They tried to hack me - watch out for this one!

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
they tried to hack my YouTube channel using  the same method that I showed you in a recent   video so whilst this one is targeting YouTube  creators this applies to anybody who thinks oh   I would never fall for a fishing or a scam email  and it starts with an email which we call the   lure your YouTube channel has been selected for  the GoPro collaboration exciting news from GoPro   we're launching our new 2024 lineup blah blah  blah blah blah here is what we're thinking we'd   like to work with you to create an advertisement  for our product on your Channel please respond   to this email so we can go over all the details  and get started with our partnership note how   the email was very well written on the surface it  looks legit no links to click on no attachment so   I replied saying I was interested and then I got  this and quite a serious email back so apparently   I'm I'm one of the 500 plus creators from around  the world with a bunch of information about the   payment agreement the product selection the dates  Etc they even go as far as saying content creation   manager will be assigned to you so you can talk  about the type of video the style Etc now as   we scroll further down there are three options  option one is a dedicated video on the YouTube   channel option two is a short video integration  and option three is two dedicated shorts please   respond with what you're looking for so now  it's time to set my bait so I sent over a   few reasonable rate options so as not to spook  them and this is their reply and once again a   very quick reply after a short discussion with  my colleagues we decided to go for option two   now due to Prior challenges in maintaining the  confidentiality they're basically saying we've   got a PDF with a password that you need to use an  activator to unlock and here are the instructions   you first got to go visit a website and it's the  same website that's linked click on presentation   and then use the activator provider to unlock  the PDF okay now we've got something to work   with we have a website so let's explore and we're  going to start with who is which is how you check   information about any registered domain let's  see what information we have about the official   gopro.com versus gopro.com so this is the on  the official gopro.com domain you can see it   was registered in 1995 quite a while ago and it's  got the registered content information along with   a telephone number even a fact now let's compare  it to the GoPro us.com it was registered on the   2nd of February 2024 so that is very very fresh  and when you look at the registered contact   information it's a link instead of an email so  the domain was registered on the 2nd of February   this is one day before I got the email it's highly  unusual for that to happen usually companies have   domains bought and registered way before they  build their website so when it goes live it is   available everywhere and the name has propagated  correctly which means it's available everywhere   around the world also the contact information  is super weird yes you can use a facility to   remain anonymous most when registering a domain  but I have never seen something where the email   is actually a link to a website when I enter  that website URL it came up with some sort of   a weird form so with that in mind shall we  now go check out the website well there it   is gopro.com this is what the website looks like  and this is what I'm supposed to be clicking on   to download the presentation I just want to check  out the rest of the website first everything does   work it looks as legit as they come I wonder  whether they scraped it from something else   that GoPro has going on but let's go focus on the  get presentation download archive Windows OS keep   that in mind for a second so you click on it and  there is a GoPro presentation protected. zip file   hell no so I'm going to right click on the page  choose inspect and I'm going to do a search for   the word presentation why because I want to see  if I can track down where this file is actually   hosted and there it is it's hosted on Dropbox  there is GoPro product presentation protected.   zip and now let's do this let's right click let's  choose edit text and then let's highlight that   text so we have a copy of it right click copy  and I'm going to show you how we going to use   that now that I have the link to where the file  is I can scan at without downloading it to see if   it is indeed malware or if I'm overreacting let's  head out to virus total.com click on URL and I'm   going to paste that URL in there so we can scan  that file and here we go it's gone through its   places and you can see that mostly it's come  out as clean except for one thing this threat   intelligence says something is suspicious about  that file so technically according to so many   antivirus companies this is perfectly safe yeah  I don't think so I know that if this is an info   stealer my info will be sold all over the dark  web and will land up on data broker websites   once it is there it is virtually impossible to  be removed so that is why I use my favorite data   removal company delete me who are today's sponsor  you have heard me talking about delete me many   times on this channel channel before because what  they do is so valuable they search the entire web   for your personal information your name your  email your birthday your address and a whole   bunch more when they find it on any data broker  websites they get