I Bought 25 Million Computer Viruses

Подписаться 16 млн

Просмотров 1,3 млн

50% 1

Thank you ThreatLocker for helping with this video. If you want to learn more about Ringfencing and how to protect your network, start a free trial or book a demo: lmg.gg/TLock
We bought an external 8TB hard drive filled to the brim with malware from a faceless group of researchers known as VX Underground. What is on it? What can we do with it? What are OTHERS doing with it? Big thanks to smelly and lil cheezer for sending this to us.
Discuss on the forum: linustechtips.com/topic/15751...
Try Any.Run Interactive Sandbox app.any.run/?...
Purchases made through some store links may provide some compensation to Linus Media Group.
► GET MERCH: lttstore.com
► GET EXCLUSIVE CONTENT ON FLOATPLANE: lmg.gg/lttfloatplane
► GET A VPN: www.piavpn.com/linus
► SPONSORS, AFFILIATES, AND PARTNERS: lmg.gg/partners
► EQUIPMENT WE USE TO FILM LTT: lmg.gg/LTTEquipment
► OUR WAN PODCAST GEAR: lmg.gg/wanset
FOLLOW US
---------------------------------------------------
Twitter: / linustech
Facebook: / linustech
Instagram: / linustech
TikTok: / linustech
Twitch: / linustech
MUSIC CREDIT
---------------------------------------------------
Intro: Laszlo - Supernova
Video Link: • [Electro] - Laszlo - S...
iTunes Download Link: itunes.apple.com/us/album/sup...
Artist Link: / laszlomusic
Outro: Approaching Nirvana - Sugar High
Video Link: • Sugar High - Approachi...
Listen on Spotify: spoti.fi/UxWkUw
Artist Link: / approachingnirvana
Intro animation by MBarek Abdelwassaa / mbarek_abdel
Monitor And Keyboard by vadimmihalkevich / CC BY 4.0 geni.us/PgGWp
Mechanical RGB Keyboard by BigBrotherECE / CC BY 4.0 geni.us/mj6pHk4
Mouse Gamer free Model By Oscar Creativo / CC BY 4.0 geni.us/Ps3XfE
CHAPTERS
---------------------------------------------------
0:00 Intro
1:52 Is this dangerous?
2:55 Borat
4:55 We're in
7:53 How does these rats do so much
10:30 What about Linux?
12:28 That's a little scary
14:25 How to protect yourself
16:38 This is almost too simple
19:38 Who is doing this?
21:18 How will we use this power?

Наука

Опубликовано:

30 июн 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 2,1 тыс.

@cloroxbleach7262 2 дня назад

So the hacker doesn’t actually see a black terminal with fast moving green text 😔

@benwu7980 2 дня назад

That's only meant to be within the matrix, but there is a lot of customization of terminals on linux, so is easy to mimic.

@pedrus357 2 дня назад

No. In this case the hacker developed a GUI in visual basic to track the victims IP.

@Karl_Kampfwagen 2 дня назад

They do if they appreciate high contrast with low backlight, and less eye strain. It's not the Default, but I set my Command Line to display Green on Black, for authenticity, aesthetics, and aforementioned benefits for both human eyes and display devices

@samlevi4744 2 дня назад

That’s advanced hacking.

@SuperFizzah 2 дня назад

He's not a true hacker, so he hasn't unlocked that yet.

@deleted-something 2 дня назад

Me when I lend my computer to my friend for 2 seconds :

@ai-sponge-rehydrated-clips 2 дня назад

Real

@yep3584 2 дня назад

REAL ASF

@wlaznydominik 2 дня назад

real

@AndrewPCs 2 дня назад

NO NOT REAL it’s ur little cousin wanting free robux

@Goldomnivore 2 дня назад

But I just wanted to upgrade your RAM

@vamsterr День назад

"If we get infected, I dont own the company" is such an on point statement about company security and why its so hard to keep the weakest link from nearly always being the human element.. people dont care much if its not their stuff

@LuxuryNoCap День назад

this is true. We will never get paid enough to truly care.

@adammiller9029 День назад

The reason human's are the weakest point is because they are human. Its not about 'caring', humans can't be programmed. They're squishy water blobs they behave unpredictably even when they actively desire a particular outcome and have been trained on it. Humans are prone to things like errors and stress where as cybersecurity tools less so. Human could have a raging hard on for the company, that isn't going to make them a stalwart defense against a skilled social engineer attack.

@vengefulrat3053 День назад

I think the more realistic POV is that the average company person, secretary or whichever can cause the infection, doesn't get paid enough to give a shit about the company.

@ghomerhust 21 час назад

if Denis Nedry had been paid a better wage, Jurassic Park would have worked, at least for a little while until the frog DNA kicked in.

@maegnificant 10 часов назад

The problem is, that people have forgone every sense of pride in their work. @@LuxuryNoCap

@NosyZRosie День назад

I got into ITSec in ~2016 and even went on to study it in college. Currently work as a SOC Analyst (Security Operations Centre). VXUG, Smelly and staff do great things for the ITSec community. Love that you made a video on something like this. I can honestly say it's just the very tip of a iceberg that keeps getting deeper.

@Reeceander День назад

Hypothetically, if i had stuxnet, duqu, flame, zeus etc. Would my pc be at risk if i don't open any of the files within? I've got a magnet link if your'e curious too.

