How you get Hacked: what attackers use today

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

how people get hacked today is typically one of two ways they either open some kind of an attachment like this which came in as an invoice from Microsoft but then it says you need the password to open and because it's like an email attachment you might be tempted to type something in here and hit continue but of course the trick here is the continue button cuz you might think well this is just a file but when you click on the continue button it has a link which is going to send this data to the site cyber criminals now even though it's quite public that I'm a cyber security person my email gets perforated by fishing attempts trying to get my credentials another major Menace is info Stealers if we go to malware Bazaar we can see it's filled with submissions of different types of Steelers so the two popular ones Redline Steeler and Luma Steeler these are files that again you're going to get via email and if you run any of these they will simply collect your authentication tokens directly from your computer where you're logged in and then they can use that to hack into your account and of course it's not just email like I constantly get messages on Twitter every social media platform and the trick with these Bots is they send out thousands of these messages it's all automated so it doesn't waste their time and then the people who respond get the personalized attention and then they try to tailor the malware to their specific victim and this is how even in larger companies a lot of people gain access the initial point is typically an employee giving their VPN credentials or getting infected with remote access tool which is another major category of malware so the classic rat and once it's installed on the system is when they deploy other threats like ransomware so again for those of you who think well if I don't install random new programs on the Internet or you know and go and just like download random exe's as if that's a thing today most people are not infected because they're browsing the internet and they accidentally click on an exe file that was more a thing several years ago now most people get infected where the malware comes to them they don't have to go out on the internet and find it the malor in their inbox the malor in their private messages or it comes from a trusted Source or a website that's already hacked or it's inside a program that they use whose company got hacked like in the case of 3cx not to say that there still aren't things like you know malware advertising malvertising where you've got ads on Google another major source of malware now funnily enough is like all the social media platforms YouTube videos if you look for any kind of cheat or crack or mod in a lot of cases you're going to quickly find a lot of videos where you have external links and a lot of these links especially if they're password protected are going to be malware sometimes times it's literally the first search result like look at this we have what claims to be a city skylines 2 and it's also a mod menu and then you have an archive with a password and of course the archive size is like 80 megabytes to evade the scanners ah we're having a you know click adventure now I wasn't expecting this I was thinking it's going to be an info stealer malware but before that even we've got a different malware popup now which seems to be installing some kind of malicious add-on adwar to our browser so that's great so this thing claims to be a smart ad blocker but the thing itself got installed via an ad okay so maybe getting malware by visiting random websites is still a thing but if we go back and uh actually try to look at our download and use our password you can see we have an 18 megabyte file here and this is actually the info stealer of course they pretend to have bunch of other fils they just pack a bunch of garbage in here so it looks legitimate and if you scan something like this in vars total especially when it's new it will not be detected by a lot of engines and so far this one is only detected by like 12 engines out of 66 so a lot of these info Steelers they're not going to be detected by Static analysis they might be detected if you have good behavioral protection on your system but that is what people neglect because they don't think they need it and when you run something like this it is going to quickly grab your cookies and send it to the attackers and this kind of stuff is all over the Internet sometimes with with channels that have been hacked that have a lot of subscribers but the type of attack can go from something as silly as this to something really sophisticated and very difficult to spot even as an experienced user one of the largest attack vectors today is email so here you can see what appears to be an email from BBC about their latest documentary on artificial intelligence and if you check the address that it's coming from it is culture bbc.com so it appears like this has been sent from the official BBC email the email itself looks fairly legit so it has their logo it is structured properly no typos and it has a nice link to access this preview but if we go ahead and click on this link oh no it says our system is hacked looks like a classic ransomware screen so how on Earth is this possible didn't the email come from the official BBC website is all of BBC hacked and their emails are now run by cyber criminals and the answer is no there is actually a way for attackers to spoof the email address so it looks like it's coming from a domain that it's not now of course this particular system hack screen is not really malware it's just a joke but technically this could be any website it could be a drive by download it could be a fishing website that looks like BBC it could be an info stealer now something like this happened quite recently in real life with one of my friends who works at a chip manufacturing company so they had internal emails asking them to reauthenticate their Microsoft accounts and if we hover over it as you can see this is a confusing link but it actually redirects to a fishing page and if they put in their company credentials there well the attackers could gain access to critical infrastructure now I can't show you the whole email because of privacy reasons obviously don't want to disclose their company emails and stuff like that but this is a very real Attack vector and people are getting hit by it this especially potent for employees of a company like in this case if you're in the middle of your 10-hour workday and you get one of these emails and you're just instinctively going to click on it and do what it asks you to do now I may be warry if I get an email unsolicited from bbc.com with link but that's not typically who the attacker is going to Target they're going to Target people inside the company where it may be common practice for them to send Early Access videos for review and the hackers are going to do the research to know that and send the email in the exact same format with the exact same kind of link so that when the employee sees this they're not going to think they're just going to click on link instantly and then you have this and by the time they realize something's wrong it's already too late now this particular attack Vector can be mitigated by Demar compliance and one of the easy ways to get it is with easyd mark.com who is the sponsor of today's video you can even go to their home page and just have fun by checking popular websites see if they're vulnerable to these kinds of attacks I'm actually surprised CNN gets a 10 out of 10 damn BBC really is the worst all right I got to try this one oh so you'll be surprised to find a lot of major websites can be spoofed so I expect fishing is going to be a major attack Factor especially for infiltrating companies cuz it's so easy if you can get a legit looking email into the inbox if like Hello to Mid tier employee they're just not going to know what hit them and they're probably going to be too scared even to report it they're just going to pretend nothing happened and then those credentials end up in the hands of the attackers and the security team doesn't find out until there's a breach and once you sign in create an account it's a very simple setup process but once you go through it they're going to make sure your email records are protected so that attackers can't spoof it and they can't send emails like this on your behalf you can easily manage multiple domains they even have additional features like reputation monitoring to see if you're getting blacklisted and you will be alerted if something goes wrong with one of your websites and it's a really simple onboarding process so if you're managing the security of a company where fishing is a major threat I definitely consider checking out easyd Mark you can do so using a link in description I really hope you enjoyed this video and found this information helpful please like and share it if you did thank you all so much for watching we recently went past 500,000 subscribers so I really appreciate all of you subscribing thank you all so much again this is Leo and as always stay informed stay secure

Info

Channel: The PC Security Channel

Views: 103,894

Rating: undefined out of 5

Keywords: The PC Security Channel, TPSC, cybersecurity, cyber security, computer security, internet security, antivirus, anti malware, ransomware, trojan, virus, PUP, best antivirus, best internet security, learn cybersecurity, hacking, hack, security, technology, cyber insurance, cybersecurity degree, best EDR, EDR, how you get hacked today, how hackers get you, how you get hacked, how to hack, how your account is hacked

Id: STjqHxJoYKs

Channel Id: undefined

Length: 9min 1sec (541 seconds)

Published: Fri Jun 21 2024