The Counter Strike 2 Livestreams that Steal your Account!

Подписаться 818 тыс.

Просмотров 234 тыс.

50% 1

Counter Strike Global Offensive Source 2.0 is now in beta and I am THRILLED. However, like many people, I want to play it right now. Thankfully there are a whole bunch of RU-vid streams showing me how to unlock the cs2 beta. What could ever go wrong???
LINKS
-----------------------------------------------------------------------------
Valve's CS2 Article
steamcommunity.com/faqs/steam...
SOCIALS
-----------------------------------------------------------------------------
Discord Server
/ discord
Twitter
/ notexttospeech
TIMESTAMPS
-----------------------------------------------------------------------------
00:00 - Start
00:21 - Gamer Livestream Scams
01:23 - First Scam Website
02:09 - Second Scam Website
03:12 - The real way to get CS2
03:54 - Compromised YT accounts
05:19 - Exploring Scam 1
06:19 - Exploring Scam 2
07:06 - Failure
07:40 - Marker 2

Наука

Опубликовано:

19 июн 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 551

@TheLonelyMoon Год назад

something tells me that removing dislikes was a horrible idea

@Jamlord2061 Год назад

HMMMMMMMMMM

@Fixmeme1 Год назад

Wait what was the reason I forgor

@underscore. Год назад

@@Fixmeme1 there was no reason

@zeemgeem Год назад

absolutely hilarious seeing youtube posting "how to spot fraud" stuff in between videos ever since removing their built in measure to make fraud obvious

@Yorkington Год назад

@@Fixmeme1 to protect their corporate friends from bad public image.

@1Poseidon3 Год назад

The fact that the warning text that normally says "Note that X is not affiliated with Steam or Valve" was changed to "Note that *scam website* is affiliated with Steam or Valve" by the scammers is hilarious

@XdekHckr Год назад

it's just template

@kwj_nekko_6320 Год назад

@@XdekHckr you totally missed the point

@mineralnoodles Год назад

I fucking know right 💀💀💀

@ish2008 Год назад

When hl3

@Akaromaeda Год назад

The second channel is RenoD, a Korean Arknights content creator (and NTTS approved pro gamer) His account got hacked 2 days ago and yesterday all his videos were privated, that’s also when the streams started going up today some community posts started disappearing I wish RU-vid/google would do something about these security flaws, if I’m suddenly on the opposite side of the planet then something’s wrong

@hunnitwales Год назад

NO NOT RENOD FUCK NOOOOOOOOOOOOO

@itskotobun Год назад

bro i wonder where did renod went, and then i read this sh*t man not our another arknights bro, this is so sad

@Akaromaeda Год назад

@@itskotobun yeah and it's recently turned into NFT news instead of csgo shit google customer service as slow as always, you gotta love it

@Akaromaeda Год назад

small update: RenoD just got his google account back after about a week, now he's in the process of recovering his youtube channel to its previous state

@NopWorks Год назад

@@Akaromaeda With Google there's basically zero customer support unless you're a paying for their Workspace business plan. For RU-vid, it's only if your channel or your incident is big enough, or if your channel is a part of a RU-vid MCN which is probably the only reason for joining. If something happened to you you can contact your manager at the MCN and have them forward your case to someone at RU-vid. If you're a 100% independent channel, with no MCN, and didn't pay for Workspace businesses plan you're kinda screwed and have to pray that RU-vidSupport Twitter see your case.

@jundesuwa Год назад

I have my respects to the guy who lost their arknights youtube account.

@Smis1337 Год назад

Reno D... 😔

@helper_bot Год назад

also that indonesian channel ripbozo

@iforgormyname Год назад

@@helper_bot bro, it maybe a malaysian channel or smth

@Tetopettenson1 Год назад

RIP 😞

@Tetopettenson1 Год назад

4:40

@4nevar Год назад

1:39 is no gonna talk about how this just pops up here

@randomcommenter8274 Год назад

Nah, it was definitely a redirect. He said it himself.

