Stop Hackers With This!

Thanks :) Pretty sure half the time I spend making videos is spent researching weird corners of the internet

@@Seytonic where do you do your research?

@@S_MAN_CHAN Weird corners of the internet

@@Seytonic PLEASE PLEASE PLEASE do a segment on these recent Instagram hackings. I’ve had 3 personal close friends get their account taken, passwords, emails, and numbers are changed and then plants recovery methods to resteal the account even after they have changed the emails and logins to their original owners. So many people fall for this and don’t know what to do

@@Seytonic the spam bots are even only spamming in positive comments because TH-cam report buttons doesn’t have a “spam” button, the closest thing it has is misinformation which might not be enough to flag spam

The apps I use show me the first and last 4 as standard and I have to tap to see the full string, makes my life a lot easier

Hw wallet like ledger helps too.

dumb, cliploggers are usually run with keylogger in another thread so it wouldnt matter. create a new virtual desktop instead thats separated by the kernel so hooking malware wont have access to you

@@CU.SpaceCowboy a keylogger wont change the keys you press?

​@@michaelvick2872clip logger, not key logger

there should be a way to not allow non medical companies to use red crosses just like people are not allowed to use red crosses if they are not medical.

@@thankarezos yes this is true. But this all just relies on the Honor System, you have to trust no one will misuse these protections.
Likewise this only stops honorable bad actors as well, if someone still wanted to attack these systems they would.

@@HarryBallsOnYa345 with technology its actually easier. For example isps won't issue medical ips

@@thankarezos There is, hospitals can prove who they are, that's how they can buy medical supplies that are otherwise restricted. So it could easily be done with a list of IPs, could just deny anyone who can't prove they're a hospital from getting on the list. Probably wouldn't even need a third party, hospitals could just maintain it themselves as they're the ones with the most to gain from not abusing the system. And hospitals being in charge of it would ensure it was strictly hospitals and not something like a drug researcher that sort of qualifies as medical but not really.

It would also make it even easier for evil hackers like like the conti group who specialized on targeting hospitals with ransomware. Because hospital are very desperate to get that data encrypted again

prime example of intelligence and wisdom do not overlap

There's no statute of limitations on civil asset forfeiture. It only requires the property to be presently in the possession of someone suspected of having obtained it illegally. If I rob a bank and 5 years + 1 day later I get pulled over with $300,000 in sequential banknotes on the back seat, the police will gladly take it.

@@marc-andreservant201 True, but the law in its current form is abused, as in even if they suspect you of a crime, or claim they suspect, they will cite that as the reason and seize your assets, even if you are innocent, but proving such innocence in court and getting your property back is nearly impossible.

@@anon_y_mousse Yep. In fact, the value of property seized in civil asset forfeiture actually exceeded the value of property stolen in burglaries in 2014, 2015, and 2019.

hackers and cybercryminals are not psycopaths. they just criminals that want to profit from that, they dont do things just for giggles. also if you want to target hospitals ect you can easily find the ip you dont need the list. the list is so the malware knows not to. also in wars, soldiers dont want to kill but they 1. follow orders. 2. kill not to be killed.

I appreciate the comment my dude :)

They "don't" want to hack them, they "accidentally hack them".

@@exoticlol yeah, im just offering an potential alternative long-term solution

@@salihtaysi As noted in the video, malware *_does not know_* what computer, server, domain, etc. it is in and will do it's work regardless of it. That is the reason they're trying to find a viable digital identifier for healthcare services. A single purpose physical server simply is not that and does not work as a valid identifier. Thus, your proposal does not work.
Also, you're a tad arrogant to think that the researchers trying to solve this issue are do damn idiots that they didn't think about it. No, your idea is among the first ones that would come to anyone's mind even if they don't have any knowledge on digital security.

@@anteshell honestly this is like putting a sign outside a shop in a bad neighbourhood saying, please dont steal and thinking thats enough to work. If I or anyone else doesnt give a fk about you, we just ignore the "identifier" and burn your shit down anyways and rob you blind. People think most hackers care. Like calling them honest criminal.
Hospitals should just use the usual it professionals to secure their shit, you know, the usual.
This red cross nonsense honestly pisses me off and makes me want to exploit their system.

