras that generally stay connected to the internet all the time without someone constantly investigating what's running on inside them are the ideal and the preferred targets of such attacks.

@@gabrielem_ woooaaahh.... zero-trust firewall on every ip!

one can only dream X'D

I remember a talk about using blockchains to create networks of smart devices that self correct changes to firmware through consensus. It's definitely a big worry that not enough manufacturers address.

kzbin.info/www/bejne/opTXkIF4eN-Jgbs Finally it's here

kzbin.info Finally it's here.

Use a live os with persistent

​@@ahmedabd2259 make your own live os with your custom os settings. A bit of a hassle to update things but would be safe

I love how your comment got 3 bots XD

this...

Agreed, but .lnk extensions are still hidden. It's only the little arrow on the icon that gives it away. Very clever to put powershell code in there now I think about it.

@@mr.serious707 lol thx for the good explanation

@@mr.serious707 thanks for showing us bob

@@mr.serious707 the IT guy in our school made our teacher delete files in her hard drive because a program said "out of memory" 😭😭😭 (I didn't say it meant ram because I don't like her anyway she deserved it + the IT guy should have known better)

Is it works that way? Most of the time social engineering is the way to go. (It's basically scamming people to think something else) and a lie is the most underrated thing in this world. XD

Maybe buying a bag of ICP isn't such a bad idea after all then. The only problem is ICP being a decentralized internet with good speeds. It already takes a good amount of time to send transactions imagine video files or games lol

Redditors

@@s4ms3piol30 I barely use reddit but good job spotting a profile pic I guess.

@@puffpuffpass3214 not sure what u mean by icp all I think of when I see or hear icp is insane clown posse.

Computer worms have used network and emails to spread since the mid 90s. This is just the latest model. I'm not worried. Not the first time the world has over blown a computer virus. Still waiting for CIH to end all computers....

you say that but Zeus is a core program in a lot of nasty malware.

Gator don't play no games.

Yo thats correct what ya said

I usually laugh at people who fall for this stuff (even if I shouldn't.. not everyone can be that tech literate) But that is just on a next level, I guess you just hope your AV might have some behaviour blocking stuff that gets alerted I wonder when they start using AI to write personal spearfishing emails to *everyone* based on their social media...

How did you know the origin of the attack? Is your past customer/client from Saudi Arabia?

​@@ziyaddossri1821 i mean the server that sent the email. It is in the email headers. Even if the email address is something different, the origin server is there. It was a wordpress website of a company that most likely got hacked and their servers used for sending those mail.

thats scary

Classic antivirus also look at program behavior. There are still evasion techniques that will work for a while then you need to find something else

Can antivirus programs look through obfuscated code? Or do they detect signs of obfuscation and this is a red flag in and of itself?

@@Avengerie some antiviruses do flag positive for obfuscated code

@@itsqbobby which ones

@@tomomei nearly every av flags obfuscated executables as malware, even Windows defender

deeta recovery software

The only antivirus you need

I am Proto, your security is my motto.

Is just another corporate AV, they probably have their own botnet within it.

@@fofopads4450 it's a joke. legitimate antivirus software but from past testing of it by KZbinrs it wasn't good at least back then.

it's actually very easy to skirt admin requirements in powershell with -ExecutionPolicy Bypass and other such methods. And most malware scripts are made to do exactly that or to find ways to manipulate files and data that don't typically trigger user access controls, of which you'd be surprised at how much you can get away with without such privileges.

I think it's possible to block this through windows group policy which wouldn't even allow PowerShell or cmd to be opened at all

@@mgh7634 Where does one learn how to do such things?

@@mgh7634 "ExecutionPolicy" Bypasses don't exactly bypass Admin Privileges, they simply bypass the "GUI only", "Signature only" and "Admin Only" *Restrictions* and a few other restrictions, and many legit scripts use it too. Even MS has stated explicitly on its docs that it is not an security feature and even mentioned a bypass method themselves. And, there aren't any Admin Bypass/Privilege Escalation going on here either, Botnets could perform their function with Non elevated Privileges just fine, as they just need to sit on the computer and constantly scan for a connection request for the payload. And In the first place you don't even need Admin privileges for most of the Malwares, for the most part it's some Ransomware or System Sabotage kind of malware only which requires modifying System files and/or Locking you out of system components or the system itself. Most of the Spywares, Botnet and the similar ones could perform all the tasks(logging keystrokes, accessing webcam, performing operations on the network stack and accessing personal files) without Admin Privileges as these are pretty common things. The only thing that it may need higher privileges for is reading from restricted memory addresses, in which case they could exploit some other elevated process and inject arbitrary code in their memory address/stack which contains the execution flag using some UAF Vulnerability, but generally privilege escalation is avoided as it's unnecessary and not always successful to perform.

@@maximilian200057 John Hammond has analysed malware that bypasses execution policies easily by using this flag. It's not designed to be a security measure in the first place.

Step 1: change the default password Step 2: see step 1

Only thing we learned is how to make a good password and that you shouldn't use them twice, that's it lol

Actually quite easy to implement since ICDL (International Computer Driving License) already exists. It was part of my job training.

English?

