To try everything Brilliant has to offer-free-for a full 30 days, visit brilliant.org/EricParker . You’ll also get 20% off an annual premium subscription.
@@98f5 brilliant? a honey pot? actually it makes sense! they clustering people wanting to learn, feeding them nonsense and propaganda ending individuality and autodidactcy with the sole purpose of putting them in the consumerism environment!!!! this is obviously sarcasm.
i hate when somone makes a program and post 2 files 1 open source and a exe and they say to read the open source file if u dont trust it. But u still cant be sure since the other file is a exe
For a lot of projects it isn't even feasible to read the source yourself. Using one of my projects as an example, you'd have a difficult time reading through the code of my game engine (though obviously it doesn't have anything malicious in it), it's over 7000 lines of code.
@@nikkiofthevalley My project is currently sitting at about 300-400k lines of code. Imagine trying to read THAT and try to determine if there's something wrong
Hard drive storage is extremely affordable, especially used. I recommend you get some, especially for just storing files like pdfs. You would hate for your stuff to be deleted from github
It's honestly kinda hilarious that the readme just asks you to disable your anti-virus, it's not even “if the program doesn't work try disabling your anti-virus”, I think this malware is from Romania.
Disable antivirus is usually code word for poorly written application. But in some cases AV detection are especially egregious against legitimate tools from Nirsoft which gets classified as "hacktools" for example.
same thing for the Hypixel Skyblock (Minecraft gamemode on server) community, many mods for Minecraft just use a Jar-dropping repo to make it look more reliable to players who don't know more (the playerbase is like 80% kids from 10-16). The hard thing is that Minecraft mods are NOT sandboxed and is NOT checked by antivirus, so a malicious Jar basically have full system file access. They can then read browser password, Discord token, Minecraft token, basically take over all of the victim's account. And all of this just because they want to steal players' item, sell it to legit player for in-game coins and then resell those coins on black market.
roblox and minecraft do share insane networks of malware being shared, the roblox one being more complex imo, of course, with the incentive of money in both.
That's a common problem in all modding communities. I wrote a mod generator and packer - basically a system to automate a bunch of manual tasks - a long time ago. Back when it was still in Mojang's hands. I don't recall the mods having a lot of system level access, but it was almost 15 years ago :P
So.... what you're saying... if I change some otherwise useless string in my memory to "sandbox", I will be immune to 80% of this type of malware... :D
I made a script like 5 years ago because I was learning about crypto and python, it is actually open source but I've seen some Russians fork it and bundle it to an exe and embed viruses to it
The 3 questionable inclusions I was wondering at 17:20 were "Emily" "Johnson" and "Miller" If someone with those names matches their Username with their IRL name they could trigger a false detection
some sandboxes or static file scanners like virus total, use vm's with the names such as Emily, Johnson, George, Miller, etc. the skids probably would rather avoid getting scanned on vt due to file sharing or what not than lose a few potential victims
@tauon_ Maybe. However you still would have to build the release version somewhere. And there's a chance in my mind that they are just trying to be safe. Or it might be like said above and it's anti virus total.
@@samuelhulme8347 Well it is also legal to fully rebuild a piece of software from the ground up so long as you don't infringe on any copyrights or trademarks so in a legal sense if you can read assembly code and reconstruct a piece of software based on it, it really is open source.
I think its really funny that when you try to intentionally run malware sometimes every single defense on the system does it job and tries to stop you. But then other times it's all useless
Hello mr Parker, just wanted to say that your videos are very unique, for the right reasons. I love your curiosity and openess with what the stuff is that you're dissecting. It feels so much more real when someone shows the name of the malware, the sales threads. So much of malware and hackers are faceless and mysterious, you put a face on it and make it feel less scary and fascinating.
thats nice and all but hows someone, if the target audience is crypto people who often arent very smart, supposed to know whens omething is an inpossible hack/cheat unless you know the technical details of something? Someone who doesnt understand how crypto works wouldnt know that its not possible to brute force a result like that. Most people i know dont even understand why its a bad thing to use the same password everywhere and continzue to use it even after someone had hacked your account, there is no way for the vast majority to even think that it could be suspicious.
people in general need to be more wary of what they download and run on their computers. the examples in this video were programs to try and brute force crypto wallets which is probably to try and steal someone else's crypto. not that i am for it but those people should at least spend a little bit of time researching the thing they want to do.