@Andytlp 22 часа назад

Just practice safe browsing and downloading habits. Haven't got my os wrecked for over 10 years now. Either im getting better at avoiding things or o.s, browsers and all the adblockers/script blockers are actually doing what theyre supposed to. What do you think future holds. Hostile a.i wrecking things on the internet. Or read only devices with writing or changing of settings disabled for anything that isn't 100% screened.

@PoulWrist 7 часов назад

So why is your profile like a spambot?

@Reeceander 6 часов назад

@@PoulWrist Hey i've never noticed this before - that profile has recently changed, since i first replied. Links have been added to bio etc. Do bots take over legit channels if they get enough upvotes?

@draconian_torch6251 2 дня назад

I work as an IT technician and this is hands-down one of the most interesting videos you've posted in a very long time. Absolutely invaluable for a quick look into how things are changing in our digital landscape on a daily basis.

@deltasixgaming 2 дня назад

Cybersecurity needs to be looked at a Lot more especially since our lives have so much tech in them now

@TheW83 2 дня назад

My question as an IT tech is why this borat rat looks way more useful for actual user troubleshooting work than any of the software we’ve used.

@TheDeadeyeDuck 2 дня назад

yeah definitely most informative from even just a consumer standpoint as well. As someone who lost a GPU to a cracked Win10 a few months prior I've recently been learning about a lot of this stuff.

@KenS1267 2 дня назад

@@TheW83 I'd bet serious cash that somewhere along the way it was developed by pros, probably the Russians. That's been the biggest issue in the current cybersecurity "landscape" there is a lot more money behind the bad actors than there is behind the white hats. As soon as companies started paying ransoms we were all screwed.

@atl6s 2 дня назад

@@TheDeadeyeDuck "lost a GPU to a cracked Win10" there is so much wrong with this anecdote that i believe you should stop using computers altogether.

@Pisty. 2 дня назад

I didn't know you guys were tapping into the horror tech genre...

@EarLoaf 22 часа назад

Real

@yahiaahmed5382 21 час назад

وه

@eros4510 День назад

Malware analyst and digital forensics analyst here, super pleasantly surprised to see LTT do a video on my job and VX underground. They're one of the cooler parts of the info sec community. Very good surface level explanations on lots of different concepts here too!

@dj_chateau 10 часов назад

Hard disagree. LTT is not part of the infosec community. Linus repeatedly has scare-mongered about the tools we use often and engages in clickbait said tools. This is just another video of him chasing a trend. This man has no business covering security considering he can't even get his own security in order in-house.

@JoshuaHaglund 2 дня назад

Back in the day, I discovered 45k-50K instances of the Nimda worm on the college campus network. I notified the professor of my findings. Shortly after, the Network Admin was let go for downloading "stuff".

@username8644 2 дня назад

Never understood why people download that stuff when you can stream

@atomictransfusion 2 дня назад

@@username8644me neither but maybe that was before streaming

@Dynamicdrifting 2 дня назад

Wtf did he download 💀

@dominicharvey6048 2 дня назад

what does that mean?

@fios4528 2 дня назад

@@username8644 this is a very sus comment if it's what I think stuff is

@stretchx 2 дня назад

The guy you mentioned, Marcus Hutchins, who defeated the wannacry virus has a RU-vid channel and makes very informative videos on Cybersecurity and I.T Security in general. If you are doing any more videos like this, you should have him on. He is really interesting.

@ridderjaim3 День назад

Wait, no videos about how to do credit card fraud?🤣

@kimag3324 День назад

This would legitimately be one of the most interesting collaborations of all time. Marcus is super knowledgeable on this kind of stuff and the guy is quite literally a gold mine of information

@MalwareTechBlog День назад

👀 hi

@moldytexas День назад

@MalwareTechBlog bruh....

@Dogboy91 День назад

The man, the myth, the savor of the internet and all IT desks. He was summoned.

@PoppyAnstey День назад

Honestly, that moment of silence followed by: "Anyway... good luck" is both hilarious, but very successfully portrays how genuinely concerning a lot of this stuff is. In some ways, it gives me the same kind of feeling that I get when I think about the reducing efficacy of antibiotics. Obviously not quite the same, but both give me the same kind of feeling.

@Gren4te 20 часов назад

You can see the realization set in when he said “O I’m not worried about that. I’m worried about the zero days.” Linus was like: “oooh shit there is nothing we can actually do”

@ImMrLegitMate День назад

Viruses are getting scarier and scarier nowdays.. Really good video to teach people to be more careful on the internet!

@JereVali 2 дня назад

I work for a company I can't disclose, and work in environments that use ThreatLocker. I can swear that ThreatLocker is very good at what it does. Including stopping Microsoft from running it's own software because how it handles some parts of it's programming can look fishy.

@Nelo390 2 дня назад

God bless the IT-Furry community

@realgoose 2 дня назад

@@Nelo390😂😂

@FlyboyHelosim 2 дня назад

Cool story, bro.

@ShadowByNine 2 дня назад

That's probably one of the strongest sales pitch for threat locker, "it stops Microsoft programs"

@BurntFaceMan 2 дня назад

As someone who deals with our companies own tools constantly NOT working because of firewall/software like this I can confirm it is good at doing its job, but also great at stopping other people doing theirs... Constantly stopping Macros from running on excel docs that reports teams have run for decades, all because mircroshit decided to make them all online ... for some reason. The only true virus that exists is MicroSofts "new idea" team. they infect the world every new release.

