Oops, been told that chrome_100_percent.pak files are unrelated to your chrome passwords. Instead that pak file is just resources used for the malware (which has a component made in electron). So the passwords never get saved to the disk, rather they are uploaded to the attacker immediately, scary.
Um can you make a video about a clone malware copying a good app that obs studios please report and tell more about the fake clone malware of obs studios please😢😢😢😢😢.
I had a similar scam before. I told the dude in Discord "Okay, give me a second to boot up my virtual machine and I'll try your game" and they immediately go "THE GAME DOESN'T WORK IN VIRTUAL MACHINES"
oo good one. personally if someone i don't know approaches me i instantly ask them wtf they want and that i will block them if they do anything remotely sus or send me anything remotely sus. usually they shut right up.
lmao, if u actually boot a game in a vm (virtual machine) then you will still get the game, although if u run like minecraft in a vm then it will lag btw
I had someone try to pull this on me and I said something along the lines of “hey you’re not going to ask me to download a game are you?” And it threw off their entire script. The English just degraded so badly as they scrambled to figure out a new tactic
The key to never falling for scams is to have trust issues and social anxiety! Can’t get scammed if you don’t talk to someone and on the off chance you do you don’t trust a word that comes out their mouth!!
The archive file being password protected is a huge red flag. That helps prevent AV scanners from checking the archive out when you dl or first open it.
but there is false positives aswell tho, i wrote python script myself that has been flagged as a TR .. while the code was basically a BMI converter put into a single EXE file using pyinstaller...
My condolences to the Elderand devs for having their game being used as a fakeout for scams. To use such a specific indie game like that, that must feel pretty sucky.
I HATE this particular scam. I'm currently working on a university assessment that does require me to get a wide range of people to playtest a game at the end, and I can't ask any of the communities I'm currently part of (and yes, I've checked) as a direct result of this scam.
i almost fell for a nitro scam one time. fortunately i didn't click on the link at first and the guy had a youtube channel connection on his discord. i asked him in the comments of one of his vids about it and he said he got hacked. hacker was stupid anyways lmfao, who pings @everyone in a dm?
Poor Elderand. I went to buy the game on Steam just to support them. Because it legit looks like a fantastic game, which is probably why it gets targeted so much. Thanks for raising awareness not just of the scam but also the original game.
I am so glad you exist. About 20 minutes after you posted this video I got about 6 pings from different servers regarding this malware spread. You are an actual legend.
l am so glad you exist. About 20 minutes after you posted this video l got about 6 pings from different servers regarding this malware spread. You are an actual legend.
The previous scams that you've covered seemed like things I'd instantly recognize as scam and avoid, but this one is pretty convincing for me, I would've fallen for it easily So thanks for covering this, NTTS
The previous scams that you've covered seemed like things l'd instantly recognize as scam and avoid, but this one is great convincing for me, l would've fallen for it easily So thanks for covering this, NTTS
The previous scams that you've covered seemed like things I'd instantly recognize as scam and avoid, but this one is pretty convincing for me, I would've fallen for it easily So thanks for covering this, NTTS
The previous scams that you've covered seemed like things I'd instantly recognize as scam and avoid, but this one is pretty convincing for me, I would've fallen for it easily So thanks for covering this, NTTS
The previous scams that you've covered seemed like things I'd instantly recognise as a scam and avoid, but this one is pretty convincing for me, I would've fallen for it easily So thanks for covering this, NTTS
Only problem is that Discord has a track record for not bothering to solve issues in a timely manner. Hell, I've seen one case where a server owner got hacked cause of a scam similar to this one and they didn't respond for two whole weeks, leading to the server's deletion by the hacker. I do not trust Discord to be competent, especially with where their priorities lie. That being said, this is a good video for showing how this stuff works. I'm sure it'll be helpful for a lot of people (It's also just really interesting). I feel bad for the dev(s) of Elderand tho, knowing this is a somewhat common occurrence for them. I can only imagine being in that position. .-.
