What Their Computer Looked Like Right As They Got Hacked

Рет қаралды 102,713

Күн бұрын

Пікірлер: 340

@gahshunker 3 ай бұрын

Taking screenshot of a desktop by a stranger is called malware. Taking screenshot by a big corporation like Microsoft is called a feature (Microsoft Recall)

@Palmit_ 3 ай бұрын

as you said, also, NSA collaboration with M$

@JorgeRodriguez-ck6cy 3 ай бұрын

@@gahshunker LOL

@prajnaparamitahrdaya 3 ай бұрын

Well money taken by stranger is robbery , money taken by IRS is tax

@mu11668B 3 ай бұрын

Though I am repelled by Recall, MS st least does not exfiltrate the images.

@DWmudskipper 3 ай бұрын

@@mu11668Bfor now. T&S and updates happen automatically 😊😊😊

@Qsie 3 ай бұрын

John seeing Genshin, and instinctively nopeing out 😂

@Azapruu 3 ай бұрын

pretty normal reaction to seeing a tiny floating child in a game that you dont know lol

@Qsie 3 ай бұрын

@@Azapruu considering the context of the other stuff, makes sense lol

@Internet_User_0x0000 3 ай бұрын

@@Azapruu It's almost like it was a game made for certain types of people...

@Azapruu 3 ай бұрын

@@Internet_User_0x0000 yea, for people who enjoy well written characters with giant amount of content (not talking about Paimon).

@Internet_User_0x0000 3 ай бұрын

@@Azapruu Yeah, those kinds of people, they seem to love games with characters that look like children and strange looking vtubers that look like children that are 200 years old :D

@CombineHgrunt 3 ай бұрын

John getting so jumpscared by a random Genshin Impact screenshot he just wants to get rid of it as quickly as possible lol

@SidneyOssEmer 3 ай бұрын

5:03. The most surprising/funny is not the macdonalds' folder, but the Flash Player icon inside in the middle of 2024.

@oriyadid 3 ай бұрын

@@b48292 It definitely looks more like flash to me

@tisaconundrum 3 ай бұрын

that's a name i've not heard in a long time

@joek5930 3 ай бұрын

Just as surprising/funny; the same screenshot reveals that the user has VirtualBox downloaded to the desktop. How does one know enough to set up a virtual environment (this is assuming that the user actually understands how to use VirtualBox) but not enough to stay away from game cheats?

@HT79 3 ай бұрын

@@joek5930 I would've guessed them to be a security researcher but then again the attack is outside the VM (unless they're a maniac who are running VMs inside VMs)

@JulioMigSantos 3 ай бұрын

Could it be that old McDonalds flash game?

@BGP00 3 ай бұрын

>Femboy p*rn "I hope that was eye-opening, at the very least" Indeed 😂My heart skipped a beat when I saw it and I had to check it wasn't my pc

@LocalKarura 3 ай бұрын

wait wha-

@BillAnt 3 ай бұрын

Imagine John's screenshots turning up in there.... haha Anyway, most apps block out the password when typing it on the screen, so screen shots are not that helpful unless they can reveal the code from the OS.

@charmingotter976rr 3 ай бұрын

18:20

@LePedant 3 ай бұрын

There was also a pic of Epstein. 🙄

@MichaelOfRohan Ай бұрын

What exactly made the victims taste in pornography so incredibly important to you? You seem eerily familiar with spoofing inappropriate language to get your comments seen. "He who smelt it" and all that..

@ammarash5449 3 ай бұрын

"There's one interesting thing that happens when infostealer malware runs, it takes screenshot of your whole desktop..." Hmm, seems familiar, but luckily the parties already pulling off from that idea (for now)

@charliesretrocomputing 3 ай бұрын

_laughs in Windows Copilot_

@DarkNachtaraLP 3 ай бұрын

Hey John can we dismantle this R.Pack luncher? I'm curios what monsters are in there.

@lowenstarke4499 3 ай бұрын

Great Video again! I can't be the only one who was thinking every time a new screenshot came on: "Don't let it be my screen". 😂

@divijchawla3829 3 ай бұрын

18:47 seems like the victim is trying to install an advert free cracked variant of spotify, that may have triggered the info stealer malware!