@@karamelapple8007 normal people don't actually care about security that much, if an antivirus etc slows their stuff they'll turn it off and assume that any problem it gave went away

@@NameTheUnnamed12 My friend using Android phone and said he does installed 3rd party malware scanner. 🤣 When I asking PC people like... Hey, do you download pirate software for personal use?. Mostly said no. They're worried about virus will going to ruin their machines. But They'd rather installed free to use softwares without much worry in mind.

Dude it's free money 🤡

@@ThomasBomb45 no way, fr?!

@@jesscorbin5981 Yes, next time click it pls! 🙃 claim your free money!!

I don't think they are lazy. They have huge incentives to make windows secure and an army of well paid devs and specialists working on that. The issue is balancing the need for legacy stuff to work vs writing off things that were mistakes in the first place (e.g. macros). To be fair, we have the power of retrospect and software development was different in the past. In a bid to offer the most feature rich and competitive product, some boo-boos were made and they are paying for it now.

@@shotnothing3419 I meant being lazy when they first implemented macros. Yes, it's easy to be critical in retrospect, but I don't think it absolves them of it either, if a mistake of the past still affects us today, it's still a mistake.

@@lucasm20 oh in that case I agree, although recklessness to deliver the most competitive product back then was also probably significant

But it's really best not to rely on an antivirus for that, especially given that these programs have a tendency to go to shit. Even Windows 11 does a lot to sandbox apps right in the OS, and you can't match the security of something like Fedora Silverblue.

@@AwakenedPhoenix309 Fair enough, but still, considering the ubiquity and prevalence of Windows machines, out-of-the-box security has gotten astonishingly good. It's kind of really difficult to demolish your setup if you have the slightest traces of common sense - which, of course, is a huge if. You might not match the security of commonly used distros, but the question is if you have to in the first place.

@@AwakenedPhoenix309 Fair enough, but still, considering the ubiquity and prevalence of Windows machines, out-of-the-box security has gotten astonishingly good. It's kind of really difficult to demolish your setup if you have the slightest traces of common sense - which, of course, is a huge if. You might not match the security of commonly used distros, but the question is if you have to in the first place.

No it really doesn't do anything.

There is antivirus software by default on any mac and windows machine. You don't need any additional software to keep out most of the viruses. Not sure about linux.

😂😂💀💀

I'm a Nigerian prince give me 794.32 btc and I will promise to wire transfer double that into your account

*Video:* There's this malware going around that requires you to be a complete idiot and open random files you get sent attached to suspicious looking emails *You:* So you're saying we shouldn't use Windows and Office? That's like burning down your house to kill a spider

Freedom lead the way. Amen.

Windows and MS is fine for safety's sake. Just don't be dumb and don't download random stuff.

@@minhuang8848 ? malware can get on your computer in more ways than downloads.

Mac OS and Linux malware exists, too. Also, some malware works on Wine. Using another OS isn't a silver bullet.

Maybe because Macros exist and have a valid usecase for anyone who doesn't want to spam the same shid like a 1000 times in a Word or Excel document?

@@wrockd I feel like Microsoft should make people read the dangers of allowing macros before that are able to enable them

@@amongsussyballs Agreed, Ngl given that most of the common MS Office users don't pay much attention to *small* Dialogues and just hit OK, because of how common and mostly non important/relevant these dialogues are. Even I think that they should show a big dialogue with a big *"WARNING"* Flashing in Red on top and then the dangers mentioned in bold, it will hugely prevent this stuff. Also with the disclaimer that "If they have received it from Email, most likely it's a Virus"

uhm how have you answered your own question?

the thing is they DO have a secure way to view the document. as long as u dont enable editing u can see the entire document, u just cant change anything (which is kinda the definition of previewing). the warnings that u saw were part of the document, made to look like they were part of the program. that was REAL social engineering done by the hackers behind the malware.. not microsoft.

Makes no difference if one of your friends' emails gets hacked. You just publicly revealed you have no friends! 😉 /JOKE

@ladawg81 if they try to befriend you, they must be trying to social engineer you! Dinner for 1 is cheaper anyway...

@ladawg81 pity is just another tool in the playbook of using people for personal gain.

Already is! Worst "critisim" is I prefer it at 1.25x speed but cmon... That's nbd cuz 90% of videos are better at 1.25. Great content!

H*ck

It's not

quitting because of spam emails 🥱

@@royalxd Hello and welcome to my article and TED talk about How spam emails gave me PTSD!

@@royalxd more like dumb staff

or a third option.. direct withdrawal from your bank account

duh

Lol, good one. 😂

bruh what????? powershell may be a shit shell but only relying on cmd would be hell

Need to have individual and dev versions of windows, dev versions would be much less locked down. They could even make a super secure, but still usable version of "security windows", couldn't they?

The malware doesn't just get to decide on its own how it gets activated. It has to work with whatever software the computer is already running.

@@Elrog3 Wasn't being serious. Joke...but thanks for being a logical thinker.

^^ He sent this via pigeons

Based researcher ignores war

Pov: no pov

nah. im sure newcomers to linux will not be very sesnsitive to security there just lucky that theres not much linux malware

Once userland is compromised you're toast as well

Take a shot every time he said “Linux”

@@ZaHandle helpp.ther.is.sjumpin he. Scheep

Most embedded iot devices run some flavor linux, it's actually a great target.