The irony is if one uses adblockers they don't see the sponsored content and malicious links in the search results -- but if the user acts like Google wanted and doesn't use adblockers, they can get scammed by the sponsored links in the search results.
Google should be held accountable for the damage caused to anyone whos data gets stolen using these methods. I hope the fact that the malware distributor is marked as verified would be a valid case in court.
The use the following method: they make a real website (white hat) and a fake one (black hat). When the google servers will access the page to verify it, they recognize their IP and show the real website, and for other cases, the fake one.
@@marcokoovka Well, I would say this is still the problem of Google. They need to develop better verification methods if they want to cash in on the ads. Or pay for the damages.
Google will have to pay another few millions or billions to the rich people in government in 10 years... They'll probably make that back with even more scummy practices
Yes, this is how it works. It's like when the FBI ran CP forums on the darknet where they (I hope that they didn't distribute those images and videos) shared it with predators to then catch them. This is how Google does now. They block all the adblockers so everyone gets ads so they can click on the malicious links to get viruses and who knows maybe some kind of ransomware. Sadly Google will never take the responsibility because Money = Power.
Hah, this is nothing. I been getting ads on homepage of TH-cam about cryptobot free money where you have to download app with malware ,for more than 5 years now, not only daily but every time I open TH-cam. So is my whole family. And here is direct quote from googles response to me in email: "Here's what we found We decided not to take this ad down. We found that the ad doesn’t go against Google’s policies, which prohibit certain content and practices that we believe to be harmful to users and the overall online ecosystem." This is the response on almost all of my reports. Even if I block the ad, or press, show less of theese. Exactely the same add comes up next day.
This is one of the reason why I am using adblock extension - to block sponsored search results. Also when I was doing training for new IT member to never click on sponsored links in google search. I think Alphabet should be directly responsible for sponsoring malware search results. Its should be same as with food in restaurants. If the food is stale it can be supplier fault, but you are serving the meal to the people.
WHY don't companies make authentication tokens device specific? Make authentication tokens only work on the device where a sign-in took place. And get invalidated if a different device tries to login with it.
#1 Red flag for me is sponsored links. simply scroll a few links down and you'll find what you need. also adblocker is essential and set up right and adjusted time to time
I was asking myself exact same question. Why do I need authenticator software in the first place? And @lev0x why would I uninstall malware bytes after scanning my pc in safe mode?
It is supposed to like name suggest authenticate, to give extra layer of security and make it harder to get into your account. What you are logically asking that if you are having this on your PC does this decrease my security? Well ask yourself do you have Password manager on your phone? If you do then in theory you have 1fa since if someone manage to get your phone and get acess to PM and 2FA app you are done. Same will happend in you would have them on PC. So if you are willing to have password manager only on PC and 2FA app only on phone you are in theory safer. But it would have drawback having to log in from browser on phone into for ex. bitwarden everytime when you are trying to log in. So what this people are asking for is quality of lifechange in login procedure that create vulnerability but most likely they already have it in their pockets everytime they walk away from home. And for the ending: thats why yubico is best option with aegis support: Create encrypten backup at aegis and keep it on encrypted pen/disc then delete app and use yubikey and it authenticator instead. There for you have safest version of 2FA with max comfort.
i was careless back then, when dling pirated apps, ended up running a similar exe file. got hacked and was wondering how since i have 2fa, and that’s when i only knew about stealing session cookies
@@YaBoyfelipe Im not super techy into cyber security stuff as well, but basically when you login into websites in your browser, the session gets saved so the website can determine if you’re logged in and when you logout and stuff. Therefore, 2FA is rendered useless since if the hackers get your session/cookie, the website would think it’s you and hence wouldn’t ask for any sorts of confirmation
@@kozuta8858 Hello goodmorning/night/afternoon question, how did you fix the issues or are you still currently fix the issue with this matter and what precautions did you take and what did you do to fix the issue?
I believe these desktop authenticators are meant for people who lug around laptops along with phones and tablets...not really for a tower PC. I wonder if they did that so the auth app could be accessible to more users, but that backfired since they aren't vetting copies, noticing something fishy about the digital signature, and removing them.
Run Microsoft Defender Offline Scan, Malwarebytes is also good. If you're still infected, might want to invest in a paid subscription for a good AV, at least for a short while.
Common people why are your Governments not forcing these companies to provide a secure/valid method of choosing an App from their store, and removing duplicates.
So, you uploaded the sanple and it gets flagged by 45 AVs. How does people get infected?? Surely micorsoft defender has to jump out and people have to suspect no? For real i dont understand how a malware that is so detected can even work
microsoft defender could've been one of the vendors that didn't flag it. they would need to send out a patch to update defender for this specific malware
Oh that's been her for a while now.. The amount of times I've spoken to a user that has just reset their AD password and MFA token, and is "unable to authenticate for some reason?!" only for us both to end up realizing he has installed a discount MFA , are more than a few :D edit: just to point out (as I see its somehwat different here) the fake MFA app was both in apple play and play store, and had the EXACT SAME logo as MS Multi-factor authenticator.
None the less, put the fault on google and Microsoft. They both have auth app, would not cost much to make built in chrome or Windows and sync to mobile, and as bonus you get to add otp with one click instead the whole shitty qr or copy paste
Yeah Ads. Everyone MUST use add blockers. And why would you use an authenticator on your computer - does that not undo the idea of 2fa. I use Microsoft authenticator on a phone - I would never use one on the pc.