@dravorle Год назад

While I do agree that they are most likely not a seperate entity, I have to say that trying to block the website with an infinite debugger breakpoint is pretty common in those areas. Thats like the go to first step to keep people from sniffing around your javascript. Although it's not very effective. At 6:41, for example, you could easily disable the breakpoints using the buttons over the message "Debugger paused" (the rightmost one). Or by simply pressing CTRL + F8. This will disable the breakpoints. Disabling Javasacript will often not open the websites at all because they are loaded using javascript in the first place. However reporting the domain is most likely the best way, as always. You'd simply get to snoop around a little for your own curiosity. Just wanted to point out that the whole breakpoint thing is pretty common.

@nofaptamine Год назад

i was gonna point out it

@haroerhaktak2613 Год назад

Couldn't you just use a language like python to scrape the website and view the stuff that way?

@DiamondSaberYT Год назад

Glad you've pointed out that you can just disable breakpoints! I was gonna write about that.

@uPilot Год назад

thanks

@Cranked1 Год назад

There is a more advanced version of console blocker where disabling the debugger or breakpoints does not work.

@ibaraki_douji Год назад

when you open the dev tools, they send a debugger command who just stop every executing script. To avoid this you can remove every brake points (Dev tools -> Srouces -> Press 'Ctrl + F8') and then they just don't do anything else :) Also in the Network tab you can block some request who are sent to the server if that's something you need

@regionalatleast Год назад

i personally find it hilarious that on the 2nd phishing site the info button that usually says "note that [website] is *not* affiliated with steam or valve" was edited to say that it IS 😭😭 theyre trying so hard

@Joshualt18 Год назад

This happened to me other day whilst I was streaming, I was dumb and actually put in my details knowing it looked off and thankfully they couldn’t get in cause of steam guard and managed to change my details. I am so thankful, otherwise I would’ve lost a lot of money honestly.

@ASGill98 Год назад

Yeah me too.. put my details in and luckily steam guard stopped me.. it wanted me to move my authenticator to them

@man-spider3402 Год назад

Same

@oneonlykiha Год назад

I actually almost fell for this, but then remembered that valve said the only way to get cs2 beta access is through csgo main menu

@cheeto8022 Год назад

same dude, I was about to put in my password when I saw the URL of the website, and immediately knew it was a scam

@DravenJV01 Год назад

i almost fell for it but safeguard saved me, incredibly stupid of me but i realized quickly. i feel bad for people that actually lost their account to this tho and i thank you for talking about these streams.

@panaplaysrblx_yt9677 Год назад

I actually fell for it but thank god i had added my mobile phone and now its being spammed with login attempts💀

@BigBuddyYo Год назад

I loved this video so much! I have watched it and I am going right on my way to download counter strike 2 right now! Thanks for the key!

@CeIes_te Год назад

npc

@BigBuddyYo Год назад

@@CeIes_te npc

@GTM1906 Год назад

3 days ago, I logged with my actual things on one of these sites and 1 minute later I thought of checking the community tab and boom, I realized fast and I got my account back in like 5 minutes, unscathed and unchanged a bit, luckily I didn't had a credit card linked to my Steam account, be safe out there.

@hex1640 Год назад

1:37 , I agree NoTTS, wonderful category.

@Marulauriu710 Год назад

Thanks to your prior videos I've already reported those sites 3 days prior to this video being uploaded.❤

@MaxCallahan Год назад

Finally, finally, someone made a video about this phenomenon. Thanks, you saved my day. :)

@Tayaressss Год назад

noooo they got our boy Reno, i can tell with the profile picture, he's a cool arknights content creator

@hrznn Год назад

"Note that source2-get is affiliated with Steam or Valve." How can you doubt them when they're affiliated, probably even brothers?

@kriskris7427 Год назад

yeah i saw like 5 of these, thank god someone actually made a video on this!

@Lampe2020 Год назад

It's not the opening that the page detects (that's impossible for security reasons!),it must be either that the page loses focus to the DevTools (unlikely because you switched windows which would also have triggered the onunfocus event) or by the page detecting the keypress F12. 6:28 It opened the debugger by running the debugger; statement in an infinite loop which is like a hard-coded breakpoint.

@rebane2001 Год назад

You can detect opening devtools, it's a known issue and there are known methods which are not patched. In this case though it's just running the debugger statement in a loop and it only has an effect if you have devtools already open.