In that case, I think those people are simply "fair game". Let them get hacked. There's no pressing need to put millions of dollars into making github an over moderated, child friendly, script kiddie centric shithole.
I am so used to crypto meaning cryptography that I was like, surely cryptographic bruteforcing isn't *that* impossible, then I read the description of the first git there and it finally clicked in my brain
Wireguard (VPN) is used to tunnel all network communications through another device (maybe a virtual machine or a Docker container) that is running Mitmproxy, which can act as WireGuard peer, intercepting all traffic going through the VPN. So, it is not just a regular proxy.
@@vladko312 But how you make those apps not complain about self signed certs? I have seen programs that don't care about windows trust store but rather bring their own.
Yeah this is impossible, and would unjustly punish new and small projects. They just need people to report these projects and to respond to the reports in a timely manner
@ShivaTD420 I didn't say delete/ban or anything, just alert the moderator to take a look A lot of repo are very obvious and/or are just straight forbidden by the tos Edit : report doesn't do much in general, unless there's a mass report (in general do to a public figure asking fans)
Is there a reason antivirus programs dont just instantly flag it if it has code trying to detect an emulator? I cant think of a valid reason I would want to run a program that does that.
Hey Eric, cool video as always. A new free video game has been released called "Delta Force". The steam reviews are mixed, mainly due to it installing kernel level anti cheat and (supposedly), not removing it after uninstalling the game. Would be very interesting to see a video on that.
Should take a look into rar ratting if you dont know or never heard of it theirs a way to rat someone that just extracts a rar file without even opening any contents just extracting or viewing files its a method someone in my com made isnt rly used that often but people are still ratted by it
Small chance but can happen, my exodus account got broken into while i was asleep, i know it was bruteforce because i used a separate phone for it with only exodus installed, it was like 2k so it sucked for me man
putting the sponsorship so close to the beginning is insulting. i don't even know if i'm going to enjoy the video yet and i already have to see an ad. at least put it near the end so the people who see it have actually gotten something from you.
Are you using a virtual desktop? I thought you couldn't download malicious files or extract it. Im guessing it's okay unless you don't click the exe. Also, do you have an antivirus installed you'd recommend or do you just use a site?
Thanks for the forecast! I need some advice: My OKX wallet holds some USDT, and I have the seed phrase. (alarm fetch churn bridge exercise tape speak race clerk couch crater letter). Could you explain how to move them to Binance?
🤷♀️ no idea. on one hand, they are trying to rob someone else. on the other hand, if they are trying to do that, chances are likely they are very desperate for money to afford living and in this society, money can be hard to come by and easily goes. ofc the malware is going to be targeting those who are attempting a crime cause they know those people are very unlikely to get law enforcement involved, due to the nature of why they had ran the malware to begin with
Great video. I am a new fan of your channel and I love your vibe. Also, I can't tell the difference between the two Bottega bags, the kislux is close and cute, so that's enough for me. I will bring my friends to buy.
Yeah if they are trying to be honest about being open source they’re could just have Gitlab or Gitea as backups but no “we like To be scammy as possible”
To try everything Brilliant has to offer-free-for a full 30 days, visit brilliant.org/EricParker . You’ll also get 20% off an annual premium subscription.
Its called a "honey pot"
@@98f5 brilliant? a honey pot? actually it makes sense! they clustering people wanting to learn, feeding them nonsense and propaganda ending individuality and autodidactcy with the sole purpose of putting them in the consumerism environment!!!!
this is obviously sarcasm.
i hate when somone makes a program and post 2 files 1 open source and a exe and they say to read the open source file if u dont trust it. But u still cant be sure since the other file is a exe
For a lot of projects it isn't even feasible to read the source yourself. Using one of my projects as an example, you'd have a difficult time reading through the code of my game engine (though obviously it doesn't have anything malicious in it), it's over 7000 lines of code.
@@nikkiofthevalleyi ment like them small projects randoms make😃
dont run random executables ever, read the code and compile it yourself.
@@nikkiofthevalley My project is currently sitting at about 300-400k lines of code. Imagine trying to read THAT and try to determine if there's something wrong
@@Darkenz000jeez, what’s your project?
remember to report github projects with no source code. they are against the site's TOS
good to know, I didn't realize.
shhhh...