it removed for you there are   literally thousands of these sites that would take  you months to get it removed yourself and I just   don't have that kind of time nor do I want to with  delete me you sign up and they do all the work   for you as your agent you get a report showing the  sites that it was removed from and any other sites   that are still in progress of getting removed  if you care about your personal information   and you should sign up to delete me and get 20%  off when you use the link in the description so   I am trusting my paranoid gut and I'm going to  download this file but I am not downloading it   on my Windows computer remember it said that it  needs Windows to work so I am downloading this on   my Kelly Linux machine this computer doesn't  have access to anything and it is on its own   private Network and since it's not Windows the  maway is going to get super confused and not be   able to run let's see what we're actually dealing  with here before we actually scan that file I'm   actually going to show you what it looks like when  you scan a regular zip file that just contains a   PDF it's good to know what we're dealing with  here so you can see here that it's passed all   the test but basically like the other one did but  when you go to relations you can see that inside   there the file type is a PDF it even gives you  the file name security for creat checklist and   there's only one file in there now let's upload  the downloaded file and go to the relations and   oh my goodness this is where things go absolutely  insane immediately there are two high alerts we're   going to deal with them shortly but I just want  to scroll down you can see so much is happening   inside that zip file there's files opens files  downloaded files deleted there's registry entries   there is a whole bunch of stuff shell commands DNS  entries things that should not be if it's just a   regular PDF why because if we look at that first  alert the Hanah loader it says that it's used by   the a31 group and the second one is a rat a remote  access troen which allows hackers to access your   machines remotely also used by the same group  and according to Hacker News this is a Chinese   threat actor Group which specializes in extracting  information from your computer to Dropbox which   if you recall is where this particular malware  file is actually hosted so I thought I would be   cheeky and send one more email said thank you but  I don't see the activator where do I get that and   they replied please see attached video guide many  creators ask for it we're waiting for your reply   and sure enough there is an attachment that is 12  Mb in size and looks like an mp4 file I obviously   scan that first and they actually put together  this little video clip showing exactly how you   need to get yourself hacked look at this they  actually show them extracting the information   showing that it needs a password and if you take  the unlocker presentation file drag it under the   PDF it will unlock it and then you're going to  see the hidden catalog this is absolute nonsense   but what a convincer and that's how hackers  steal your information you can see that they   were prepared you can see that they took their  time to build up trust and when that trust was   established only then did they go in for the kill  not with an attachment but with a website that   downloaded the mailway from Dropbox do not fall  for this this is how they around your two Factor   authentication and your super complicated password  I have more information about that right over here   so definitely go and check that out before you  go give the video a quick Like thumbs up share   this video with your friends so they don't get  hacked and I will see you in this video Let's Go
Info
Channel: Liron Segev
Views: 59,991
Rating: undefined out of 5
Keywords: liron segev, the techie guy, youtube hacked, hacked channel, I was hacked, phishing scam, gopro, gopro scam, infostealer, scam, youtuber scam, youtube scam exposers, gorpo scam, gorpo hack
Id: WSVO-AU4bnA
Channel Id: undefined
Length: 10min 19sec (619 seconds)
Published: Sat Mar 02 2024
Related Videos
Caught on camera: what REALLY happens inside computer stores!
Liron Segev
226K
STOP giving out your REAL cell number! Do this instead:
Liron Segev
121K
6 Must-Have Security Gadgets That Fit in Your Pocket
All Things Secured
1.8M
3 USB things every Windows user must do right now!
Liron Segev
207K
Windows 10: End of Support! What You Need to Do Now
Licensing Lab
11K
Don't use security cameras!
Liron Segev
252K
Reboot your phone NOW!
Liron Segev
116K
How the Caller ID scam works: NEVER answer this call!
Liron Segev
61K
Passwords are hidden INSIDE your Computer's Memory - and you can get them!
Liron Segev
32K
Insert a Coin Battery into the TV and all the channels in the world will be unlocked Antenna Booster
Innovation Plus One
947K
I visited 8 Chinese factories in 8 days... MIND-BLOWING!
EbikeSchool.com
74K
GM CEO: This New $15K Pickup Truck HUMILIATES The Entire Car Industry!
Cosmos Lab
16K
What Everyone Missed About The Linux Hack
Theo - t3․gg
282K
25 COOL TOOLS YOU MUST SEE
TECH HUB
55K
3 Levels of WiFi Hacking
NetworkChuck
1.7M
Hidden cameras are everywhere - protect yourself!
Liron Segev
1.2M
Tracking a phone and reading their messages - this app should be illegal!
Liron Segev
1.3M
20 INVENTIONS THAT WILL CHANGE THE WORLD
TechZone
20K
5 underrated Windows Features you didn’t know about!
Liron Segev
69K
DON'T USE GMAIL unless you make these 5 Critical Security Changes
All Things Secured
865K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.