Agree - after installing a water heater and consequently exhausted there should be a little feeling saying - maybe I should not download this file because I am too tired to think straight, I'll just leave it until tomorrow. Thanks for the story, Clark, and the split up update and I hope you can keep your yacht.
We are all so vulnerable, even the smartest of us. I was one key stroke away from giving total access to my pc a few years ago. The alarm bell rang just in time but I was that close.
Sorry for all these troubles! I hope life is soon ending offloading all these difficulties on you, and the nice things will start coming again! :) Keep your spirits up :)
Hope the best for you Clark. I could give all these platitudes about life having its ups and downs, but you have lived to long and are far to smart for that. I will just say there are many of us that mostly sit silent in the background and may never have met you in person but, that care about you and wish you the best.
Sorry man, this is so deflating, and older family member of mine lost all of their retirement this year, not quite the same, but the soul emptying feeling is. I feel where you’re at.
Sorry for your troubles Clark. Best wishes on your recovery efforts. I had to move all my financial and important services to unique email addresses. Ideally none of them on Gmail but somewhere that requires passkeys to log in. We're all just a click away from being in the same boat you were.
I’ve been interested in bank managers since first video you put out. Almost ready to upgrade system but I’m a construction worker so money is tight kinda glad I waited so I can get the best version.
It happens to the best of us Clark. Don't beat yourself up too bad. Things will get better. Is there a way to order Bank Managers these days or is that all off-line for a while? Keep the good stuff coming.
I could always do it over email. But my shipping woman's dad just died so a week off is a good idea. I hope to get the site up again soon on a different url
Thanks, Clark. Will there be any new videos in the "Enough is Enough"-series? It's your most popular video and the topic is more relevant than ever. We need your tech business skills and experiences.
Not a bad idea. But... When I switched from that to sailing I lost subscribers. Then when we took the camper trip it happened again. TH-cam viewers are a touchy lot and I'd really like to see 100k
When you said "They can't use this youtube channel for nefarious purposes." I took a close look at your face to make sure it wasn't computer generated...
I appreciate the video, it opened my eyes even more as I considered my own email account vulnerability. What I'm not clear on is exactly how the hackers were able to change the Gmail password. The trojan executable likely installed a remote command/control app, allowing the hackers to access any logged in accounts. However, to change the Gmail password, they would either need either the old password, or respond to a password reset code sent to ones phone. How were they able to get past those gate keepers to change the password and lock out Clark? Did Clark enter the Gmail password, before he knew the system was compromised, such that it was captured via keyboard logging? I believe that a hardware key or device based passkey would protect from this, or would it not?
I assume they just downloaded the password list from chrome. I was using that feature and the machine was logged into chrome. I typed nothing during the window.
@@Clarks-Adventure Thanks for the response. Yes, that could do it. Although I don't store passwords in my browser, I do use a password manager browser extension that would likely be unlocked if I was using the machine, so I have a very similar vulnerability. The generally recommended practices would not have prevented this. Need to think on that and come up with an approach. The thought that running a single bad executable would allow much to be quickly compromised is just not acceptable.
Curious, do you have file extensions hidden in windows Explorer? (windows default behaviour) This has always presented as a major security risk in my eyes. Also questionable are web browsers downloading files as soon as you click on some random link, instead of presenting a modal dialog
1. I never allow browsers, phone, operating systems, etc, to save passwords, figure a system & use it religiously. 2. Data Backup: Memory is stupid cheap, back up EVERYTHING to microSD period, all devices (computer, tablet, phone, anywhere you keep "originals")! It's a pain but that one time something vital goes missing or you get hacked... I do this about every 6 months but probably should halve that to 3 months. When I had an office with 30 employees our data was the MOST valuable thing (cost to recreate it!!!) so it was daily physical backup to off-site. I just saw a 1Tb microSD for $85us.
@@EngineerMikeF Same here. Don't use Cloud backup for important things as despite all the grand claims about their security your most secure data is on a device that has no internet connection so no WiFi connected backup devices either. Also don't use laptops, tablets, phones or other battery operated devices for secure transactions since its easier to unplug a desktop PC's power cord and kill all activity than to stop a device with a built-in battery. Back in my days at a SCIF you had to use SneakerNet to get data off or into a computer with sensitive material on it meaning you had to save it to a disk, walk to a non-networked clearing computer with nothing but security software on it to clear the data and then walk the cleared data to the SCIF network to consume the cleared data. Sensitive data was in Tight Faraday Caged rooms/buildings too that prevented that type of data mining but would be a bit more than what most casual users require. If I get an offer supposedly from a major brand, especially if its not from their corporate email account, phone exchange or website I forward the address/phone number of the communication to their Cyber Security group for them to decide what to do about it. Most times they tell me its not legitimate and ask if I can forward them a copy so they can share the info with the FBI's Cyber Crimes division. Globally much, much stiffer penalties need to be levied against these Terrorists so be sure to call the FBI or its equivalent agency in your country and inform them when your attacked whether you end up being a victim or not. Once the risk to these Terrorists is made high enough that its no longer profitable to even try, then you'll see these incidents declining rather than escalating. They often reduce their victims to a life of hardship and misery for the rest of their lives so the punishment should be hardship and misery for the rest of these Terrorists lives. Punishment should be having to swing a sledge hammer to make piles of big rocks into smaller rocks and repeating the process until they have made cement or some other type of productive non-digital hard labor that will pay for the incarceration with no burden on law abiding citizens along with mandatory restitution. Best!