Only real problem is users believe that anything they do should be taken care of instantly and have no concept of ques, previously existing issues, ongoing work, and limited manpower.
@@antehll yeah sadly, but it was mainly just normal viruses that steal your info, i had many of them when i didn't know what discord was so they literally had no info to steal, recently fell for a scam but it could only grab my google info, and i use firefox
Funny thing is, I fell victim to this around a month ago when one of my online friends messaged me asking to test a game and all my passwords and info got stolen. They also tried to buy Nitro on my account using my saved card info. Scary how 1 file can do all of this. I had no idea how this malware worked though until you made a vid on it. Good job 👍
Same thing happened. Friend's account sent me the link, asked if I wanted to beta test for their friend. They didn't get far before I reset my password and everything, but they joined and boosted a random discord server.
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
I used to be a victim of this, the worse that happened was my clients friend is an actual coder and is hijacked by this and mostly tricked most of their fans including myself thanks for spreading this information for everyone to be aware
Happened to me. A Dev I trusted pretty well "announced for April fools" that he'd been working on a game. Let my guard down. Only decided to put it in virus total and triage afterwards.
i had a friend of mine who i knew from school get hacked via steam. however this hacker bot would automatically send shit to people. it was something along the lines of a csgo tournament.. the first red flag is the fact this dude doesn't even play csgo. the second one is that the chat was in english we are both dutch. he ended up finding out and telling everyone to not click the link tho. but he never truly resolved it so i ended up blocking his account for the time being after sending a message on his profile because the bot was getting really annoying constantly spamming shit. so i decided to test it and cussed at it in dutch. it kept going with it's little spiel so i instantly was like oh come on
I don't really care... ... Just reinstall Windows, and get on with life. I let governments install firmware... ... if they don't affect my surfing and fun. That's all. Make sure you have nothing they don't need to know around. That's all. Your name, address, and such... ... government or linked companies can easily find, no need worry about those. But important accounts such as banks, your operations and such... ... all masked out. They can scan, they can look around, they can try dig... ... nothing. Most if not all the pirated games are loaded with such malwares, including malwares from government agencies. So not a problem for me, just live with them and if they don't bother you, that's ok. They wanna track you activities, find out this and that from whichever accounts and such... ... the usual stuff. Nothing special, since even operatives and important folks nowadays are gamers... ... like myself. Hahahahahaha... ... You need to have a respect for that. I open my door to the guests, if they are not sickos, they take their peeps, and leave respectfully. Problem comes when some jokers when you give them face, they go overboard. If Microsoft suggests I install a new Firmware, I definitely will... ... provided the mainboard is not so serious business. That's all. Personal policy. But it is the same as... ... "You are wasting your time".
@@HenryTan-pj2oi this. like it's not like you can completely avoid it. it just depends on what type of activity from my pov. as long as i can play my games do what i want i really don't care. go ahead and check what specs i'm using etc i really don't care.