@0xZ0F 2 дня назад

5:40 The UAC (admin popup) bypass hasn't been "patched" because there is nothing to patch. It is trivial to bypass UAC on a default Windows install. This is an interesting thing to research, but here's the TL;DR. A long time ago people got annoyed by having UAC popup for everything. So, Microsoft made it so UAC only pops for some actions, not all, by default. Unless you manually restore UAC to it's full control, most people would consider it useless.

@Raivo_K 2 дня назад

God i hated UAC when it came out with Vista. I loved Vista but hated UAC. Even tho Win 7 and later versions toned it down i never re-enabled it.

@yumri4 2 дня назад

@@Raivo_K It is useful to prevent unwanted admin actions. I am on 10 and i think the only times it comes up is when i am running unsigned code. I kind of run a lot of it since no one has time to sign all their code on git hub. Other than a few servers that mostly came from the pip and git commands i have not seen it in a while. Installed everything and now as i am not installing anything anymore nothing seems to trigger UAC but some github projects when it is set to default on windows 10.

@zNoah 2 дня назад

I use an standard user by default, then use an admin user whenever UAC comes in. No point on bypassing UAC if the user is not admin xd

@blubblub3786 2 дня назад

Now that I think about it, I was doing that too at some point. I was working on some automated scripts and I figured out how to disable UAC, spawn my shell and enable UAC again after. I was using registry edits too... It did need to be run by an admin user tho, so on corporate pcs that would likely do nothing. Their apporach seems to delegte the shell execution, so it might actually be privilege escalation.

@MtnNerd 2 дня назад

The frustrating thing is you still can't whitelist specific programs. It would be trivial to give it full control if you just had to click it the first time you opened a program. And default Windows still pops up every time I want to play a Steam game.

@casey360360 День назад

I helped a company that leased systems for medical use develop tools to lock down their equipment remotely in the event of an attack. I was an intern there working on hardware, repairing circuit boards and testing cables/peripherals, they had me take a couple of the most popular systems including a dell latitude business tower and a Lenovo thinkcenter mini and had me desolder all of the networking hardware from the board. It was a stupid fun project. 10 years as an automotive mechanic and now I'm getting my BS of computer science in cyber security and computer forensics because of that project!

@mcash2189 День назад

the truly scary part about this is not that the threat actor can take control of the infected system but that they can plant files on it I mean if possession is nine-tenths the law how exactly could you convince someone that the files on your computer are not yours

@stackedpringles5714 2 дня назад

Me just chilling with my neuralink. Linus with 25 million computer viruses:

@iissss9847 2 дня назад

The brain will explode.

@nickcps2000 2 дня назад

you got Binden'd!

@SamuTheFrog 2 дня назад

@@iissss9847 Probably not. The wires are insanely thin, they can't push a signal strong enough to do anything. They're just sensors. Pretty simple sensors too, they just pickup the electricity from the brain. I'm not really into them being able to read, see, hear, and decode all my thoughts buuuuuuuuuuuuuuuuuut still. Nothing would happen with how the device actually works. It's pretty interesting.

@wowyoupunk333 2 дня назад

@@SamuTheFrog🤓

@attackrobotics7009 2 дня назад

@@wowyoupunk333My boy is making fun of someone for being informed. Couldn't be me.

@MarekNowakowski 2 дня назад

why does small malware offer more useful options than real apps on windows?

@tannermccoolman4647 2 дня назад

One time I discovered a C99-style backdoor on a server I was maintaining. Instead of deleting it, I just password protected it. It was honestly so useful because it had a ton of features and they were all very easy to access. The serious answer to your question though is that this is software made for customers with lots of alternative options, so the better the UI is, the easier the sales pitch is.

@TheW83 2 дня назад

That was my very first thought on seeing all the options. It all would be so useful for fixing remote user PCs.

@CheapSushi 2 дня назад

Heck, it even comes with a better UI/UX experience with clear buttons & options instead of massive negative space and multiple pages.

@Xusemeh 2 дня назад

because it is built by the user

@bgezal 2 дня назад

Microsoft has been sued so many times for making software that competes with 3rd party software so they just leave everything half baked. Apple can bundle anything in mac-os without complaints or lawsuits.

@aesync День назад

This is the first time I watched the whole sponsor segment because it was actually pretty interesting to see how these products work!

@Trainguyrom День назад

Enterprise-grade antivirus is genuinely pretty cool. At a bank I worked at a new sysadmin downloaded some defanged test malware and we got to watch first as our Windows Server instances migrated the new files on the file server to its redundant partner, then to a remote site and then the redundant partner on the remote site, etc. and the AV identified and raised alarms to it every step of the way. So we knew #1 fileserver replication was working well, and #2 the AV successfully identified it and mitigated it every step of the way

@TheDexterousdrew День назад

You guys need to do more videos like this. Interesting, educational, informative, and fun. Great idea!

@Serofyte 2 дня назад

grandma's pc 1 second after using internet unsupervised

@ohioplayer-bl9em 2 дня назад

Copy of copy of copy of shortcut to copy.exe

@GeorgeWashingtonLaserMusket День назад

@@ohioplayer-bl9em Nana is that you?