​@@reegyreegz No, it's nothing alike. There are enough people who respect the boundaries on healthcare that this has much potential to make things a bit easier for them. It's quite different to be playing on the lives of tens, hundreds even thousands of people than burglaring a few TVs and jewelry. Not even criminals without a moral compass and the vast majority of them would not want to be responsible of killing people. Besides, no-one is saying that there still aren't any bad actors who'd ignore this stuff.
Hospitals ARE using professional security measures. The digital red cross is NOT supposed to substitute for them.
Also, what are you, three years old? At least you act like one. The best way to order them to do something is to say they should not do it. Besides, you don't even have any idea who you'd be attacking. You clearly imply hospitals, but they are not the ones behind this concept.
Grow up a little, kid.

if it's profitable for the feds, yes

I mean, you're still a thief even if you only steal from other thieves. Just don't get caught! 🤷

@@InternetRacks I wonder if the agents get to keep it for themselves or if it goes directly to the agency 🤔

@@mrbanana6464 I'm pretty sure it goes to the agency, but I wouldn't put it past them to be receiving a large bonus this year.

What password manager if you don't mind?

@@ppDomino Bitwarden

You just HAVE to hate feds no matter what your ideology or backgound is, its just natural

Agreed. I think the US government has a massive amount of overreach.

I’m just glad that James Zhong is getting fucked. I hope gets the maximum time possible and that he ends up homeless after he gets out.

And on top of that they wanna jail him for up to 20 years? Seems way overkill if you ask me.

@@josh_d_k Especially when he targeted a three to four digit haul, not nine to ten. Feds always overreach when it comes to their personal interest.

So stupid to stay in the US. He could've moved anywhere in the world with thak kind of money. Especially if he had bought an unkown amount of XMR

very nice, but pseudo-code*

This is very easy to bypass

works perfectly*
* if the hacker doesn't just, i dunno, wait 30ms before pasting, or replaces the clipboard before and after the paste

​ @Jabster28 The e.key (and CTRL equivalent) only fires when the keys are pressed *in the browser*. Hell I could even throw in 'document.oncopy = (event)...' as even this only fires within the user agent.
Unless the external program simulates a CTRL and C keypress/event in the users browser after changing the clipboard; just 'replacing the clipbaord before and after' wouldn't work - I'm sure even windows defender would find simulated keypresses or forced event fires onto a browser highly suspicious.
The hack program would have to manage to perfectly time it so the changed clipboard pastes and changes the clipboard back all before my script
Even if the program directly changed the pasted input in the browser; it would def get flagged by an AV either way.
The entire point of clipboard jacking *is so that the hack does not have to interact with the browser at all to seem as mundane to an AV as possible*.
I fail to see how waiting any time prior to or after the user pasting would do much of anything, the script would still be checking the clipboard for changes, not the input - it doesn't update the 'clip' variable *at all until* CTRL+C is pressed, the script would still spot the tampering.
This isn't a 'one shot' script, it loops forever using sleep.
The only real issue with the code is that, on the copy of the address when pressing the 'copy' button instead of doing CTRL+C, it wont trigger the CTRL+C check ever as the 'copy' button just copies directly to the clipboard and does not simulate a keypress, something the script wasn't made for anyway - but even then that's an easy fix, again just add a 'document.oncopy = (event)...' second and you're all good.

I'd at least take apart a blender or something and hide it in there :D

@@tips1483 Do what my alcoholic relative did. Put it in a Ziploc bag in the toilet tank. I gotta hand it to them.
It at least will be colder than in the open on hot summer days. 😂

@@nomore-constipation yeah, only issue is I’ve heard of that too many times they must check that

@@tips1483 Well if you really want to go all spy games. Then might I suggest off-site bugout bags. Hollow out a tree or something similar close to the property but not all in your property. Gotta give them the illusion they found your stashes 😏
When I lived on the school campus we used fake floor & wall trim panels with magnetic locks.
So it's basically it's setup like the retail tags on clothes. Get a strong magnet on the right spot and it can easily pull open.
It's where we hid our contraband. 😐

Honestly, by "ruining" their system it could save them money in the future if they had to reinstall because of it, getting rid of the malware in the process.

Why would the malware wait for the user to edit their registry.. instead of doing it itself xd?

@@edgay What they meant is the user editing registry by themselves and copy & pasting something from somewhere and the malware editing the string that was copy & pasted in the clipboard. But yeah, unless you are pasting crypto wallets directly into the registry, I don't see this happening. :D

@@B0wser998 There are application UUIDs. Maybe they could be slightly similar.

Disregard my other comments. I was dumb lol

I mean he probably didn't have a job and was spending thousands of dollars

I think luck. I don’t know how true this is, but I read that he called to report a break-in a while back and mentioned having “a lot of bitcoin” which triggered investigation for tax evasion, escalating into this.

genius

>it was obviously an almost untraceable medium
Bitcoin's blockchain is, and has always been, public. Anyone can see the transactions. What can be hard to do, is to link a Bitcoin address to a specific person. But as he purchased many things with his Bitcoins, I guess this is how he got caught.

Every BTC transaction can be viewed on the blockchain. It is not untraceable.