@@litchtheshinigami8936 I can choose not to download firmware from government linked Microsoft... ... Can be avoided, since my system for casual use is split for surfing and cut off for gaming (not online). If I use a brand new Motherboard from China or elsewhere and clean of Firmware malware, it is avoidable. My other systems which contain sensitive data are not 'involved' and not physically in my home, though it can be accessed from home. So... ... even the best of the spyware or malware will only hit the casual systems, and mostly the system used for surfing online. The only way to gain access to my gaming system is via onboard component without approval connecting to secret network which of course... ... is pointless to intrude cos it has no sensitive or important material such as my bank accounts and such. Ransonware locks my harddisk? Just reformat everything... ... that's all. And other than Firmware malware, surfing system can be 'refreshed' by reinstalling Windows. And if the spying agency gets too overboard with no personal integrity, have to change motherboard. And sensitive system is separated with casual systems not only by physical proximity but via point of contact only steel box containing unit, only via infra red can the main system be activated, and even that an intruder must go through a couple of layers of security. Even game data which is important is backup in multiple 'servers' which are all physically cut off and a 'bridge' unit will be used to transport data should the casual gaming system be breached or accidentally connected online. Over at my side, security is like top CIA settings, with sensitive system many times that of my casual systems. My casual gaming system is decently protected, but not unbreakable. The point is, there is no need to break into my surfing or gaming systems. Once malware messes up the gaming system, for instance, Windows will be reinstalled after format... ... and the bridge unit will replicate the requested games and saves to the refreshed gaming system. Similarly with the surfing system. The sensitive system is plugged to a security mainframe monitored 24/7 by professionals. So for a start, even if top agencies want to break into that... ... IMPOSSIBLE. From there, data even from ground Ukraine battles can be obtained real time with lite instructions. Which also means any games with malware can't be saved to the sensitive unit without being totally blocked. Hehehehe... ... If you are working as important role in your company, such as a CEO, you will have to have setups like mine before states get to capitalize on your moves. All the equipment pinged-able by agencies are all none important low classified stuff that I can give out for free or not as if government agencies don't already know. So... ... it can be avoided. Hahahahahaha... ... ... It is no wonder too why I can be so reckless. Kekekekekeke... ...
I privatly asked this creator to talk about it over on twitter and been commenting about it every niw and then on his videos to get as much attention as i can but not seem to be annoying, might not be just me thou but im glad it's being brought up as it's not an nice scam since once they get your discord account, they will delete every discord server you own, target your friends, family and also try to use any bank information on the account to scam you of hundreds of cash, i was lucky to have 0 in my bank so all unauthorised payments failed but this situation coulda been alot worse if i was even more naive, especially if one is not fully aware what a scam is or know how to detect it without thinking about it.
I remember this guy sending me a download like for a "game" they made in my dms, I actually nearly downloaded it, but when windows warned me, I decided not to risk it, and cancel the download. Edit: meant to type link lol
my friend got hacked by those things and send me that suspicious thing but i replied with "i'll try it later" and when i heard the news about him being hacked i was in a relief
yep i had this with a friend over steam once. there were two major red flags tho. first off it was about a csgo tournament and the dude doesn't play csgo. (i immideately went to his profile to check) and the message was in english.. yet i went to school with this dude and he knows i'm dutch
As someone who was a victim of this hack (I was unaware of this before I got hacked, I’ve since gotten my account back), I don’t understand why people do this. It took me almost a month to get my account back and some people probably can’t get their accounts back. I’m so sorry for those who fell victim to this
i think he singlehandedly boosted the game's sales by a bit more; I bought it too because it legit looked fantastic, just to support them because nobody deserves having their hard work tarnished and abused by assholes.
@@iamxeracon that works until your friends get hacked somehow so it's best to always be vigilant. But yes, I've turned off messages from non-friends too because of these scams for the most part but also spammers as well
@@santosicIf its someone i dont know irl then i always ignore the links and any weird sht they try to do, if its someone i do know irl, then j message on a different platform or just call them
I fell for this a year ago. I got a DM from someone asking if I could test their game called "Skyline", they weren't offering anything, they just said they needed someone to run their game. I immediately thought that this was a fan of my channel (I have a small channel) and so I obliged. I ignorantly downloaded the malware onto MY MUM'S LAPTOP, extracted it and tried to open it. However, my mum's anti-malware software blocked it, which I think might of blocked it from stealing my shit since nothing weird has happened to my accounts in the past year. I got super pissed because I still didn't know it was a scam and tried everything to get it to run. It never did. I ended up giving up, feeling really upset I couldn't run what I thought was a fan's game. then I recently found out it was a scam and felt stupid
i fell for one similar to this, though i was promised nothing in return. i don't typically fall for stuff like this, but the game they had sent genuinely looked good (i still wonder what the actual game was). i even scanned the game file and there was no malware or virus' detected, but sure enough, the second i opened the game my computer completely shut off. i had over $1000 of charges to multiple cards, all my accounts were changed, and ultimately i ended up losing really valuable photos and videos because i got locked out of my personal instagram. it sucks, but you learn.