@Essey209 День назад

Lindaaaaaaaaaaaaaa

@sloopypotato День назад

I guess grandma is on call with indian Microsoft technicians called Philip White

@d0gg0z 2 дня назад

super fun video, I do malware reversing for work; its cool to see a big channel like LTT giving people exposure to these topics in an easy to approach way. Great work! Hope to see more infosec type content in the future.

@tannermccoolman4647 День назад

I've been hesitant to touch stuff like this because I don't want to give the false impression that I'm a security researcher. I have a ton of respect for what folks like yourself do.

@kimag3324 День назад

This is probably one of the most interesting videos i've seen on this channel. Am currently studying software in university and had my eyes glued to the screen the entire time!

@LaughingOrange 2 дня назад

Security by obscurity should only ever be the first layer of defense. In itself, it is not real security, but it can help slow down attackers or help weed out weak automated attacks.

@Playingwith3D 2 дня назад

"I Bought 25 Million Computer Viruses." Yes, I bought a windows 11 key too. Don't feel bad. 😂

@zeendaniels5809 2 дня назад

Windows needs a bought key now? I didn't know... For how long has been that way?

@yumri4 2 дня назад

@@zeendaniels5809 since windows 1.0 so around 34 years. The thing is most computers come with windows already activated so you the consumer do not need to buy the key though you kind of already paid for it in the price of the computer.

@Cyberpunk_2023 2 дня назад

@@zeendaniels5809 Quite a few years now. Usually needed if you don't have a registered version of windows. If you have no OS you can still get the disc witrh a key, but there are ways to get unregistered windows, install it and then you buy a alphanumeric key to activate.

@yumri4 2 дня назад

@@zeendaniels5809 since windows 1 which was in 1985 so 39 years. The thing is most computers come with windows already activated so you the consumer do not need to buy the key though you kind of already paid for it in the price of the computer.

@Caeryllium 2 дня назад

@@zeendaniels5809 that's how they make their money

@PoppyAnstey День назад

Long term cybersecurity staffer here, maybe I’m dead inside after all these years but this wasn’t shocking to me… it’s a great educational video for those outside of the industry though. Great work guys!

@0Fate День назад

good for you buddy

@khakers2.099 День назад

hearting the spam bot :/

@Remmes День назад

lol go away bot.

@AarPlays День назад

Lmao hearting a prn bot is too funny

@EnnoGotthold1998 День назад

Thank you for this amazing video! It was beautiful to be educated in a video of this. :)

@_odd1ty 2 дня назад

You know its a serious ltt video when the background music completely stops, leaving this uncanny, uneasy feeling. "Am I really watching LTT. Where's the tunes???"

@repairman2be250 День назад

The music is scarier than the virus presented.

@ScaredDonut 2 дня назад

You should paint the drive red and keep it in a safe 😂😂

@fajaradi1223 2 дня назад

Especially before Linus about firing somebody

@zeendaniels5809 2 дня назад

That doesn't work, at all... Didn't you see Resident Evil? Yep.

@itsmileyy День назад

Won’t painting it red just make it go faster though

@demacherius1 День назад

its amazing how nice the backends of those tools are.

@videomasters2468 День назад

I feel like this is one of those videos that is so educational for people, particularly "non-techies" that it needs sharing far and wide.

@blackraen 2 дня назад

12:43 My manager started this whole fucking thing with the team about opening tickets for any software we downloaded and wanted to install, documenting checksums and validation, etc, what algorithms were acceptable and which would be rejected. An absolutely inane campaign lasting weeks. I kept asking to meet with him about it until he finally agreed and I asked him, "Imagine yourself as a theoretical threat agent that had managed to infiltrate our vendor's website data, packaged and prepared a malware payload. Now, are you going to just change the file? Or are you going to modify the website to update the checksum as well so it 'matches' your modified package?" A day later, we received an email letting us know that manager approval was no longer a pre-requisite for software-install tickets and we could complete the installs without waiting for a manager, as long as documentation was in the ticket.

@purewaterruler 2 дня назад

Wait that is so based

@shapelessed День назад

@@purewaterruler Checksums are only useful when the content you're downloading is hosted on a third-party website. People frequently do that because hosting your own downloads is CRAZY expensive, especially for small and/or open-source projects.

@dallysinghson5569 День назад

There are vastly less chances of geting something fishy from the vendor site via agent infiltration... What you'd more likely get is something that looks like the vendor site.

@adammiller9029 День назад

Its almost like... tools like app locker are a thing... And that there are reasonable ways of going about managing what users can and cannot install. You should just publish packages users can install and disallow anything else. Users shouldn't be allowed to install random crap, and service desk analysts who hardly know their butt from a hole in the ground shouldn't be deciding what is 'safe' either. Just... freaking manage it properly.

@Thomas_Needs_Coffee 2 дня назад

13:35 Linus' face to not alone LOLOL.

@JohnnyNubs День назад

As an old time computer builder/administrator, its very nice to see that you are letting us what the hell we are getting hit with. Who wants to venture into the dark realm just to learn about what your getting hit with? Not me! The strongest defense is knowing your opponents offense so you can counter react! Great job guy's, as i was nervous for ya just watching this clip.