@@TheGTP1995 back then there were almost no parties logging or tracing IP addresses to specific transactions, anonymity was reasonable as long as he mixed the coins

@@TheGTP1995 that’s a good point though maybe they found the man not the crypto

@@Beknown107 This has little to nothing to do with IP addresses. You can link an identity in many other ways. E.g. in the video it is said that he purchased gold and silver bars. How did those end up in his home? If these were shipped to him, he must have given an address. Maybe not his home address, but still some physical location where he had to go to get them. So they could have got him on some camera nearby. Or if he went to a physical store to collect them, police could have gained information on him by talking with people working there.

How will it check what you last copied? By reading the clipboard. This malware changes your clipboard. You're better off writing your own program that keeps track of your clipboard and makes sure nothing changes it, alerting you if something does.

That won't work if you're infected with malware. Usually if one is running on your system the rest will follow, since they come in bundles and even download more stuff.
In the case of a rootkit, your kernel is compromised. So, everything running on top of it is compromised. In the case of a malicious filter-driver, everything can be changed, hidden, and stolen from you. If you have a RAT or Remote Access Trojan then everything you do is compromised and you even have a human creeping on you for extra horror. A worm, worst-case-scenario everything you own is compromised now. A persistent malware that infects your UEFI, safe mode in Windows and even likely Linux won't keep you safe. A persistent malware that infects a firmware chip on your motherboard, Optical Media drives, hard drives, USB Flash drive controller firmwares, etc., God can't even help you there.
If you're PWNED, you're BONED. So don't think a virtual workspace will save you if your main one is now untrusted. Everything on the top layers are untrusted as well.

@@Jeff-ss6qt agreed, a shell is a shell and it really wouldnt matter. it would only be practical on a company computer that might monitor your activity

Yes, it would be very stupid of a multi-billion worth SD card owner to just hide it without any encryption in a bathroom cabinet. You'd think that no one is going to look for it there, but the "good old-fashioned police work" is exactly this. Once the person's a suspect, they're going to inspect every possible hiding place in their home, and not just for SD cards.

For the amount of money it is, I bet they will use some supper computer to crack in few days.

@@DRSDavidSoft They would even smash through the walls too.

@@DarkGT that is infeasible, no matter how big a server room you have.

@@chri-k That's correct if you use a proper encryption scheme with large keys, which is what the owner should have done.

Holy shit, 9 digits of similarity? That's over 68 billion possible private keys you'd have to convert. Even at some crazy, modern GPU speed, like 1000 Mkeys/s, it would have to run at max processing speed for over a minute. And that's over 5 terabytes of pre-computed keys. Even if you got unlucky and one of the digits was just randomly correct, it'd still be several seconds of processing, or hundreds of gigs of pre-computed keys. I really wonder how they manage to do something like that.

Only if they hijack the wallet/payment app. If you have a webwallet is a bit harder to do and a core wallet needs to be hooked in and modified before the data reaches the chain

Store it in cloud with an additional recovery key that could be remembered instead of written down? I think some special opsec and/or transfer mechanism should be developed and used for anyone having such wallets.
Any cryptocurrency wallet containing >1B$ should be stored with careful considerations, as it's similar to an account containing unlimited amounts of funds for a regular person, during the lifetime of that wallet use.
You can't just put it without any encryption in a bathroom cabinet, lol

not to mention SDcards are like the worst forms of storage - they constantly fail on when i play with my RPi, would never there to store there a wallet with one coin, let alone exceeding billion dollar
he should have generated a private key through some mnemonic and then use that to encrypt the private key of the wallet and distribute that into multiple places both online and offline, no wonder certain anon orange crypto is better than shitcoin

@@DRSDavidSoft I don't know if you've ever thought about it this way before, but 1 million seconds takes 11.57 days to elapse, while 1 billion seconds takes 31.71 years to elapse. If you had a billion dollars you could spend a dollar a second for decades and not go broke.

@@anon_y_mousse Exactly my point, there should be a system in place that's developed exactly for spending huge amounts of cryptocurrency from anywhere, without ever needing to retrieve a key from a SD card in a bathroom cabinet.

Lets be honest, the majority of low level cyber criminals are likely script kiddies who don't probably know how to code at all.

Yup,
Malware by subscription and these idiots will be surprised when the malware hides other malware.

I think they might be paying for the computer power needed to brute-force it.

I just check the whole address side by side. Unfortunately I had to pay $10k to learn how necessary that was 😅

You're right, hospitals shouldn't be connected to the internet.

Makes you wonder how such a malware gets installed on your machine in the first place, I would take an image of all executables for further inspection.

@@DRSDavidSoft yeah

Most cyber criminals have already pledged and not too we just need something that doesn't blow the cover so they will actually use it

@@Quacking-duck keyword being most... Now that will just leave our medical establishments more vulnerable to nation state hacking... Especially during wartime. Does anyone think that the Geneva convention actually matters?? Come on people you need to build a real wall not just a fence that says keep out!!!