@NaraSherko 3 ай бұрын

Cant blame them

@colinmchaney1142 3 ай бұрын

this is gold. listening to you read the file names was hilarious

@ravibrewster 3 ай бұрын

I'm a fan of the 'what were you doing when you got owned' series. More please.

@vorpled 3 ай бұрын

Flare looked great, so I went to sign up but it's only for verifiable cybersecurity and IT professionals. I'm not active in the field anymore (professionally anyway) so don't think they'll approve me. Is there a similar service for normies? (or one that utilizes Flare's data?)

@ZombieLurker 3 ай бұрын

I wish these sponsors would have an option for individuals like myself that would love to use their software to learn in a homelab setting, or at the very least, not charge so dang much. Making it impossible for anyone other than a bussiness to get access to use their software. Basically every single one that you and other security youtubers get sponsorships from, have no use for the average interested individual on youtube that is educating themselves about the world of security. Maybe I just have no idea but I don't beleive business spend their time watching youtube videos to build their security stack.

@Archmage9885 3 ай бұрын

I don't understand why companies just let stolen session tokens keep being used. Can't they make session tokens device specific or something like that?

@RagasonPvP 3 ай бұрын

Well, followed your sponsor and their website try out form has incorrect CSS and won't allow you to sign up, great.

@adrok8644 3 ай бұрын

did you run as Admin?

@Vulturul333dfd-original 3 ай бұрын

There was a scammer that just had malware that just takes a screenshot and got the emails (not passwords) and then threatened to post it online and asked money within 48 hours, after 48 hours I checked and nothing showed up on the internet and I wasn’t hacked so he just wanted quick money also I was safe because the malware was on my external ssd and then deleted it as soon as I saw that it was some random iso file

@Jcewazhere 3 ай бұрын

RPack launcher is likely bad, but if you got all these screenshots from the same source wouldn't they all be captured by similar malware? Or were they sourced from multiple adversaries/sources?

@Critical3rror 2 ай бұрын

I imagine that entire site is just a malware spreader disguised as a genuine pirate website. There could even be actual games being downloaded to avoid suspicion and make the person likely to suggest the site to their friends.

@Xe4ro 3 ай бұрын

"Pokemon Crystal was my first ever video game" … Me realising you are probably way younger than I thought. :d

@privatechannel1272 3 ай бұрын

What loads boot start drivers, is it the kernel? What about system start drivers and auto start drivers?

@Kalphalus 3 ай бұрын

5:34 That Periodic Table background seems like one of the Lively Wallpaper interactive backgrounds

@randomict6445 23 күн бұрын

"wallpaper engine" alright... @steam, also can be put on phones. Argument can be made, there is also attack surface there ... One can get bg image for 4K or dynamic size, interactive such as this periodic table, some are just flat out video playing, etc...

@Kalphalus 22 күн бұрын

@@randomict6445 The reason I mentioned Lively Wallpaper is because it has a built in interactive Periodic Table, im not sure if its the exact same version, and not sure if Wallpaper Engine has it.

@randomict6445 21 күн бұрын

@@Kalphalus it does have exactly this table.

@noanyobiseniss7462 3 ай бұрын

Pretty amusing seeing the cheater script kiddies being targeted! :D

@uncleburu9464 3 ай бұрын

John is here again

@ThisIsJustADrillBit 3 ай бұрын

Relentless. You're an inspiration 🔥❤

@justanotheruser8271 3 ай бұрын

Windows Defender is a decent AV if you set up it proper way. Victim launches unknown files, no antivirus will safe him from infecting PC with 0day.

@jimmygravitt1048 Ай бұрын

It's a huge red flag when the version number of software is is in the tens of thousands. No one is revising the same program that much.

@novianindy887 3 ай бұрын

Hey John nice video. Where can I get those screenshots samples? for awereness purposes.

@Thiago_Games 3 ай бұрын

18:20 jumpscare

@goodnightmr5892 3 ай бұрын

😂😆😂😆☠️

@genericplayr 3 ай бұрын

can s.o. clip this fr

@Gigi-zy1kx 3 ай бұрын

odd that the malware is where you think it would be

@phitsf5475 3 ай бұрын

John, why does Windows Defender allow this malware to make a network/internet connection? How does something like ZoneAlarm compare, when it's set to strict and you have to manually allow every connection attempt?