same happened to me, someone said me to review a game, i scanned it and found nothing and when I opened it was a malware. though my accounts didnt get hacked cause I immediately noticed it was a malware and changed every accounts passwords
I am not into these games, I don't do discord and stuff, just interested how not to get scammed and reading comments. One youtuber analysed one phishing scam and explained that some are quite bulky, there is a malware code hidden among a lot of zeros and irrelevant bulk, that even the best antivirus won't bother with like 300MB file and just skims through, very likely missing the malware bit hidden inside. This is how sophisticated the bastards are getting. Hope it helps.
Yeah it really sucks bc these things can be so inaccurate bc it hides the fact its malware so the websites dont pick it up. I would try multiple websites but even then you still cant be sure
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
THIS LITERALLY HAPPENED TO ME A MONTH AGO! THEY USED MY FRIEND’S ACCOUNT THEY STOLE TO GET MINE! (fortunately though, i got it back and re-enabled 2FA with a different password. my friend got his account back too)
If they know your email and old password, make sure to keep any account u have linked to the email that u use on your discord account safe. You never know
Thank you for spreading awareness. I am fortunately not in any big servers and only got a select few people on my friendslist that I know very well and trust. I also always have it set to not allow messages from people that not on my list. I also never store any passwords in my browsers. That said; I also wouldn't fall for a stranger sending me a link to something, anyway. Waaaay too sketchy. Even then, it still isn't foolproof. I once had a friend message me some weird shit, including a link to something. But since I know everyone in my Discord really well I instantly knew that wasn't him. Called him up to tell him his Discord must've gotten hijacked. He confirmed, naturally, that he did not send those messages and immediately changed the password and deleted those messages (they were sent to all his contacts and also in every sever he was in, which was already another far too obvious red flag.) Sadly, he's very oblivious in regards to this kind of stuff so it's bound to happen again.
Man scams like this always annoys me a lot because it highlights that downloading random games from the internet is always risky. I have a lot of fun playing a bunch of free games from new or small developers, but at any point it could be malware... Of course I'm not dumb enough to download something sent via a dm or promises to pay you to play it.
Man this seems similar to a possible scam I ran into awhile ago. A somewhat friend dmed me asking me to beta test their game and play with them cause they have nobody to play with. I was down with it at first but realized it wasn’t on steam and instead a game I needed to download off a browser so I instantly backed out from doing it. They kept trying to pressure me into downloading it even after telling them over and over I wouldn’t. I told them I have a phobia of computer viruses so there’s no way I’m clicking or downloading anything from a random link. And that’ll I’ll only play it if it’s on steam since I can trust that. I think my paranoia/phobia saved me from a scam/virus.
Id love to see someone with python code experience to dig into the files and find out where stolen info is going, and then flood the server with random gibberish.... Nice video, always handy to know of such scams like this
This is the exact type of discord scam that I fell for a few years ago, and I've had anxiety because of it ever since. I'm very happy that you're informing more people about online scams so that they don't have to go through the same things that I experienced (and am still going through). :) I know comments like this can sound generic, but I genuinely appreciate the work you're doing for free to teach us how not to be goofy little dum-dums that get themselves into trouble on the internet! :D
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
@@ayansa5254 I reset all of my passwords (as you also did), and I also activated Two Factor Authentication on everything I could. On the infected device (a PC that I share with my brothers), all I did was to delete all files that I could tell were connected to the malicious program and I also did a few full Windows Security device scans to remove any remaining threats. I never even had to reset any of my data. The worst thing that happened was that the program locked me out of my Steam account by changing my password and the email that was connected to it. Thankfully, I managed to log back in and undo everything with some help from my dad and one very stressful evening. Please note that the malicious program that your laptop was exposed to most likely did different things than the one mine was exposed to, and I'm also not some tech expert, so don't take everything in this comment as pure fact. Also - it's normal to worry that the program may still be affecting your device after you did everything you could (I had very severe anxiety because of mine for over a year after the incident), but I don't think even the most well designed computer virus could bypass a hard reset. If you do still see odd things happening on your laptop or to the accounts that you were logged into at the time of the incident, I'd recommend reaching out to an expert in removing such malicious programs. I hope this reply helps. :)
Welp i fell for this scam as well and i was devastated but luckliy i have my friend who knows this stuff and told me about this that i reset password everything even format my laptop but it was the ultimate sacrifice
I very much dislike these hackers, because i actually do want to be a game dev, and i hoped to use my friends as testers, use them to test the gameplay and search for bugs.