@jacquesvanjaarsveld4017 День назад

This was a really cool vid, id love to see some more of these

@controlfreak1963 2 дня назад

Security through obscurity is just one layer of defense in depth. I had a client that hired a consultant to write a public utility SCADA system report. The utility then then stuck it on their public web site because "freedom of information". The document had a clear layout of their SCADA network with all IP addresses. This is an example of no obscurity.

@herpderp6255 2 дня назад

As another guy who works in SCADA at a renewables company. You have no idea how hard I’m laughing right now

@sean361 2 дня назад

As far as I know, FOIA doesn't create disclosure requirements for technical data deemed critical to infrastructure/operational security. In fact, there is clear language in FOIA (both Fed and at least some states), as well as court cases relating to this issue, that creates exemptions for such disclosures. Idk the exact organizational setting for your situation, but it might be worth looking into yourself if it's keeping you up at night 😅

@controlfreak1963 2 дня назад

@@sean361 My State has laws to keep some information from public view for public safety. This can be appealed to a judge for review but this type of document is easy to defend.

@dallysinghson5569 День назад

Why TF a SCADA of important is accessible on the internet is just beyond me. Ideally they should be isolated from the internet but I guess we have to connect up everything so the vendor can RAT in.

@kuhluhOG День назад

True, but it's really one you MUST NOT under any circumstance rely on it in any way. Especially when it comes to how networks are laid out, it's just more of a small annoyance at this point than anything else. Think of it like throwing a big paper towel over a tank for protection. It doesn't do a whole lot, but it's also not completely useless.

@MrCoconutMadness 2 дня назад

VX underground on LTT?

@acters124 2 дня назад

I wish they shouted out their website and asked viewers to donate. its a great resource and great to donate to researchers who are in the front lines of stopping these advanced threats.

@jan_harald День назад

@@acters124 well they did the next best thing, by showing the website (with url), and saying that it's available for free, but they paid just as a donation and it's understandable they don't want to directly give malware to people, don't want some kid RAT-ing the entire school or whatever

@duchyre День назад

@4RILDIGITAL 16 часов назад

It's both fascinating and terrifying how simple these tools are and how easily a system can be compromised.

@RivkaOwen 2 дня назад

The pitch meeting went something like this: “So, you know how we got one virus, what if we just get them all now?”

@Linealo 2 дня назад

You should do this again, but the other way around: Install as many AVs and other security software you have access to or can get access to as possible, run them simultaneously / in parallel and see how badly they fight each other and how bad the system slows down by actually "friendly" programs and "optimizers". If the system still works after that, use this archive and see how much of it is actually caught in the process vs. how it performed now.

@repairman2be250 День назад

My understanding was those virus files are not executables and the ones zipped up are password protected. That system probably joke itself and not run properly with that many AV and or malware scanners running.

@johngaltline9933 День назад

I seem to recall this video already existing, but it may not have been a LTT video.

@yashfiuqesybr День назад

@@johngaltline9933 @Linealo @pcsecuritychannel does this types of tests

@MLgaming805 2 дня назад

Me when I lend my computer to my grandma:

@Dezkoi 2 дня назад

favorite is the anti-virus thats a virus bomb.

@MLgaming805 2 дня назад

@@Dezkoi 😂

@MLgaming805 2 дня назад

My grandma will just be getting scammed

@Dizmo215 2 дня назад

Nope 😅

@bondjovi4595 День назад

Grandma..... Buy these stupid PCI cables! Now! 😆

@mark-sk3do День назад

Linus is right, with so many people wanting to stay on Win 10 past eol and not pay MS for updates then things could potentially get a whole lot worse

@ntkn День назад

it would be nice if these types of videos from youtubers, including linus, told you what to do incase you were infected. I get that once infected its too late and the best way is to just not get infected to begin with, but regardless there are still people that can and will be infected. So knowing the steps on what to do after an infection is just as important as not getting infected in the first place. If you dont know what to do then you can potentially infect others, including friends/family members and potentially reinfect yourself even after you THINK the malware/virus is gone.

@KnifeTheDark 2 дня назад

Cool to see a more cyber focused video - VX underground are probably one of the most sacred resources we have in the industry - the team there are incredible with what they do

@c2thew 2 дня назад

This was an amazing educational video. I bet you this helped some college level classes for the future. I appreciate the balance of entertainment and learning videos LTT does. It’s what makes this channel so enduring

@matthewhartin4725 2 часа назад

I would suggest setting up a small scale model of a networking enviroment of a typical office and show from begining to end how this works. I would love to have such a video to show as a demo to our employees. We are a hospital hat was hit by randsomware a few years ago, and being able to show people how these things work and why certain security measures are crucial would be a godsend. Might even make a small series or a few PSA's to spread the word.

@rasperss_5176 День назад

Awesome video. Shout out to VX and going beyond WiFi hacking and showing a nice surface layer of sandboxing and inspecting real samples of malware.

@bluegizmo1983 2 дня назад

What's really scary is that for every one zero-day that gets reported and patched, there are probably at least 100 zero-days that get sold off to nefarious individuals that go unnoticed and unpatched!

@modarkthemauler День назад

Yep, because if a zero-day is not used it's not noticed.

@miha493 2 дня назад

I'm confused and sad, because compared to other remote access software, like team viewer, this thing are lightweight, easy and fast to setup and super functional. Literally thinking about switching to this thing for my remote access.