If somebody doesn't follow the Geneva Convention they going straight to prison and if you can't take it to prison they're gonna give you a huge debt

@@Quacking-duck tell that to Russia who has been committing atrocities in Ukraine yet the sanctions aren't working worth a crap. Where's your GENEVA convention now huh?!!!

The difference is that cyber criminals want to avoid attacking hospitals.

Some people want to target Red Cross, however your concern is valid. A hacker is disconnected emotionally from their actions as they don't see the people they're affecting unless they go out of their way to consider it consciously. A soldier in a battlefield has to choose to kill someone they see with their own eyes. They can't unsee the "human" they're hurting unlike how someone staring at a screen can.

Air gap the ultimate defense

probably something like "great as long as you don't unlock the file system"

@@Hyperboid oh think that's where I missed up. Lol

how would he know

Anything that has access to the clipboard could do it. So, probably a lot of different things.
Chrome and other modern browsers don't give access to your clipboard by default and you have to explicitly allow it for each site, for example. But, otherwise, everything running on your computer under your current account can.

While gaining access to good old fiction books etc. is potentially problematic, I don't have any problems downloading scientific publications (books or papers). Paywalling "knowledge" is fucked up, especially when a single textbook could run you hundreds of ~money~. Fuck that system. Again, downloading "normal books" is likely not as black and white, but contrary to scientific publications, these texts/books often drop significantly in value - especially on the secondhand market. Here it very much depends on the author/publishing house imo. Do I care about people ripping the new Stephen King book? No, not at all. What about a indie-publication? Yes, as long as you have the funds you ought to give to the author. Don't have the money or no (convenient) way to buy the book? Find the author's patreon or alternative to give that way. Also not a thing? Fuck it, download and don't look back.

Yes. For all books.

is it morally right to use the internet archive to get old books? or going to the library?

piracy is always morally alright

Who cares, just do it

Yeah cause everybody had 600k to spend in 2012...

​@@Lrripper Merely having $600K in 2012 does not automatically make you sussy baka. In the USA anyway...

@@joez.2794 They'd probably look into his tax records. If he lied about having $600k he'd be in even more hot water, especially with the IRS. They'd want their cut of the money from something he never actually had to start with.

The criminals which are intelligent and do that do not get caught or attract public attention, meaning that we only get to see reporting on the stupid ones.

In this billion dollar heist, he was probably scared. He likely felt like a wanted #1 criminal when the haul became worth millions, hunderds of millions and then a billion. His original goal was to scam a illegal platform for couple of hunderds - thousands of dollars, not 9 to 10 digits.
In his shoes, I would have planned months long a out of the country route, once it hit $million+, cuz that's getting real heavy in the eyes of the local laws.
Transparent chains are toxic, this is why everyone should use Monero, nobodys business what you're doing. Obviously don't commit illegal activities like wire fraud though.

@@RedOneM I am very pro-privacy but financial privacy is a case where I do not think you should not have full privacy.
Money is power and money is involved in the majority of criminal dealings. The current banking system has issues but the experience for normal people really is fine.

@@mx338 So you never pay with cash?

@@RedOneM I do but there's limits on how much you can pay with cash, without ID. So I don't see a problem with cash.
You also can't just send cash with a click of a button to the other side of the world.

You can fix an sdcard to a degree, you would have to make sure the NAND itself was destroyed for it to be unrecoverable, the smart move would be to not store a billion dollars on a single, relatively unreliable piece of flash and not even fully encrypt its contents.
I mean seriously, this guy was loaded and was too cheap to buy 3 or 4 encrypted hardware wallets or even several sdards, to split the money and store each separately apart from each other? This must have been hubris, because I don't get how you can steal so much money and still be so stupid to think you won't get caught or anything happen.

@@vgamesx1 I sat that destroy the sd card till it's pile of dust

NEVER TAKE A GREEDY BAD ACTOR BLACK HAT HACKER AT THEIR WORD THAT THEY WILL NOT TARGET YOU FOR ANY REASON. THAT IS GULLIBILITY WHICH IS EXACTLY WHAT HACKERS EXPLOIT THROUGH SOCIAL ENGINEERING.

If you don't protect bad actors, they have no reason to cooperate with your digital red cross. It's the same as the reason why medics aren't supposed to shoot enemy soldiers.

@@diablominero they have no reason to cooperate, they're bad actors. They act like they have a reason to cooperate but all is fair in love in war. I don't know one man who would pick the Geneva Convention over being handed $1,000,000 tomorrow to break the rules of engagement.

Yes, but it gets the attention of the media/government, which leads to ransomware becoming more of a hot topic - which is bad for cybercriminals'' business.