I have a whole library of PDFs and epub programming books and research papers , I don't have space left on my 512G ssd lol
Hard drive storage is extremely affordable, especially used. I recommend you get some, especially for just storing files like pdfs. You would hate for your stuff to be deleted from github
i always report and when i get a result i dont even remember when i reported it, takes several months for them to review it
I understand what you're trying to say but there are many extremely popular repos that have no source code such as guides or tutorials
8:17 This is Python pickled data, which is unsafe to unpack, so theoretically, you could send a malicious payload and hack the hacker’s server.
Does pickle automatically prevent unsafe unpickling?
Or was that a feature in Automatic1111 stable diffusion for QoL?
@@xanderlastname3281don't those use safetensors ? Not sure pickle archives can even be made safe
no, pickle does not prevent unsafe unpickling. @@xanderlastname3281
@@xanderlastname3281no, that's why python doc tells you not to unpickle random pickled data
@@xanderlastname3281
pickle can execute arbitrary python code during unpickling. As far as I'm aware, there are no safety checks.
My github account actually got hacked once and posted a fake crypto miner with botted stars (it had like 800)
@@reallypurpled :(
probably the reason they enforced 2FA
@rockpie.iso.tar.bz2 yea probably
@rockpie, makes sense
How on earth did your GitHub account get hacked?
It's honestly kinda hilarious that the readme just asks you to disable your anti-virus, it's not even “if the program doesn't work try disabling your anti-virus”, I think this malware is from Romania.
Disable antivirus is usually code word for poorly written application. But in some cases AV detection are especially egregious against legitimate tools from Nirsoft which gets classified as "hacktools" for example.
same thing for the Hypixel Skyblock (Minecraft gamemode on server) community, many mods for Minecraft just use a Jar-dropping repo to make it look more reliable to players who don't know more (the playerbase is like 80% kids from 10-16).
The hard thing is that Minecraft mods are NOT sandboxed and is NOT checked by antivirus, so a malicious Jar basically have full system file access. They can then read browser password, Discord token, Minecraft token, basically take over all of the victim's account.
And all of this just because they want to steal players' item, sell it to legit player for in-game coins and then resell those coins on black market.
W hypixel skyblock mention i havent played it in like a year tho cus my microsoft account got hacked💀
He's talked about malicious Minecraft mods in the past, I believe
roblox and minecraft do share insane networks of malware being shared, the roblox one being more complex imo, of course, with the incentive of money in both.
Antivirus could check them if it wanted to
That's a common problem in all modding communities. I wrote a mod generator and packer - basically a system to automate a bunch of manual tasks - a long time ago. Back when it was still in Mojang's hands. I don't recall the mods having a lot of system level access, but it was almost 15 years ago :P
So.... what you're saying... if I change some otherwise useless string in my memory to "sandbox", I will be immune to 80% of this type of malware... :D
no it has to be the username
I made a script like 5 years ago because I was learning about crypto and python, it is actually open source but I've seen some Russians fork it and bundle it to an exe and embed viruses to it
Links or it didn't happen...
The 3 questionable inclusions I was wondering at 17:20 were "Emily" "Johnson" and "Miller"
If someone with those names matches their Username with their IRL name they could trigger a false detection
My guess could maybe be their names so they don't accidentally trigger it on themselves? I dunno I'm not smart.
@@ImNotGam i'd imagine they'd make a dev version on their machine that doesn't actually hack themselves
Possibly but there's always the chance of them getting infected with their own virus.
some sandboxes or static file scanners like virus total, use vm's with the names such as Emily, Johnson, George, Miller, etc. the skids probably would rather avoid getting scanned on vt due to file sharing or what not than lose a few potential victims
@tauon_ Maybe. However you still would have to build the release version somewhere. And there's a chance in my mind that they are just trying to be safe. Or it might be like said above and it's anti virus total.
anything is open source if you can read assembly
im kinda being nerdy but i think open in opensource means the license is open too?
Allow me to introduce you to software as a service
@@erroroliverThe legal answer would be yes, but decompilers exist and they don’t care about the license and let you do what you want.
@@__Brandon__NO. NO NO NO NO NO.
@@samuelhulme8347 Well it is also legal to fully rebuild a piece of software from the ground up so long as you don't infringe on any copyrights or trademarks so in a legal sense if you can read assembly code and reconstruct a piece of software based on it, it really is open source.