If this does happen, at all, remember, if your friend doesn't major in programming, game development, or not in the work field for that, do not trust it whatsoever.
This actually happened to me. I was running servers back then and my friend got hacked and I got tricked by this same thing when the hack was BRAND NEW. I was one of the first people to fall for this hack
And all it takes to prevent stuff like happening that is to just not click on suspicious links. *That’s it.* Browsers can indeed protect your passwords from hackers, but absolutely nothing can protect them from _your_ own stupidity. If you really want to get some cool new games from individuals online like these poor folks did, just get some friends IRL. At least one of them is GONNA be an avid game developer (much like my doppelgänger James Bolding), and sooner or later, they’re gonna PM you with a banger of a title for the YoYoGames platform or even Steam itself. Total strangers are just gonna screw you over under the guise of giving you unbiased advice and feedback, just trust me.
The trick to this one is to run it in Windows sandbox or some other virtual machine (without logging discord or anything else into that machine) so it can't steal anything, then come back to them and be like "Okay done, the game sucks, but I ran it and none of my accounts got hacked. Can I get the Nitro now." they of course will not give it to you, but I absolutely revel in making scammers and script kiddies look stupid! It's like playing a game of social chess where the other player doesn't realize you are also skilled, and the more spectacular the checkmate, the better.
They don't steal your passwords but your session token to bypass 2fa that is happening on some youtuber. You need to logout to before the attacker change your security details and expires the session token. Those password would be useless to them if you have an 2FA or hardware key since you'll just get notified and change your password again.
Ah dude I remember when someone tried this on me a long while ago, I was actually stupid and tried to run it cause it from an old friend (and I like to have thought before this I was pretty on the nose and could see this stuff coming a long mile away), but naturally it failed cause my antivirus caught onto it, and when they told me to bypass it... Yeah I knew something was up then and just said I couldn't, before I knew it they just left me alone
@@NecronHandlee Not to mention the account that was your friend's could have easily been hijacked, likely from the same type of scam, that'd then just spread it on the attacker's behalf to anyone on it's friends list
as a game dev I suggest not trusting a random site. the only sites I suggest trusting are Steam, Itchio, Gamejolt, Humble, Gog (Good Old Games) and Indie Game Stand. Now Listen, You're not 100% safe on these, However there's never 100% safety when using the internet so take my words with a grain of salt since they CAN have a few malicious games but it's less likely on these since the are heavily moderated on what gets approved and what isn't, with gamejolt being the least safe at about a 70-80%. Moral of the story, if you want games don't trust sites like CDkeys, Cursed Beta, ETC. they can and most likely WILL steal your data.
I'm watching this because I literally just got hit with the same scam. It was passed to me from someone I know who DOES develop games. I've never fallen for stuff like this in the past but now... I'm stressing up to the eyeballs. I'd consider myself computer literate but this is waaaay past my ability level! I have no idea what to do. 🤥🤯
The messed up part is when they hack your friends discord and are messaging you from their discord with the game link and are specifically game developers and in several game development servers, so you believe them. ;(
It wasn't even the sketchy website that 100% revealed the scam to me, it was the fact that the "Game" was only 50MB lmao, even pixel art games aren't that small.