@jonashoffmann9344 3 ай бұрын

Windows is not safe on standart. There are ways to make it safer, like the black-/whitelist for file types in windows pro.

@robyee3325 3 ай бұрын

3:35 what are you supposed to do in that moment?

@stage6fan475 3 ай бұрын

What a great idea!! This was fascinating. Kind of like perusing videos of trainwrecks or something. Love your channel; I wish I could catch up on the technical side.

@mrlahey88 2 ай бұрын

Ad that takes up more than 1/3 of video? Hell yeah

@rPenek 3 ай бұрын

FeBo Po... folder was crazy.

@adrok8644 3 ай бұрын

@Somerandomdude592 Ай бұрын

based .w.

@Kalphalus 3 ай бұрын

20:56 Malware devs also make fake modified AB downloads, cracked versions with malware, and just fake ones that look the same and let the malware run

@BrianAHarkins 3 ай бұрын

I love this guy. His energy is boundless, lol!

@MiddleAgedPlayer 3 ай бұрын

They adversaries got inspiration from MS recall

@NelsonLeiva05 3 ай бұрын

Do you think I should download Rpack on my work computer?

@uooooooooh 3 ай бұрын

Sure, what's the worst that could happen?

@joek5930 3 ай бұрын

🤣🤣🤣I cant stop laughing at this one.... Dude.... for real the imagery of your comment, it is too much.

@Strammeiche 3 ай бұрын

Really loved that video.

@SECYBERSAFE 3 ай бұрын

Always waiting for that notification 😊

@excitingspade49 3 ай бұрын

So is flare only for big companies?

@codenedits 3 ай бұрын

If a product is free, your the product

@mineroyal64 3 ай бұрын

I got hacked and I got a mail with a screenshot of when I got hacked, it was pretty funny that it happen 5 minutes after I watch this video.

@Atmatan 3 ай бұрын

Bro seriously how many thumbnails do you need to make for one video. Out of every channel I follow, hundreds of og KZbinrs been doing this since 08, you're the only person who's videos change thumbnail every single time I come back to the page.

@jonathansimerly5550 3 ай бұрын

Interesting. In the first screenshot, the reply to the link being broken was made by "Fling"...🧐

@nikolasavic2650 3 ай бұрын

Thankfully there was no screenshot of my desktop in the video 😅 Lost my main KZbin account (appealed multiple times and couldn't get it back)

@FuriousKai 3 ай бұрын

Is there anyway you can figure out if u we’re infected by malware?

@ThehunterRaptor 3 ай бұрын

John Hammond. I am a huge fan but can you make a video that highlights how mods and malware hidden under a legitimate software?

@AstridKey 3 ай бұрын

Why does when I start my PC with windows 11. The cmd flashes like Three times. What does that mean. How can I know if my computer is infected?

@LarsV62 3 ай бұрын

That might depend on your computer setup. If it's a business or school computer, this may be normal if they run login scripts. Some automatic startup items might also do this if they use any external script engine, such as Windows PowerShell. Go through your startup items in task manager and services manager to see if anything suspicious pops up. If some program you don't use often always start up on system boot or user login, try disabling automatic start in task manager and see if one of them was causing the CMD window popup.

@puppygirlposting 3 ай бұрын

Looks like you need to figure out what's installed on your computer. There are some legitimate softwares that do this. So you don't need to be immediately alarmed.

@Pasi123 3 ай бұрын

You can probably see what they are in task scheduler

@Ashy146 3 ай бұрын

18:52 My theory is that on the third tab, they tried to download a fake version of free Spotify premium or something as it says ad-free in parenthesis Edit: I saw someone already made the same comment lol probably others before them as well

@colingale 3 ай бұрын

the first one, cheats and they all like "it dont work" ha ha, you deserve that one buddy. what you get for cheating.

@Odd-Bike 3 ай бұрын

imagine seeing your desktop, thatd be horrifying

@siomek101 3 ай бұрын

3:36 I THINK IT SAYS "Turn on virus protection"

@Iagogago 3 ай бұрын

It says that threats were found, yet windows defender didnt stop It from running😭

@qazimpajazitaj5548 3 ай бұрын

@@Iagogago it actually means Microsoft Defender Antivirus found threats. Get details.