@ichsasa 2 дня назад

nd with the source code of it you can remove All stuff what is scary so you can trust it more than in his current state xD

@Trainguyrom День назад

VNC is a free and open source protocol, so you could start there :)

@ImKevan День назад

Reminds me of SUB7 back in the day, but honestly, I feel like the UI on S7 was actually better, it obviously didn't have the same number of features, but then again, it didn't need them back then. Super cool video.

@snowcoi День назад

both Sub7 and ProRat were better for their time.

@jakobfindlay4136 2 дня назад

i think "Those that fail to learn from history are doomed to repeat it" is the right way to look at this

@jonjohnson2844 2 дня назад

We had something like Borat at college 25 years ago, it was built into a whack-a-mole game, you could do weird stuff like open the CD drive, put up dialogue boxes that said 'yes' or 'yes'

@nicholasneyhart396 День назад

I wrote something similar to screw with my uncle. Man worked in I.T. for 15 years and bragged about being immune to viruses, I had a dialog box that said Cupholder? Yes or Yes and opened his unused cd drive. It is terrifying how easy it is to make a similar attack.

@Sonyboj День назад

Back Orafice? (Yes that is the name of it) or Sub7 maybe. 2 old RATs from the 90s.

@jonjohnson2844 День назад

@@Sonyboj It was in the UK, I'm sure it was 'Net(something)', I've lost a lot of brain cells since then! Good fun though!

@Sonyboj День назад

@@jonjohnson2844 NetBus!

@TheElly750 День назад

This was an extremely interesting video. Prolly the most interesting of the past couple months to a year ngl

@EclecticNero 2 дня назад

I work in CyberSecurity and I want to add that keeping software and OS up-to-date is extremely important. Also, having a good sense of skepticism is essential, don't run executables you don't trust fully, don't always think messages coming from someone you know are legitimate.

@jeroenk3570 2 дня назад

Do you know if it make any difference if you work on a standard account without any administrative privileges? It seems like the save thing to do, but how do all these companies end op with encryption locked systems. The first thing any IT admin does is take away privileges.

@EclecticNero 2 дня назад

@jeroenk3570 It makes a huge difference. It's a lot harder to give admin privilege to malware when you, a user without admin privilege, try to execute it, despite UAC bypass, if you're using a non admin user, you'll get an admin login prompt. Some malware can still mess in your user files, but the extent of the damage is more limited.

@jeroenk3570 2 дня назад

@@EclecticNero Thanks, I thought so, but I just wanted to make sure.

@jamespendergrass1011 День назад

I won’t run the new windows update because I know it’s designed to gather more of your private information. They’re always updating their info gathering algorithms on their OS but now they fully fund LTT to do a whole video about it and send in a ton of bots or burner accounts to tell people what to do. These viruses always release quietly and journalists don’t report on them on mass so what if the development of these viruses purposefully target older OS variants so that you update to the newest one since I bet that code is developed by the company itself? I just be smart and leave my laptop off going into public. I also don’t accept or click on anything suspicious that crosses my field of vision. No investigation, no curiosity, no naivety. You know what? It works for me. Emails and calls are never answered because they’re obviously fake since my brain is trained on these patterns. No extra windows, no back doors to go through, they would have to come to my house in a van just to proximity hack me and even that won’t work. You know what other patterns my brain is trained on from being on the internet? The RU-vid algorithm and how it observes my comments and acts accordingly through RU-vid Adsense and every other connection it has. And you know what? If I see a single irregular response I’m absolutely not afraid to put my phone up to the corner where the wall and floor meet and stomp it into two pieces. My info is out there sure, but I’d rather get doxxed and see it overloading their servers just to watch their precious info trafficking money burn away. You know what we should actually afraid of besides hackers? Big tech companies with financial incentives to keep you dependent upon them for convenience and “free” features whilst they remain dependent upon your personal info for money.

@sohantanna625 2 дня назад

One of the best sponsors + video combo for real

@ApocApocrypha День назад

The scariest part of cybersecurity are the users, some never learn and still click every link or open any files they see.

@troygilbert1112 День назад

We use threatlocker at work, and man, it really is the best product out there. Even better than the product is the support and people behind it. Once you get this thing down its a beast.

@Benni1000games 2 дня назад

13:04 how did not one editor catch that? Passwords in systems like WP are not encrypted they are hashed that is a huge difference.

@PhillipParr 2 дня назад

12:55 This isn't a specific PHP problem, but will happen in any language where the developers are new / lazy / don't know what they're doing. It only seems more common in PHP because PHP is / used to be the biggest language most people started with. As always, when coding anything security related in your language of choice, make sure to research what the current recommended methods are because they change frequently.

@ccricers День назад

It's the common problem of a tech product becoming too popular and low/cheap barrier to entry. Just like how the Wii was home to tons of shovelware.

@tannermccoolman4647 День назад

You're absolutely correct. I'd go so far as to say that it probably wouldn't have been anywhere near the issue that it is were it not for WP themes. Design firms would get hired to make a theme, they would design something that looks really great, then they'd cut corners on functionality by having anything that couldn't be accomplished with ACF simply coded in house by a designer that knew just enough about hooks to be dangerous.