I almost fell for a scam like this, but it was a google drive link instead. It was one of my guildmates on wow, who I'm guessing was hacked or somebody impersonating him. I was too lazy to even download the "game" and kept procrastinating lol. My memory might be a bit hazy of the exact details, but who knew simply me procrastinating and being too lazy to even download it would save me lol.
I’m working on a JavaScript thing for my friends, to show them how easy it is to get hacked. They type in a command in the console and it outputs your complete Roblox token.
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
@@ayansa5254 These viruses are normally located in the temp folder. Open your laptop, press windows and R, then type %temp% and delete EVERYTHING in the folder. (This is safe, it is only where temporary files are stored.) Sounds like you did everything else I did, and I can understand why you're cautious. Get a antivirus like AVG or Malwarebytes, and keep an eye on your email to see if anyone signed in to anything. Hopefully you can figure this out. Sorry this happened, I know the feeling.
Saw this recently with two different games - "Return Thieff" masquerading as Sabotage's "The Messenger", and its prequel, "The Word Souls" masquerading as (also Sabotage's) "Sea of Stars". THANK YOU for making this video. You are a life saver.
That was the only scam I ever fell for. My cousin sent me that and I was extremely sus about it, but did it anyway. I got banned everywhere (2 servers I was in). It didn't do much damage since I don't have a social life.
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
@@ayansa5254 if you erased all your data from the drive ure probably fine, unless the virus put itself trough the network but I really doubt itd do that. I just changed my passwords and did a clean install since then and had no problem.
I had gotten hacked from something like this before. Someone DM'd me from a server I'm well known in asking me to help test their game. I was bored at the time so I decided to do it. Just to be safe though, I checked the file and it said it was all clear but surprisingly, it was a scam that steals your discord account. It was basically this same thing but instead of taking every password, it just took my discord password. Luckily I was able to get my account back but yeah, the type of scam I got was quite well done since there was no trace of any type of bad thing in it. Either it was very clever or I was just being an idiot. I was probably just being an idiot lol. Edit: The one I had gotten was a few months ago. Surprised it's still happening.
I just got the same and he trolled me showing all my emails and social media accounts, im panicking, just shut off my computer and removed the battery and tried changing all my passwords this stuff is terrifying
Gotts love how all I'm hearing is how everyone's anti-virus stopped it from happening or they somehow knew it was maleware, yet here iam fucked with no way of figuring out how to fix this...
As someone who fell for this, I will explain how to swiftly remove the guy's access to your account; 1. Keep talking with the guy about whatever it is he wants. If it's even an option. Play for time. If it's not possible, you're screwed in the first place. He won't take over your account unless he gets something out of you first, or at least that's what happened in my case. 2. Reset the password for discord as quick as possible, to your main account and any secondary accounts you might have. 3. Change the phone number to your account as quick as possible. 4. Change the email to all your accounts. They can take over that somehow. 5. Change anything else you might deem necessary. At this point you are free to drop the guy who stole your account and just go about your day. Relax, go for a walk, hell, sleep. I know I did after I was scammed for the first time with this scam... Other than that, be weary and expect what the guy will want from you if they do get to your account. In my case he wanted money, and a lot of it. But he got mysteriously quiet after I did all the steps above, and I got no response from him till this day. On another note, keep in mind that they can somehow take over your more important things; The guy accessed my browsing history somehow, and claimed to have my credit card info (he didn't). Stay safe out there, cheers.
I just fell victim to this scam. What did you do to recover from it. I changed all my passwords and Gmail and also hard reset my laptop but I feel that my hard drive might be permanently affected. Any advice?
yeah... i just got hacked by this very hack yesterday. (i was not offered any pay for clarification, it just looked like a good game) i am definitely going to be watching your content from now on for the better of my own damn account
Well, that's a good observation but I really don't see why attackers make it in that case. Just to believe the victims that it's a legit software and they ensure that only humans and not some random bots run the program?