@ENNEN420 3 ай бұрын

I feel so good that my Windows partition has zero accounts logged into it

@tyranosurasmax 3 ай бұрын

I wonder if those "stick" folders had something to do with that Chapman Stick? Like samples or templates. Only saying that because I noticed Reaper as well on the desktop. That's a Digital Audio Workstation that screams Chapman stick enthusiast.

@alt666 3 ай бұрын

Seeing how game repacking has groups of packers beefing with each other (with some of the re packed game installers containing stuff that hacks you if you try to switch to another groups re packed games) it kinda makes sense that its in so many of these screenshots. But also there's trusted re packers out there and ive never seen rpack named anywhere. As for fling it was one of the most well known single player only cheat software next to wemod and og cheat engine. If its one of the reasons then rip. Probably hopefully downloaded from the wrong site lol.

@x0o0x-x1o 2 ай бұрын

17:50 Maaan genshin was innocent bruh,didnt have to do it dirty

@Krullfath 3 ай бұрын

18:20 LMFAO, also 19:50 is funny as hell

@int1128 3 ай бұрын

This is probably a stupid question, but do they hold data for decades or just short period of time. Asking because I am sure I downloaded malware on my old PC when i was a kid like 10-15 years ago and they definely got whatever they wanted back than.

@fallencyano9015 3 ай бұрын

maybe the people who hacked you dont, but the people they sold that information to definitely do. its probably on a list in the internet somewhere with hundreds of other peoples info

@Cloud67TR 3 ай бұрын

i guess the antivirus window is open because the victims disabled it and didn't closed it not because of antivirus couldn't catch it

@ARM-sq9vg 3 ай бұрын

ok but CULT OF THE LAMB CHEATS go to the accessibility settings. they literally have infinite health as an option

@imranthoufeeque 2 ай бұрын

Put a disclaimer and the time line(from start to end) about the ad brother... I am like why is ad time is more than the actual content.

@maxmoon3162 3 ай бұрын

It was weird, John. I'm surprised that you went for it.

@iblackfeathers 3 ай бұрын

“can we put it in the video?” it’s your video. who you asking? lol

@adrok8644 3 ай бұрын

most likely his sponsor

@xephreal 3 ай бұрын

fling is a pretty known name especially for wemod

@Zeuqh 3 ай бұрын

Noticed how windows defender didnt stop it from running, and people say Windows defender is good enough

@foor 3 ай бұрын

Hmm, it usually is, unless you're doing something really stupid

@silentz93 3 ай бұрын

it probably did they just forced to allow it thats why the defender window was open in the first place

@triangle3113 3 ай бұрын

when malware is fresh even the best antivirus won't catch it. Saying this, is pointless

@Zeuqh 3 ай бұрын

@@triangle3113 that's why heuristics come into play while windows defender sits there and waits for something to happen and when something happens it doesn't do anything Fresh windows defender can't stop malware that's been known for years you commenting that means you know very little

@emmanuelonuigbo8044 3 ай бұрын

Windows Defender will usually do a fair job. Defender allowed it probably because the user allowed it

@qxrzzz 3 ай бұрын

uh oh they defo saw my fun time folder

@fsociety.dat101 3 ай бұрын

At 3:53, it's just telling them their google drive is full. Lol

@Vagabundo96 3 ай бұрын

welp, guess I'm in there I downloaded a trainer

@skyshunts 3 ай бұрын

I don’t save my password on my computer because I would get old and new passwords mixed up and it’s safer to not save it. I have a password book that I write my passwords and other information on websites I use instead

@Cloud67TR 3 ай бұрын

but there are autologin cookies though

@iwasneverjoebiden 3 ай бұрын

@@Cloud67TRthese websites are unreliable if i don't go on a website for some time its gonna remove my cookies and that wont fix no matter how much i try

@k3yeppers 3 ай бұрын

So let's assume you suspect this happened to you. What are the steps one should take?

@syskey1402 3 ай бұрын

5 minutes ago feels illegal

@phuan462 3 ай бұрын

please do more about picoCTF, i learned ton of things from your video😭

@dineshchavda449 3 ай бұрын

17:47 , game: Genshin impact, its RPG game

@swfsql 3 ай бұрын

21:08 why only one of the google chrome icons are censored??