Once you've got everything set up as you want it, create an .iso of your computer, if you need to get compromised you can just reload from the .iso file.
What an ordeal! Is your battery spreadsheet still available or did they get that too, please? I bought an Elefast due to your relative rating and the specifics for each battery. You provide enough information to make a good decision but not so much that people will not look at the complete presentation. A T Burke. P.S. Years ago I got one of the first ransom ware shut downs. Fortunately I had the services of a high level Apple company programmer who was able to break the crooks' hold so I did not have to pay.
If I'm unsure about something I've downloaded, I open it in a virtual machine that has essentially nothing installed on it and is not logged in to any of my real accounts. That's only going to help though if I'm skeptical of the download.
I'm in the IT industry and it is just so easy to let your guard down. All the best for getting things restored
Agree - after installing a water heater and consequently exhausted there should be a little feeling saying - maybe I should not download this file because I am too tired to think straight, I'll just leave it until tomorrow. Thanks for the story, Clark, and the split up update and I hope you can keep your yacht.
We are all so vulnerable, even the smartest of us. I was one key stroke away from giving total access to my pc a few years ago. The alarm bell rang just in time but I was that close.
Sorry for all these troubles!
I hope life is soon ending offloading all these difficulties on you, and the nice things will start coming again! :) Keep your spirits up :)
I'm glad you shared how this happened! I've seen other creators get hacked, but they didn't reveal how
Yes. It's kinda embarrassing. But if I saved someone else ...
Ooooooooohhh my goodness! .... the dark side of celebrity. Take care there Clark. Wishing you ongoing great health and happiness. 🌞⛵🌴
Hope the best for you Clark. I could give all these platitudes about life having its ups and downs, but you have lived to long and are far to smart for that. I will just say there are many of us that mostly sit silent in the background and may never have met you in person but, that care about you and wish you the best.
Great tips, and I am again sorry for what you’ve had to go through.
Oh man that really sucks! Glad you were able to manage this issue within reason. Thank you for the info.
Sorry man, this is so deflating, and older family member of mine lost all of their retirement this year, not quite the same, but the soul emptying feeling is. I feel where you’re at.
Looking forward to the upcoming video on alternative use for a Gen 2. There are still plenty in stock, too.
Sorry for your troubles Clark. Best wishes on your recovery efforts. I had to move all my financial and important services to unique email addresses. Ideally none of them on Gmail but somewhere that requires passkeys to log in. We're all just a click away from being in the same boat you were.
I’ve been interested in bank managers since first video you put out. Almost ready to upgrade system but I’m a construction worker so money is tight kinda glad I waited so I can get the best version.
There might always be a new version. But the first one I released (and everyone since) has been better than anything that charges to a voltage.
Oh FFS! Get 'em Clark!
Sorry for the experience and thank you for the info.
Thanks for the heads-up Clark. Hang in there Sir.
Thanks for reporting this
Thank you for sharing and the education. As usual it is very relevant and appreciated.
Hang in there. Remember always - Something can be done about it.
It happens to the best of us Clark. Don't beat yourself up too bad. Things will get better. Is there a way to order Bank Managers these days or is that all off-line for a while? Keep the good stuff coming.
I could always do it over email.
But my shipping woman's dad just died so a week off is a good idea. I hope to get the site up again soon on a different url
Thanks for sharing. I'm not a big sailing channel yet. I will keep aware.
Thanks, Clark. Will there be any new videos in the "Enough is Enough"-series? It's your most popular video and the topic is more relevant than ever. We need your tech business skills and experiences.
Not a bad idea.
But... When I switched from that to sailing I lost subscribers. Then when we took the camper trip it happened again.
TH-cam viewers are a touchy lot and I'd really like to see 100k
When you said "They can't use this youtube channel for nefarious purposes." I took a close look at your face to make sure it wasn't computer generated...
Clark - I really like the name "ASK CLARK" as a new name. Clark what did they Demand? This sounds so CHILDISH. Please report them to the FBI.