Using the name of a steam account to get the c&c server is pretty ingenious ngl
Sound more like you can ask Valve who is behind it..? 🤔
@@savagesarethebest7251 there's a million steam smurf accounts so probably not
They have more stars on github than my github repos which doesn`t contain any viruses
Its botted
u should bot ur repos like them!! (don't)
I think its really funny that when you try to intentionally run malware sometimes every single defense on the system does it job and tries to stop you. But then other times it's all useless
1:54 THE C IN THE LINK IS A DIFFERENT FONT/NOT BOLD AHH
malware spotted
rule number one of hacking always trust hacker image
rule number 2 if you have got so far then use your brain and dont follow rule number 1
Hello mr Parker, just wanted to say that your videos are very unique, for the right reasons. I love your curiosity and openess with what the stuff is that you're dissecting. It feels so much more real when someone shows the name of the malware, the sales threads. So much of malware and hackers are faceless and mysterious, you put a face on it and make it feel less scary and fascinating.
thats nice and all but hows someone, if the target audience is crypto people who often arent very smart, supposed to know whens omething is an inpossible hack/cheat unless you know the technical details of something?
Someone who doesnt understand how crypto works wouldnt know that its not possible to brute force a result like that.
Most people i know dont even understand why its a bad thing to use the same password everywhere and continzue to use it even after someone had hacked your account, there is no way for the vast majority to even think that it could be suspicious.
people in general need to be more wary of what they download and run on their computers.
the examples in this video were programs to try and brute force crypto wallets which is probably to try and steal someone else's crypto. not that i am for it but those people should at least spend a little bit of time researching the thing they want to do.
In that case, I think those people are simply "fair game". Let them get hacked. There's no pressing need to put millions of dollars into making github an over moderated, child friendly, script kiddie centric shithole.
i hate computer illiterate people.... (jk)
I am so used to crypto meaning cryptography that I was like, surely cryptographic bruteforcing isn't *that* impossible, then I read the description of the first git there and it finally clicked in my brain
wdym no source, they have the source code for readme!
How do you make those apps use proxy at 7:26? Like normally random programs don't use proxy unless they have config options available.
Wireguard (VPN) is used to tunnel all network communications through another device (maybe a virtual machine or a Docker container) that is running Mitmproxy, which can act as WireGuard peer, intercepting all traffic going through the VPN. So, it is not just a regular proxy.
@@vladko312 But how you make those apps not complain about self signed certs? I have seen programs that don't care about windows trust store but rather bring their own.
837 stars, we are cooked chat
almost wanna say they're botted by the same people that get their accounts compromised lol
Can you tell us how you did the setup with the mitm proxy and wireguard?
I dont understand why github doesnt do anything, since its a bit obvious, just the amount of star / no fork should be a big red flag
So all small projects should be banned because they dont have forks or stars?
Yeah this is impossible, and would unjustly punish new and small projects.
They just need people to report these projects and to respond to the reports in a timely manner
@ShivaTD420 I didn't say delete/ban or anything, just alert the moderator to take a look
A lot of repo are very obvious and/or are just straight forbidden by the tos
Edit : report doesn't do much in general, unless there's a mass report (in general do to a public figure asking fans)
@@Landee Well said
@@LandeeI don’t think you use GitHub. They do need to add reporting features to report accounts
you know its sketch just by the fact theres a password on the zip lol
Is there a reason antivirus programs dont just instantly flag it if it has code trying to detect an emulator? I cant think of a valid reason I would want to run a program that does that.
Anticheat/DRM?
@@PixlRainbowDRM is pretty much malware
and sadly thats how the world works
very hypocrite ngl, on a bright side, we have linux
It's not trivial to detect that.
That's nice but i bet if you guessed my key it'd take 10 days on average because of my luck.
Hey Eric, cool video as always.
A new free video game has been released called "Delta Force". The steam reviews are mixed, mainly due to it installing kernel level anti cheat and (supposedly), not removing it after uninstalling the game. Would be very interesting to see a video on that.
Played it >20 years ago, wasn't that good
the "user" username is getting evaded because the virustotal sandboxes have "user" username by default
Under most free software licenses, the source code only has to be available for those who ask for it
16:07 Love the way this part sounds when you say "Ran" and "Bag" at 0.5x speed 🤣🤣🤣 Great Video Though!!!