@dalemazza1 14 часов назад

Its also worth mentioning that modern malware has sanbox escapes built in. These can run checks to see if the binary is being ran in a AV sandbox and then not fire. For example windoes defenders sandbox's hostname is "HAL9TH" so adding a check to see if the systems host name is this then exiting without firing can help

@rednuttyguy День назад

I'm not too happy at the small section on wordpress. As a web dev, many people that don't know about this stuff could easily see this as "wordpress is insecure", but it's worth heavily pushing that the security of any piece of software with plugins should be treated like anything else. Don't install dodgy shit and make sure you trust the thing you are installing. Just because it's made for something, doesn't mean that company or project made it.

@Ram17722 2 дня назад

As a basic pentester that always wants to learn more about how exploits work and looking to learn about how malware is created, I learned so much in this video looking forward to see more videos related to cybersecurity

@iwontliveinfear 2 дня назад

So cool seeing programs I use professionally in an LTT video.

@bartz0rt928 День назад

A good reason to just in general have user accounts with very few privileges. Scary stuff, good job shining a light on it.

@axyomstudios День назад

Nice to see how some of this stuff works, I would love to see a comparison of antivirus software's with a selection of attacks, I know a lot of people already know 'insert antivirus company name here' and the likes are basically malware themselves but it would be cool to see in action!

@Stoner-Thangs 2 дня назад

I was randomly suggested here while listening to the song “Dupe - Mbappe”, good content 😅

@Th0rnTech 2 дня назад

The website of the company i work for got hacked using the exact backdoor linus talked about. the server was running an older version because our web-host was lazy but we all running the latest version now with better security.

@DoubleCTech День назад

I would love to see a video of you guys harding your security. I work at a school district and I am so scared of an attack. Especially since so many of the staff members would easily fall for a phishing attack.

@marioStortuga День назад

Being in cyber security in the data center level and other sectors, this is a pretty good video. Good job guys. Edit Hardening security video would be helpful to the masses. Please do that 😁😁

@quake3video 2 дня назад

TEMPLE OS! TEMPLE DRIVER TERRY'S 1ST TEMPLE

@lmcgregoruk День назад

RIP Terry A. Davis.

@tiestofalljays 2 дня назад

A simple program like Borat Rat would be incredible for family tech support.

@martinmethod427 2 дня назад

I mean... at that point you might want to invest into the software most schools use to monitor the computers the students use. These types of software are basically a toned down Borat Rat. That being said, It's a lot of power you're going to be handling, and you better be able to not let it go to your head.

2 дня назад

I mean you already have free to use programs like teamviewer quick support module.

@dreamy_33 2 дня назад

@@martinmethod427 borat RAT is actually just a skidded from another OPEN SOURCE rat called "DC Rat"

@Sonyboj День назад

Take a look at Screenconnect Free edition. THE best remote desktop program. Teamviewer, Anydesk etc is not as good.

@truthdoesnotexist День назад

especially if they give you a hard time

@gerowen День назад

So ThreatLocker does for Windows what Flatseal does for Flatpaks and let you micromanage permissions on an app by app basis. That's pretty cool.

@JulianBrown-w6q 10 часов назад

You guys need to do more videos like this

@kylek6922 2 дня назад

8:21 Did Linus accidentally quote Sasha? "Dirty wizard or homeless santa" was such a great line Sasha used... in Brüno lol

@JanPeterDeVries День назад

"accidentally"

@neonwolf9821 2 дня назад

Whoever was in charge of the glitching and the intro needs a raise! XD

@tausifjahangir День назад

Cyber bully: I'm going to hack your system. Linus: Let me know if you need help.

@Ericxx-yx4rk День назад

You should to do more videos about building unique PC cases. For example, my oldest child wanted me to build their computer to look like a Minecraft block (lava, if I recall), but I could only build their PC in a standard ATX case when I put their build together. I have no idea how to build something like that.

@adamsvette 2 дня назад

Cool. Definitely want to see more things with this. Maybe just make an entertainment focused video where two teams race try to hack each other. Like a scrapyard wars challenge.

@MaxxDJ29 2 дня назад

I bet yall could make a locking case that covers the power and data ports on that drive, greatly reducing the chance someone picks it up and tries to use it for something… maybe a FP vid?

@arthuralford 2 дня назад

Or, just lock it in a safe?

@SanitizeR_OW День назад

Remote access trojans are child's play. It is slightly unnerving to think about or watch be used, but most RATs get found out then their signature added to most if not all antiviral software engines, and stopped. Most people using RATs aren't "hackers" but rather scrubs who require the work to be done for them and they want to do things to single or multiple targets. If a RAT scares you, don't look into real/current viruses or ransomware. It's an entirely different level of control.

@sherlock_backs День назад

Dude, dont scare me, im paranoid enough already, man i hate my digital footprint

@TheSeanUhTron 19 часов назад

Air gapping doesn't work if your computer has built-in WiFi. Any sophisticated malware could just flip on WiFi and hope you're in range of some saved networks. And even more sophisticated one could try password cracking your WiFi network, or connecting to open guest networks.

@RedEvee 2 дня назад

i guess thats a HDD Linus is alowed to drop

@SilverSmrfr 2 дня назад

Love these videos with focus on security.

@2810Mad День назад

You just made me go check my current windows build an update anything necessary. Thanks!