@christyguy59 Год назад

wait, holy shit... i think i fell for this?! i remember clicking on a livestream on Valve's youtube (well, i thought it was) a couple weeks ago. I can't remember if I put in my password tho. but thank god i have steam guard (pretty sure i never entered a steam guard code...). Nothing seems fishy on my account, but going to change my password anyway just in case. I can't believe I'm so stupid. Thanks for the video!

@Aydro53 Год назад

finally, someone is talking about the cs 2 livestreams

@mini5027 Год назад

Great video! I enjoyed it!

@youarewatchingtillie Год назад

You could actually disable the debugger. If you click on that weird side-bookmark thing with a sort of line through it, and then press the debug button that is blue, it will stop. This way you can view the network.

@Snakyy1 Год назад

The reason the sites dont load when you turn off javascript is probably because either they make the whole site using javascript or the page has some code that doesnt show the contents of the page before the whole page is loaded which needs javascript

@beybladetunada5697 Год назад

In today's web development it's really common for webpages not to run if you disable JS, because a lot of development tools use JS to build the other elements not just script. The thing about pausing debugger or redirecting when you open the console is new to me though...

@universaltoons Год назад

I know this is late but the debugger pausing is intentional and, in this case, forced upon the user to prevent reversing

@ThomasEdits Год назад

NTTS and CS2 in the SAME VIDEO??? aint no way bro ❤️❤️

@chorpsockdareal1 Год назад

It’s about time someone talked about this

@Quanny2smoove Год назад

idk but i love your videos and been stalking you for a year. I feel like a nerd watch it

@1Teb Год назад

Congrats on 300k ❤

@Kaieatsrats Год назад

1:37 relatable asf

@Klemen1x Год назад

I've actually seen this livestream and it said "scan this qr code" and i was like "ok they're trying to scam people". But nobody was typing in the chat that it was a scam. Chat was sub only So i subbed and it said i can chat in there in 15 years...

@Python000 Год назад

Thanks for bringing attention to this

@thechugg4372 Год назад

oh oh that description though, valve would be so mad with you right now

@ris_kis Год назад

Thanks for your video.

@JustMamba Год назад

I fell for the cs2 one because it was late, I was excited, and the page name was valve, so I thought this must be real lol. I lost my my account but got it back within 15 minutes. After that, I was looking at the official counter strike Twitter and saw that the only way to get the beta was through the game and felt really dumb.

@xaeathepro186 Год назад

How do you got it back??

@HeStillPlays Год назад

what editing software do you use?

@aceofaces Год назад

I wonder if the JS in the second scam site has a way to enable breakpoints of some sort. The debugger usually stops at those points.

@MarvoldX Год назад

i always laugh about these livestreams limited the chat to only subscribers for 40 years or longer, lmao its just too goofy

@danrothman6129 Год назад

Thats a security flaw already. Someone should sue RU-vid....

@Lotfi_2 Год назад

got scammed by on of these, glad that you made this video

@notDreamss Год назад

Finally someone exposed those kids. This CS 2 livestreams was always on my home page and i was reporting all of them.

@tranquero Год назад

There is one more detail I found in one of this scams: the channel's name was "Valve " and they posted the link as a QR code permanently on the video. Could this be a workaround by not posting any links on the video's description so as to not get detected?

@childessup187 Год назад

which font do you use? ps: i like your vids

@Tanaxank Год назад

1:39 how did you know i searched that everyday, HOW!

@ttrss Год назад

The debug trap is a very very common technique to prevent/hinder reverse engineering JavaScript. they could be related but solely that isn't enough to say.

@TheNotoriousMOH Год назад

You are sooooo funny in those scamming videos analyse you make love you ❤❤❤❤

@codonlinechina9669 Год назад

Wait if someone enters the username and password but doesn’t provide the steam-guard code, do the scammers still get your username and password details?

@AnonimowyGd Год назад

Yup

@monahikosliekos Год назад

They just can't sign in so if you change your password you should be fine.

@lyricstoimage2008 Год назад

First comment😄! Love your vids man, keep it up

@24kneo Год назад

ntts saving lives out here 🙏🙏

@thezonaiarchitect Год назад

I remember a fake Metallica livestream for the new album, some random folks trying to scam crypto out of people. It was just the same interview clips from 2 years ago repeated and I didn't trust it at all. Sucks how this is happening in other mediums besides music.