"User" is also very often the username on prebuilt machines
Combinatorics says it's a difficult problem with a large problem space, but surely M$ doesn't want to be seen hosting shady stuff.
Should take a look into rar ratting if you dont know or never heard of it theirs a way to rat someone that just extracts a rar file without even opening any contents just extracting or viewing files its a method someone in my com made isnt rly used that often but people are still ratted by it
Small chance but can happen, my exodus account got broken into while i was asleep, i know it was bruteforce because i used a separate phone for it with only exodus installed, it was like 2k so it sucked for me man
bruh no way it was brute force 💀 or you're actually the unluckiest person across all of time
@theairaccumulator7144 yeah kid prob got compromised elsewhere
This is equivalent to those 'PayPal mod infinite money unlocked' apps. XDD
Who remembers the Large Bitcoin Collider project from a few years back?
PLEASE tell me you're in a VM lmfao
VM confirmed at 15:00, as I was
I'm wondering why you would assume someone doing malware analysis is not using basic security practices?
@@shinigamisenpai3303 I may be stupid
What is this mitmproxy?
Is this like wireshark but better?
I curently use Fiddler for my web means cuz it can decrypt tls, and wireshark for the rest
There are quite a few legit github repos without sourcecode. Idk why they have to be on the source code website then, but things are as they are, lol.
You're videos are always so great bro. Appreciate you💯
Eric downloading all the malware on the internet so we dont have to ;-) Interesting to see what tactics they are coming up with, as always.
you know what else is more massive then the function?
Your mum
low
@@Kobold666 bro does not know about the massive meme
@@sierra991 TAPER FADE
@@2alcpvp..... my mom?
7:36 NANI
The thumbnail reminded me of Megamind
I hope your videos start getting more views
putting the sponsorship so close to the beginning is insulting. i don't even know if i'm going to enjoy the video yet and i already have to see an ad. at least put it near the end so the people who see it have actually gotten something from you.
Hello Eric!
I have zero sympathy for victims that downoald a "crypto brute forcer" i mean come on man
Ojalá pudieses subtitular estos videos al español también ya que me interesa
Are you using a virtual desktop? I thought you couldn't download malicious files or extract it. Im guessing it's okay unless you don't click the exe. Also, do you have an antivirus installed you'd recommend or do you just use a site?
In this video he's using a VM - Yes. Modern Windows Defender comes installed by default, and is better than most paid ones these days, so that's fine.
NEWWWWW VIDEOOOOOO
Paws at eric❤
Paws at paws at you
is this a threat?
Yes
Thanks for the forecast! I need some advice: My OKX wallet holds some USDT, and I have the seed phrase. (alarm fetch churn bridge exercise tape speak race clerk couch crater letter). Could you explain how to move them to Binance?
😮
Lol
Lmao even
Um should I feel bad about people getting hacked when they want to take actual money out out of someone else's hands....
🤷♀️ no idea. on one hand, they are trying to rob someone else. on the other hand, if they are trying to do that, chances are likely they are very desperate for money to afford living and in this society, money can be hard to come by and easily goes. ofc the malware is going to be targeting those who are attempting a crime cause they know those people are very unlikely to get law enforcement involved, due to the nature of why they had ran the malware to begin with
Great video. I am a new fan of your channel and I love your vibe. Also, I can't tell the difference between the two Bottega bags, the kislux is close and cute, so that's enough for me. I will bring my friends to buy.
Yeah if they are trying to be honest about being open source they’re could just have Gitlab or Gitea as backups but no “we like To be scammy as possible”
cjit is same open source cringe
hi!
Kids, a Yubikey is an investment not an expense.
E
what if every program was as easy to decomp as a exe made in pyinstaller🥰 would be good and bad
Good luck to decrypt hash 256 for billion of years.
It's actually O(1) if you're tremendously lucky :^)
@@erikb4407 That reminds me of the funniest sorting algorithm ever.
@@hedgehog3180bogo?
recommendation to turn on dark mode, for our eyes and yours, please!!!!
My man.
I can't speak for Eric but for me, dark mode doesn't work well as I have astigmatism.
@@steeviebops i also do, however i have glasses, but even without them i don't think it makes a difference whatever the background color is...
54 seconds ago!
Day 8 of asking u to take a look at Solstice client its a minecraft bedrock hack client with a decent community.
So its not malware?