@user-rs2lq6eo7j 2 дня назад

Id love to see AV’s battle the viruses

@happybunny1986 2 дня назад

More LTT, yes please

@kellymoses8566 День назад

enterprise storage arrays that support thousands of immutable snapshots make it very easy to recover from ransomware infections. You simply snapshot your LUNS every minute or 10. High-end arrays are even starting to use machine learning to identify the kind of distinct IO patterns ransomware causes, like reading and writing similar number of bytes but replaced normal data with much higher entropy encrypted data. This would also cause the dedupe/compression ratio to plummet. Infinidat support unlimited number of snapshots and have tested 100,000 snapshots with zero performance impact.

@snowcrash- День назад

Best episode to date. This is really cool.

@swordofdamoclesv285 2 дня назад

Possible video idea: try to brute force breaking through a ransomware using a crap ton of GPUs, or see what other tools exist out there for potentially defeating said ransomware

@L0rdskullz 2 дня назад

I hope you dive more into this. While I understand sponsors are mandatory, this video just felt like a 20minute ad. Would LOVE a more technical deep dive into this. How the viruses work, how the designers really get into the registry and find the back doors etc

@isaacbejjani5116 2 дня назад

That's kinda beyond the scope of what ltt does. You should check out the PC security channel if you want in-depth technical content relating to viruses.

@tannermccoolman4647 2 дня назад

I looked through a ton of viruses for this. The ones that were controlled by IRC were kinda neat. A couple of them swore at me in Russian and showed me a bunch of 🦆 pics. Overall though, there's only really a handful of variations. The exploit part of any virus is only a few lines of code as most, and usually just dropped into existing control frameworks. It's hard to make a video about it that isn't just a bunch of text on screen, unless we were to add a ton of animations. We don't have the resources to do animation heavy videos, unfortunately. I'm also hesitant to do any videos that imply I'm a security researcher. I'm not nor have I ever been a security professional, and I don't want people getting the wrong idea about that. This video wasn't my pitch, I was against doing it at first, but since I've got a background in programming and slightly sordid past I was the best candidate available in the writing department for it.

@sabatmonk 2 дня назад

@tannermccoolman4647 one thing you could also look into, and I think would be neat is the evolution of darkweb marketplace to be identical (even better) than web marketplace, with rating, pristine customer support, ease of use, etc. Hacking tools as a service is such a weird dichotomy that keeps me both impressed and up at night

@mrpekoni 2 дня назад

Sounds like floatplane content

@robo1000 День назад

That “alright, good luck” didn’t feel like it was just for Linus

@intheprettypink День назад

I seem to recall ThinkGeek used to sell a virus box that was more decorative than just a usb hard drive. Of course back then when they were still around, it was mostly just virus's or worms that would delete your data or cripple your system.

@Rick-vm8bl 2 дня назад

Tanner lost me when he started going on about PHP and encryption. Thats not a PHP thing thats a crappy programmer thing. PHP supports the exact same encryption methods as all major languages. Also eval is disabled out of the box on PHP. You'd have to knowingly modify the configuration to make use of it.

@Mmaaikel 2 дня назад

It’s a classic PHP bash without them knowing what they are talking about. Makes me question all their other points.

@sbqp3 2 дня назад

I wasn't aware so I looked it up. Seems like it's using bcrypt and salting by default, with Argon2 as an alternative. Seems very reasonable.

@mjdevlog 2 дня назад

well atleast now i know the whole base64 to eval can be done in python too

@deleted-blank 2 дня назад

What if I told you crappy programmer was the average programmer and something like php lends itself to the average more than others?

@perform1261 День назад

@@deleted-blank stop calling me out like this!!!!!

@DRocRSS2012 2 дня назад

This reminds me of "The Net" With Sandra Bullock

@imbored4192 День назад

I work for a car dealership and its interesting that this came out after the whole CDK hack taking down over 15,000 dealerships in North America. It's crippled us back down to the point of doing everything by hand and has a lot of people worried that dealerships can no longer safeguard information, not to mention there's only two major companies that provide that kind of customer database and control, Reynolds & Reynolds and CDK Global.

@oo-eo9pw День назад

The quickest way to get ratted is to try to rat someone else. If you see this, don't try to download ratting software because you think you're hackerman now. You're just going to get hacked instead.

@garybaldrick 2 дня назад

Colton sold you his PC?

@miriripunchie 2 дня назад

The cute setup is an eternal part of this channel now I love it

@Nixk490 День назад

Sandbox the entire new building you guys have, and let this thing loose on the network there and try to fight it in real time. Without just unplugging or turning things off. CSI style.

@lukebridger5395 День назад

12:12 - a better way to explain this: imagine your wordpress site asks you to upload a pdf file, but instead as an attacker we upload our .php file. A secured webpage would disallow a non .pdf file from being uploaded, but we're abusing the configuration in this video. Then if the website serves our uploaded file on a page we can access, we can load the c99 backdoor page.

@arc8218 День назад

Yeah i also think this, i wonder why they explain it a bit complex 😅 It's like ur wordpress site upload system doesn't have a limit so uster can upload everything to the server

@mrmattyboy 2 дня назад

Not going to make much difference, but saying "wordpress has pretty bad encryption" was confusing until you mentioned passwords and realised you meant "hashing"

@tannermccoolman4647 2 дня назад

Haha I fumbled a stupid amount of words and terms while on set. I really need to stop showing up to shoots sleep deprived.

@mrmattyboy 2 дня назад

@@tannermccoolman4647