@avexus7756 Год назад

oh wow the one that opens it in a new window is clever. that probably could've got me if I cared about cs2 haha

@dasmaffin1633 Год назад

Is there no chrome extension that lets you disable javascript on a button press so you can load the page, disable js, and then open debugger?

@patorrisse5722 Год назад

i almost fell for this, the moment it asked for me to login onto my account i got suspicious. and realized the scam, i thank god for making me realize.

@Thebboy2 Год назад

I fell for one of these a little ago. It was super late at night and I wasn't thinking straight lol. Be careful!

@trashman966 Год назад

same

@nyeeef5535 Год назад

change your email and password right away make your steam acct private and set up a family view

@butteroverwatch Год назад

I saw one of these livestreams it looked really real other than the qr code that I didn't think about at all, I scanned the code and right after that I saw the 1.7k subscribers thinking I downloaded malware on my phone

@TheRealCatof Год назад

You 100% did

@maestro_303 Год назад

Love yo vids

@ShoFox Год назад

And me, who instantly posted this on the Subreddit when they showed up had his post deleted :)

@vulgofenix Год назад

i almost fell for that cs2 live but i noticed it was a s cam before

@XxXdoblo_egzozusiken3169XxX Год назад

i fell for this because i was so hyped

@XxXdoblo_egzozusiken3169XxX Год назад

@Holman idk i told that to steam support nobody answered

@monahikosliekos Год назад

@@XxXdoblo_egzozusiken3169XxX Change your password asap. Check to see if your account has any unknown sign ins and try to kick out all signed in devices. If you have Steam Guard, this won't be as big of an issue because the person with your password will have to send you a request to sign in. I actually fell for this too but since I have 2 factor authentication, I wasn't very concerned due to the fact they can't get my account so I just changed my password right away.

@XxXdoblo_egzozusiken3169XxX Год назад

@@monahikosliekos i was sleeping when it was stolen he changed the gmail of the account and the password already

@afdashtech5322 Год назад

very helpful

@yomaiwnl Год назад

not sure if it's still up but there was an ESL live stream scam that would try to get access to your steam

@Blexible Год назад

Nice video! Are you Swedish like me?

@Moha-om5zy Год назад

I literally fell for this in one group on steam and didn't even realize it was fake....now I'm just trying to get my account back

@idsfxtm5759 Год назад

Ive had accidentaly click their link and just login my steam without hesitant,but after a few minute i realized that their channel is fake and i must changed my password faster before they reached it

@parkourchinx7978 Год назад

Very lucky, normally it's an automated process, within a moment its normally stolen.

@universaltoons Год назад

btw you can use mitmproxy to intercept the http(s) requests and grab the URLs & API endpoints that way

@thatjamguyog Год назад

It sucks cause I actually fell for one of these. Incredibly, I managed to get my steam back. I believe it was last saturday.

@Fitnessdickinmymouth Год назад

"Bro I'm not even in 1080p mode" -ntts, March 2023

@zentar2646 Год назад

ive been seeing these youtube shorts where they claim to give you a free knife with a link to the web page, if you click you get redirected to something that looks like steam but the URL isnt and it tells you to enter steam account info for the free knife skin. its so dumb that people actually fall for it.

@IIDreamy Год назад

Very nice vid

@Jonathan-vu4oj Год назад

Cs2 breaking the internet is absolutely amazing but this thing is sad and bad

@iamthestoat Год назад

1:39 i was literally on that link 5 minutes ago

@sus-ft3vu Год назад

I saw one having official steam link instead of about:blank in the pop-up

@akif7699 Год назад

Thanks dude

@rabinpun1724 Год назад

It's actually happened to me on twitch while watching dota2 streamer...fake giveaways..lucky got it back after contacting steam support

@mikrala Год назад

but even if they knew your user and pass , they can't benefit at all because they need steam gaurd code or QR right?

