The Malware that hacked Linus Tech Tips

some companies don't allow the download of pdfs from emails in office PCs. Only option is to open in preview mode, click on print and save as pdf.

wouldint it be smart to have a file virtualiser like binvis to see if theres a black void for any file you dont fully trust

pdf viruses are scary. i was looking for a datasheet on a binary counter and while trying to see the datasheet the virus got downloaded. i tried to cansel but it ran a cmd and my computer was fcked. not my harddrive, my entire computer. i deleated everything and tried to reinstall windows but it was still there, changed to a compleately different hard drive but it was still there.

thx , ++

Wht security softwares & extensions do u use personally

Protip, always have file extensions on.

I don't want anyone to get hacked.
Except LTT. Linus is a scumbag.

Wth, why there are like 4 of the fake emails made with a Czech mail service, like eh?? I'm from the czechia and it confuses me like crazy.

Turns out malware wasn't needed for the downfall of this channel... (LTT)

This is why i never select "remember me" on my computer

Just write down your passwords and emails down on paper, and if you need to log in, just do it manually

Also, if you want to be even more safe, just get a second computer

It could be a crumby laptop even

Or, you can use a virtual machine

So if you ever run into a sponsor email and you arent sure about if its legit

Use that other backup pc incase

Also, make sure your info isnt saved on it as well

Why are theyr domain in czech?

I know Windows can see full filenames, but I know it's disabled by default. Why on earth is it disabled!?

i hoe it happens again after all the stuff happened

this is why you dont use windows

it will basically be a .save file stealer that is why u never install anything on ur pc or phone with unknown personell

I think the same thing also happened to "Blenderguru" channel

офигенный ролик

Your videos are security education. Fully fledged bytes of security education that are dispersed, unorganized by topic. Just glad you exist bro

Hiding file extensions is a very dumb default setting.

What would happen if this PDF was opened on MacOS? Would it still work?

I got a trojan by only drive by dow load not even exe file

so tech related yet hires normies that click on this shit lmao

In retrospect, my question is, why did the marketing person even need any form of channel access? Like you said, only senior level members of staff should have access. What reason someone who deals with marketing email would need any form of access to a channel with 15 million subs is beyond me.

"not a lot of people may know...." and that's the problem. Not enough people know the basics and have jumped onto the Internet head first

We need a resident shield that would deactivates all click process on the system level, untill the destination of the click or the execution had been tested to grant the execution won't cause any harm on the device. The first one who creates a program that does it. This guy will get rich as fuck

You barely talked about it. Two websites? That's it? There's barely any actual, useful advice in this.

does all of this stuff happen on MacOS ?

What if you only browsed email on a VM? no web logins of any kind on the VM, just email. it wouldnt be possible for the malware to access data on the host machine

fake

you can literally rename a .exe to .src and it'll work

Lmao only an idiot would fall for a password protected zip archive 😂😂😂😂😂

You are looking for 100+ offers per day. Will you check all those attachments? I think they will now :D

I gotta be honest, I knew the trick was going to be in the extension but it didnt click for me that the videos was missing, I was looking for rcs or exe in the title

For years the first thing I do when setting up a PC or re-imaging or restoring one, the first thing I do is to enable file extensions. And I agree with everyone that this and show hidden files should be enabled by default.

Right away. "Big companies sometimes hire outside PR firms." That right there. If a PR firm can't figure out how to do their job right, by having the domain names match, that's gonna be a no go for me dawg. They should be forced to learn like everybody else. Another reason why that's stupid, is LTT is big enough not to need some BS sponsor, outsourced to some bs firm that can't figure out basic security measures. They should be held to the same standard as everyone else, and if they can't figure it out, let them die. Also, the marketing executive excuse is exactly that, an excuse. Why aren't marketing execs held to the same compusec as everyone else. SECURITY is everyone's responsibility. Fired...because you can't pay attention in compusec classes.

I always have extensions on, so a .pdf.scr would immediately tip me off

Then again, im a power user who's not going to fall for low effort crap like this. Im only here for fun, plus the information on how they try to get into peoples accounts

Oh come on! Not even forty seconds in, the email from G FUEL. Really? No red flags at, "we are sells energy drinks", or "if you are wondering in our offer". I am being wondering how bud must be English for alarming bells to be ringing?

isn't there an automated process in any antimalware for deletimg the empty space in files?

if this has happened what do you do to prevent it?

why not scan any attachment before opening it? laziness?
(maybe use a different computer (and OS) only for emails and nothing else in his case)

Are you building software on a unstable production floor or design a new products on a unstable production floor that comes from outside forces that sell to you

Don't forget to ask the question was I hacked before I even produced the hardware

You must have file extensions disabled. I would've never fell for something this stupid. File extensions should always be turned on, as all of my pc setups have this feature on. The problem is you have to manually toggle file extensions on, it's not default out of the box for windows.

Thats why if I HAVE to use Windows, I disable file/script execution after installing all my apps and then maintain a Whitelist/Blacklist. Its a headache but then I dont have to be anxious all the time while using Windows. no such issues on my Mac or BSD desktop

I don’t know anything about scr files but I assume it’s just an executable file. How can Windows allow an executable to read files and folders of another executable? That is the real issue. The "remember me" feature in most login pages just tell the browser to store the cookie even after the browser is closed by including an expiration date on the cookie key=value pair by the website to the browser. If no expiration date is set on the cookie key=value pair then the browser will delete it automatically after the tab is closed or the browser itself is closed. Also I know chrome has a cookie file per chrome profile and encrypts the cookie file on disk. Is Windows really that bad or did the infected machine have insecure configs? I'm not satisfied by the answer most people give.

Just got hit by this. Got a client i had talked with for a while. He sent me a file with their marketing plan, zip file with two files inside. One of them a video, another an exe. Now i now this was stupid af, however i ran the exe since i couldn't see the extension(the name was too long), it had a word logo, and i didn't think anything about it. It ran some kind of batch file, and now i had a folder inside my %temp% with every of my password, session cookie, screenshot of pc and system information. I cleared everything in my browser, reset every password and then ran the "Tron Script". Fk this was a sofisticated piece of malware and a good social engineer behind it. Do you guys think im safe now?

Why would anyone who's not a complete noob use Explorer as a file manager at all, let alone with hidden extensions?

so does that mean that if I had redline on my pc for over 1-2 years all of my passwords were stolen? Does it only steal browser info? Or does it go for several things? Also does it go for all kind of browsers or few exceptions? Like opera?