@@ThePhysicsWorm Its for antivirus, alot of antiviruses nowadays scan downloaded files, and if its not harcore obfuscated it will block it. But a password protected zip passes through this restriction
This happened to 3 people i know, after they downloaded a game, they started spamming the game link, this was the hacker, he first started saying it was a friends game, and now he's using the hacked accounts to say its their game to make people believe it's real, and he's also nuked a server using a account that he hacked, and he's also saying the n word
I unintentionally caused the scammer to block me because I bombarded him with questions about his games artstyle, concept art, what genre, what's the focus on and he just gave up Lol
Someone sent me something like this a year ago (though it was just a straight up .exe file via CDN) and I ignored it. This video motivated me to run it on a virtual machine (thank you for the suggestion!) and it turned out the "game" was spyware lol. Reported it to Discord, thank you for the template too.
I'm so mad because I actually fell for this. It was such a headache to deal with the aftermath. I know better and I for some reason just wasn't thinking.
Same bro😭 The dude even added my second account on the account he hacked from mines nd told him ik it's malware, then he tried to tell me too join them and he'll teach me how to do it. I was like hell nah 😭
I saw that exe icon and i had fucking war flashbacks from when i was hacked by this shit. A person i used to talk to (someone who was also a programmer) reached out. It wasn't a bot either, it was a real fucking human being who had hacked this persons account messaging me. The guy also got my card info so this ain't a fun one. Had it not been from an old programmer friends account i wouldn't have fallen for it
I wish I had watched this video before. I'm on the internet for nearly 2 decades and I never fall for any scam on the internet because I'm very cautious of what I'm downloading and who I trust. But unfortunately that scam happened to me because the website of the fake game was very convincing. I reseted my Windows via bootable USB, changed all my passwords and enabled 2FA on everything I could. Be careful out there guys!
You should never run malware as Admin, even on a VM. 🤦♂️ Popular loggers such as Creal and Empyrean can bypass virtual environments. As can RAT's like TheFatRat, EggShell and Quasar. I'm just some random so feel free to ignore me but I'm just letting you know, nice video. 👍
a VM hiosted on a webserver is fine tho as all it would do is infect other servers in said datacentre.....which would put the distributer of said malware in a world of hurt....(large companies can sue you til your homeless)
I don't really know that the virus will run in the background, run on startup or not, but if the developer of the virus enought smart, then he just create a startup entry in registry, and a legitimate tool will upload the cookie files to somewhere, even if you deleted the virus. But if you want to analyze it, you can use a debugger, like X64DBG, also IDA Pro, i more like X64DBG.
You underestimate the power of social engineering. Doesnt a random nobody telling you to download and play a game sound sus? Now, imagine if it was your best friend, who just found a super cool game and wants you to play it? For a lot of people that gives a sense of security and they don't stop to think about it, and that's the hook.
@@CirnoFairy okayyy first of all, u would know, NO one talks like the scams. Also like i said, discord accounts are rarely worth anything. So stealing them would be useless. They should just go to stealing youtube accounts, since their emails are linked to ALOT of stuff
Now i got a question. Does double clicking on that malaware also runs it as administrator or does it not? This scam happened to me twice and i fell for it the second time yet did not run it as administrator. Luckily i don’t save my passwords on google so i’ll try to check if there’s the malaware on my pc to delete it. Thanks for this super useful video NTTS
Double clicking it does not run it as an administrator, however if you are infected or were prior, I would highly suggest resetting passwords, resetting the machine because it's likely you are part of a Botnet.
i recently fell for such scam. An old friend of mine messaged me saying “hey, could u play this game? *link* it’s my friends game and it’s his bday”. I downloaded it not thinking about the consequences. Next thing i saw is my discord logging out and tons of email about a changed password rushing through my email. I’m sad that video didn’t exist at the time.. 😂
friend had this sent to him, he was about to run it but I said I would first not knowing it was malware. was a pain to deal with (the sender had the gall to message me on discord after I got my account back) and while I recovered my accounts, I am glad I ran it instead of my friend (they know basically nothing about computers) the reason we thought it convincing was due to the fact a friend of his sent it to him.