@cyrleaozora4173 Год назад

Rip to that guy who lost his Arknights RU-vid account

@Povilaz Год назад

Very interesting

@XdekHckr Год назад

8:10 This can be easily circumvented. And I don't think so that they have webhooks in frontend. They are probably encoded in javascript or server-sided, so even if you bypass detecting devtools in browser then there is no point to check for webhooks and so on. This is probably template that someone made and people are making websites and using it to scam someone. So I don't think so that this is scam group or same person, because why they would make different urls

@weiiswurst Год назад

you dont have to disable javascript, you just have to disable / "enable ignoring" debugger statements

@BS.Fusion Год назад

NTTS if you refrssh a About:blank page then it will always be a blank screen. You needed to refresh the popup

@maddylovania Год назад

2:58 I love how they edited the "Is not affiliated with" to just say "Is affiliated with"

@TheBabymaker1 Год назад

honestly, i think my manly appearance could probably stop all scams

@TheMAZZTer Год назад

Using the "debugger" keyword to make it difficult to inspect a page using Chrome's dev tools is an old trick that legitimate sites use that don't want people to steal their JS. That they willingly have you download and run on your own computer for them. You can still run your own javascript through the console or inspect the page freely. Mostly it just interferes with tracing through the JS code itself.

@UltraLeDEV Год назад

i was seeing this scam everytime i searched about cs source 2,also,thanks for giving more information about this.

@jamietre9042 Год назад

oh that first account is not a hacked account, thats a reperpoused account from the sick childen scams

@applesyrupgaming Год назад

lmao scammer got scammed

@MarioSanchez-lh7wo Год назад

I fell for it , I changed my PW and added a number to it 😊

@Not_Camera Год назад

i've encountered one and i managed to get one of the websites taken down

@Xerratch Год назад

I scanned this qr code, I don't even know why I was a moron and after scanning some page was still loading but it didn't load and I left and I have a question I didn't log in anywhere, am I in some kind of danger? Can anything happen to me after entering this qr code?

@KristabCodes Год назад

Op❤

@StormSB Год назад

When i looked at the thumbnail i thought who am I subbed to😂

@thsimon Год назад

There is also a login "method" where a fake browser windows opens inside the window (you can not drag it outside) showing the real steam url as html element

@TheTransformersFanEver Год назад

Okay one thing the about blank one never loading About blank pages cant be refreshed I play games on there sometimes to procrastinate in school and when i do the fullscreen it sends me to an about blank page with the game i was playing If it crashes and i try to reload it, it just sends me to a blank page and i dont think they’re trying to wipe the evidence for me

@seifhart6881 Год назад

Bro this thing have been in youtube for too long i can also find channels by pro names like s1mple stewie2k etc with 0 videos and only one livestream by the name of giveaway stream they ask u to register in a site and login with ur steam account i tried it with a new steam account just for curiousty and the password got changed immediately and it was very easy to get it back.

@sehcin Год назад

being honest i was so desperate i fell for it even though im usually tight on online security

@dreakexacios349 Год назад

same :( I feel so dumb

@fenn_fren Год назад

bruh

@kyperactive Год назад

Skill issue, unlucky 😎

@antinityfx Год назад

7:28 thank you lol

@DustySiren Год назад

I love how at 2:27 they just removed the “not” in the warning lmao.

@VentilatorBum56 Год назад

idk why but I clicked on a link from a livestream with counter strike and nothing happened (please help im in massive danger)

@ThomasEdits Год назад

my brother in christ 😭

@ArcanePower1 Год назад

Dont worry, as long as you didnt fill in your password you are fine. If you really want to be safe you can always run an anti-virus scan

@monahikosliekos Год назад

@@ArcanePower1 The streams don't have anything to do with viruses though? Running an anti-virus will be absolutely useless, since these sites steal your username and password, but they never interfere with your computer.

@RipVanWinkle27 Год назад

I almost fell for it when these streams came out the first day. There was an "ESL" channel with their official logo with a very authentic looking site, the chat was muted so I caught that soon and didn't enter any information. Thank god I had steam authenticator. There was another stream with Valve and their real profile icon. I reported both of these channels.

@EnBunk Год назад

A naked man fears no pickpocket.

@vitolapinta Год назад

Prison pocket.

@Swyafa Год назад

i fell for the 2nd scam site since a different window popped up and sent it straight to my friends thinking im gonna get cs2 luckily they told me just in time.

@danrothman6129 Год назад

durrrrr