@RedSliceGaming34 3 ай бұрын

Now we need a RPack video

@notta3d 3 ай бұрын

Nice job.

@FUNNEDUCATION 3 ай бұрын

LOL! This reminds me of Microsoft Recall.

@pizzaboxer 3 ай бұрын

19:30 look gary its me

@bornFor1Thing 3 ай бұрын

Is there a cracked version of Flare? Asking for a friend 😏

@ClatitutaGaming2.0 3 ай бұрын

6:15 is from romania

@Palmit_ 3 ай бұрын

i meant the original comment with the timestamp.

@enamori_ikuri 3 ай бұрын

I have a question about session hijacking why cant session tokens be encrypted so that if it's stolen it would be useless to a hacker this is a question I've had for a long time if you could answer this for me I'd appreciate it. Also you inspired me to start taking my opsec and general security seriously we need more people like you on youtube

@didnt1able 3 ай бұрын

Because the idea of the cookie is that you don't need to log back in with your password. Encrypted cookies would require the user to re enter their password. Convenience > Security

@LarsV62 3 ай бұрын

The session login token itself may well be encrypted already, but if you don't log out from the service, the token may still be used to log in from another device under the control of the attacker, as if they were you. Keeping these "auto login" cookies can be convenient, but anyone with that cookie can pose as you without needing to log in. You need to log out from the service to clear it, or delete all cookies when you exit the browser. If you use the "derriere chinos without logging out" approach, you are taking the chance that no one has snatched that cookie while you were using the browser. Web based email, your favourite shopping site or other services you use that does not have automatic logout timer if you don't interact with it, are all vulnerable to this attack. Automatic logout timers work on the server side, so if you just close the browser, sit idle or only use other browser tabs or applications, you must log in next time you return to that site. Banks, insurance companies and others handling vital personal data should always do this automatic server side logout, if they care anything at all about safety.

@phin3x 3 ай бұрын

I need something like this again.

@Roseion 3 ай бұрын

Can we please have a video about ransomware/Ai ? Thank you in advance john ❤

@megumin6548 3 ай бұрын

Well now I know to stay away from rpack launcher.

@mrgeebee1622 3 ай бұрын

Was really funny to watch.

@Jerrec 3 ай бұрын

Gaming cheats and keygens are full of viruses, but the odd thing is that they usually work though (at least keygens). I usually spin up a sandbox vm hosted in a tmpfs where I extract the keygen and then just turn off the proxmox. Everything in the memory is deleted then. I mean I did this in the past. Not anymore, because I even dont use Windows or Windows software anymore. I am full Linux nowadays.

@joek5930 3 ай бұрын

At the 5:14 mark, the screenshot shows VirtualBox right on the desktop. My question becomes; who knows enough to set up virtual environments but doesn't understand the perils of downloading game cheats???

@caboose2016 3 ай бұрын

Anyone have slight heart attacks on some of the images pulled up hitting too close to home?…no? Just me?

@lucacraft8961 3 ай бұрын

20:35 It Is not repack games It Is Just that there are scam websites that are fake repack games and give out rpack Launcher

@contentwithlowquality4594 3 ай бұрын

I used this to try and fix computers and make them more efficient, removing things like crowdstrike malware. I didn't try to steal any info, but many others did. I just like OSes like GNU Guix system Linux distro

@culturedivined 3 ай бұрын

you should do a video exposing websites like fling trainers for malware, personally i've even downloaded something from there before, luckily i only login to steam, battlenet and epic on my gaming PC all with 2fa no banking or social media etc. i have recently formatted though 😂

@mtarek2005 3 ай бұрын

I hate to disappoint but info stealers can bypass 2fa on services not well designed, an example is google and KZbin, this is called token stealing and it basically tells the service they're already logged in

@xpower7125 3 ай бұрын

I want a part 2

@obeastness 2 ай бұрын

It's interesting that hackers are going after people who are too poor to actually just buy the programs. the cheaters I mean screw those guys but some poor kid who just wants to play mine craft and lives in a shitty low income situation where their parents can't buy them shit. Like really it's pretty sad. I have gotten hit with some malware back when I was in the same kind of situation well over a decade ago.