I appreciate the video, it opened my eyes even more as I considered my own email account vulnerability. What I'm not clear on is exactly how the hackers were able to change the Gmail password. The trojan executable likely installed a remote command/control app, allowing the hackers to access any logged in accounts. However, to change the Gmail password, they would either need either the old password, or respond to a password reset code sent to ones phone. How were they able to get past those gate keepers to change the password and lock out Clark? Did Clark enter the Gmail password, before he knew the system was compromised, such that it was captured via keyboard logging? I believe that a hardware key or device based passkey would protect from this, or would it not?
I assume they just downloaded the password list from chrome. I was using that feature and the machine was logged into chrome.
I typed nothing during the window.
@@Clarks-Adventure Thanks for the response. Yes, that could do it. Although I don't store passwords in my browser, I do use a password manager browser extension that would likely be unlocked if I was using the machine, so I have a very similar vulnerability. The generally recommended practices would not have prevented this. Need to think on that and come up with an approach. The thought that running a single bad executable would allow much to be quickly compromised is just not acceptable.
Curious, do you have file extensions hidden in windows Explorer? (windows default behaviour)
This has always presented as a major security risk in my eyes.
Also questionable are web browsers downloading files as soon as you click on some random link, instead of presenting a modal dialog
I show extensions. I just made a stupid move.
1. I never allow browsers, phone, operating systems, etc, to save passwords, figure a system & use it religiously. 2. Data Backup: Memory is stupid cheap, back up EVERYTHING to microSD period, all devices (computer, tablet, phone, anywhere you keep "originals")! It's a pain but that one time something vital goes missing or you get hacked... I do this about every 6 months but probably should halve that to 3 months. When I had an office with 30 employees our data was the MOST valuable thing (cost to recreate it!!!) so it was daily physical backup to off-site. I just saw a 1Tb microSD for $85us.
@@EngineerMikeFI run a full backup of all of my VMs nightly onto a rotating set of removable drives, one of we which is always offsite.
@@EngineerMikeF Same here. Don't use Cloud backup for important things as despite all the grand claims about their security your most secure data is on a device that has no internet connection so no WiFi connected backup devices either. Also don't use laptops, tablets, phones or other battery operated devices for secure transactions since its easier to unplug a desktop PC's power cord and kill all activity than to stop a device with a built-in battery.
Back in my days at a SCIF you had to use SneakerNet to get data off or into a computer with sensitive material on it meaning you had to save it to a disk, walk to a non-networked clearing computer with nothing but security software on it to clear the data and then walk the cleared data to the SCIF network to consume the cleared data. Sensitive data was in Tight Faraday Caged rooms/buildings too that prevented that type of data mining but would be a bit more than what most casual users require.
If I get an offer supposedly from a major brand, especially if its not from their corporate email account, phone exchange or website I forward the address/phone number of the communication to their Cyber Security group for them to decide what to do about it. Most times they tell me its not legitimate and ask if I can forward them a copy so they can share the info with the FBI's Cyber Crimes division.
Globally much, much stiffer penalties need to be levied against these Terrorists so be sure to call the FBI or its equivalent agency in your country and inform them when your attacked whether you end up being a victim or not. Once the risk to these Terrorists is made high enough that its no longer profitable to even try, then you'll see these incidents declining rather than escalating. They often reduce their victims to a life of hardship and misery for the rest of their lives so the punishment should be hardship and misery for the rest of these Terrorists lives. Punishment should be having to swing a sledge hammer to make piles of big rocks into smaller rocks and repeating the process until they have made cement or some other type of productive non-digital hard labor that will pay for the incarceration with no burden on law abiding citizens along with mandatory restitution.
Best!
Once you've got everything set up as you want it, create an .iso of your computer, if you need to get compromised you can just reload from the .iso file.
Great idea
What an ordeal! Is your battery spreadsheet still available or did they get that too, please? I bought an Elefast due to your relative rating and the specifics for each battery. You provide enough information to make a good decision but not so much that people will not look at the complete presentation.
A T Burke.
P.S. Years ago I got one of the first ransom ware shut downs. Fortunately I had the services of a high level Apple company programmer who was able to break the crooks' hold so I did not have to pay.
I think it's still there but I can't update it.
I'll eventually get it under control
@@Clarks-Adventure FYI Yes, it is there. I went direct to it by address.
A T Burke
2 factor auth next time and maybe try proton mail.
Please use MFA
Also never download files from strangers, it's the equivalent of getting into an unmarked van
(Sorry you got hacked, that's awful 😞)
There's no reason to run Windows these days. None. Run Linux, and if you absolutely need something, use a single-use windows VM.
Might be time.
15 years ago Linux was still too difficult to mess with for my general use. I used it for some military stuff I was doing.
Trojan baiting, air gapped sacrificial empty system or nothing. ❤
If I'm unsure about something I've downloaded, I open it in a virtual machine that has essentially nothing installed on it and is not logged in to any of my real accounts. That's only going to help though if I'm skeptical of the download.
Im sorry, but you shoudl have known better.