Malware beats Windows Defender: How you get hacked

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

this is how you're most likely to get hacked in 2024 info stealer malware delivered via email which seems to be surprisingly good at bypassing Windows Defender I'm going to Showcase how the attackers do that in just a second yes they do manage to completely beat Windows Defender which is why this Avenue of attack via the supposed PDF contracts is so popular these days the way it starts is an email for me it's the sponsor ship email for you it may be something else and the initial email is never going to have any kind of attachment or malware it's just going to be an email to get you to respond to them the next email is going to be a little bit more right it's a gradual process so here they're going to give you a link to the website and this is a legitimate website to the legitimate software and still there is no malware we're just talking about the cost of a sponsor segment or whatever and I say well I'm ready send me the details and then they continue to send me pure text email pretending to be a legitimate Advertiser as you can see this is like ads at magix.com but there's a dopl at the end but don't expect everybody to catch on to details like that the real red flag here is they wanted to know my operating system probably cuz they have different malware for Windows and for Mac or Linux so depending on your operating system they're going to send you a different payload so I said my operating systems when Windows 11 all right great and then they send me this link now what happens when we visit this link let's just copy it and try it in a virtual machine and this is kind of where you would expect an antivirus or your Windows Defender to step in but that's actually not possible because this is going to be a zip file and when we open it it's going to have a folder as two things a bunch of innocuous files like these MP4s these jpegs images videos and then it's going to have something called contract and inside this contract is what you expect to be an application but when you extract it when you extract the whole thing this is going to show up as a PDF now funnily enough when you run this PDF this does not run this is actually password protected and this is why it's probably not blocked by Windows Defender because it's not looking at the code because of the password protection and if we go ahead and type in the password which is here in a text file again completely innocuous and we put that in here boom that's all they need to hack you the code that just executed captured details from all of our browsers and if I had any login cookies if I was logged into my YouTube my Google account my bank account all those details are now transferred to the attackers and all this while we had Windows Defender sitting here napping as you can see it was turned on and it was fully up to date I even did a scan and nothing was found s now interestingly if we do a scan of the system using nordon power razor after this it does actually detect this file as a medium risk item and that is mostly due to the reputation scan so maybe it's not impossible to detect this type of malware but it's definitely very difficult and Windows Defender is probably not going to be able to do it because this particular detection seems to be a reputation detection Windows Defender can't do that because it runs on every Windows systems and even if it did it would create so many false alerts for other applications that you would just get used to allowing the alerts that Windows Defender gives you anyway so this is one of the Prime examples of when you do need situational awareness in order to avoid being the victim of a Cyber attack now once your details have been captured you don't know what's going to happen to them they may be sold on the dark web or in a telegram chat like this here we've got an attacker that's selling WhatsApp number sorted by age and or gender so you really want to make sure that you change your password even if you accidentally run something like this and realize it just after running it go ahead and change the passwords log out of all of your existing browsers and secure any of the sensitive accounts that you have because a lot of the times these attackers will sell your details on the dark web to others a lot of this information is how they target you to begin with so if you're 55 plus old man maybe it's going to be a post office scam if you're a YouTuber like me you get these uh fake sponsor emails and you know what's so funny while I was talking about this I got a legitimate sponsor email which I'm not interested in but that's kind of funny but hopefully that shows you that the reason I'm being attacked by this particular method is because they know that as a YouTuber I am going to get these emails so if I were not techsavvy or if I were marketing and sales executive and not you know the guy from the PC security Channel I might just click on this stuff and all of this data including Steeler logs and specific usernames and passwords are being exchanged throughout the dark web and also on platforms like Discord and Telegram and if you'd like to find out if you've been compromised or if your details have been shared anywhere on the dark web you could actually search Flair's platform for it who is the sponsor of today's video it's crazy how many Redline Steeler logs are just out there on the internet for people to download and check out when I do a search for the PC security channel on the first page itself it looks like my details have been part of a Steeler log so this is my email and it was found in a leaked Steeler log thankfully it's just my email but this could explain why I'm being bombarded Ed by so many info stealer campaigns and hacking attempts via email because this is being widely shared on the dark web I guess I'm a prime target now a couple of these posts are very recent they're from September 2023 but there's also several mentions on GitHub thankfully this looks like a legitimate mention somebody recommending my channel also it does seem like I'm quite popular on Crim market.is so you know even the Cyber criminals taking cyber security advice from uh my videos which is good to see you know I translated one of these messages and the Cyber criminals were talking about how much Windows 11 is spyware they don't like competition I guess but as you can tell flare is a pretty powerful tool and not only can you look up specific things on it it can actually help look for any mentions of your entire company or any of your private details and you can try it out today for free using the special Link in the description and you can totally play around with it and do the kind of searches that you saw in this video but I hope this video helps you not get hacked in 2024 if you found it interesting make sure you like and share it don't forget to subscribe to the PC security Channel this is Leo thank you so much for watching and as always stay informed stay secure

Info

Channel: The PC Security Channel

Views: 182,717

Rating: undefined out of 5

Keywords: The PC Security Channel, TPSC, cybersecurity, cyber security, computer security, internet security, antivirus, anti malware, ransomware, trojan, virus, PUP, best antivirus, best internet security, learn cybersecurity, hacking, hack, security, technology, cyber insurance, cybersecurity degree, best EDR, EDR

Id: nUFgBhBBB-E

Channel Id: undefined

Length: 7min 26sec (446 seconds)

Published: Tue Jan 16 2024