This could have fooled me if I didn't understand the whole point of having an authenticator is to verify using a *second* device, and not the first one again. I retyped the url from your virustotal result and it does show my antivirus detecting it, so that's good.
The one shown that's "legit" is not the Google Authenticator from Google. Its the authenticator FOR Google Authenticator. Hell even the icon is not the same as the official Google Authenticator app. Its just an extension. Not made by Google.
I sometimes wonder who is behind these malware apps. Is there one guy operating or multiple haxxors under an organization? If there are multiple haxxors how they can trust each other? What if one hacks the other ones and runs with the prize?
Thats why googles adds on youtube forces malware on youtubers - I had antivirus blocked TH-cam adds - Now they googles corporate overlords made that impossible unless as Of Course You Are Rich and pay for no adds -You get what you deserve again from Rich people.............
Can .exe file scanned with virustotal showing none or close to none threats still be malicious? In first situation being only one file. In 2nd situation being two or more files but only one of them being executable and only one being scanned.
@@thisoldminer if you want to be safe remove it and install it from verified source but if youve installed the malicious one, you wouldnt be able to type here pretty sure.
I don't use Windows for anything serious so this has no effect on me. Let the Windows users get hacked. I can use Qubes OS and OpenBSD and No one dares to hack me or find a vulnerability for OpenBSD but everyone is always trying to hack a Windows user. I use Windows for some testing and some gaming but I don't care if Windows users get hacked.
I can agree about Windows, but should we be worried about Android too? If so, should we stop using smartphones all together for our safety? I need some good advices since malware has become increasingly worse and smarter than us.
@@木島カオリ @user-rx4up7jf9y Organisations will pay more for smartphone vulnerability the privacy community recommends pixel phone with Graphane OS as the pixel phone has an unlocked bootloader and has updates to the newest version of Android and security updates for years to come. I can buy the latest phones once I'm rich but I don't care for smartphone security as smartphone screens are small and I don't put anything important on my phone when I'm home I use a Computer tower. even a Cheap laptop would be a small improvement over a smartphone. I'm not telling you to stop using a smartphone but Focus on storing your information on a Computer with an open source operating system and encrypt your hard drive like I do with Linux. I can add file encryption with Veracrypt. With Smartphones, they won't have full disk encryption when you boot up the phone, unlike my Linux computer which has full disk encryption. If a smartphone user gets hacked I am not worried most normies use iPhones anyway my best advice is to use a Computer tower for more important tasks instead of putting all your data on a phone. If I want to store files I can install Qubes os on a SSD I use Kali Linux as my daily distro. and I can sometimes use Windows for gaming or a little testing/work.
I love how Google blocks adblocks and spreads malaware by ads in their search engine...
It's so great isn't it.
I remember some old tech guy used to say: "they make virus to sell you antivirus..."
guess he wasn't that wrong...
Malalalaware
The irony is if one uses adblockers they don't see the sponsored content and malicious links in the search results --
but if the user acts like Google wanted and doesn't use adblockers, they can get scammed by the sponsored links in the search results.
@@ugurcansayan Top comment! 👍
This is why you never click on sponsored links
Agreed. I've used search engines for twenty years now, and never once clicked a sponsored link. Not even once.
@@angrydachshund what a great achievement. Simply use an adblocker.
@@Deo-v1z Common sense > adblocker
Or using chrome edge browser the first one its a malwRe domain
uBlock Origin - blocks all ads - but you can also whitelist creators easily,
Google should be held accountable for the damage caused to anyone whos data gets stolen using these methods. I hope the fact that the malware distributor is marked as verified would be a valid case in court.
I think they get verified once and then Google doesn't care. And that's when they post the malicious ads.
The use the following method: they make a real website (white hat) and a fake one (black hat). When the google servers will access the page to verify it, they recognize their IP and show the real website, and for other cases, the fake one.
@@marcokoovka Well, I would say this is still the problem of Google. They need to develop better verification methods if they want to cash in on the ads. Or pay for the damages.
absolutely xd
Google will have to pay another few millions or billions to the rich people in government in 10 years...
They'll probably make that back with even more scummy practices
Google spreading Malware and getting away with it is beyond me. Why are they not held accountable for spreading malware?
Because they make the rules that are then signed into laws.
It's a whatsname... lobbycracy
Because it's probably impossible to stop
Millions of websites built for malware or scamming
rules for thee and not for me.
Cuz Money Money Money (in Mr Krabs voice)
Yes, this is how it works. It's like when the FBI ran CP forums on the darknet where they (I hope that they didn't distribute those images and videos) shared it with predators to then catch them. This is how Google does now. They block all the adblockers so everyone gets ads so they can click on the malicious links to get viruses and who knows maybe some kind of ransomware. Sadly Google will never take the responsibility because Money = Power.
Hah, this is nothing. I been getting ads on homepage of TH-cam about cryptobot free money where you have to download app with malware ,for more than 5 years now, not only daily but every time I open TH-cam. So is my whole family. And here is direct quote from googles response to me in email:
"Here's what we found
We decided not to take this ad down. We found that the ad doesn’t go against Google’s policies, which prohibit certain content and practices that we believe to be harmful to users and the overall online ecosystem."
This is the response on almost all of my reports. Even if I block the ad, or press, show less of theese. Exactely the same add comes up next day.
the whole idea of "show less" is maddening. i want NONE
Why don't you just use UBlock Origin?
This is one of the reason why I am using adblock extension - to block sponsored search results. Also when I was doing training for new IT member to never click on sponsored links in google search. I think Alphabet should be directly responsible for sponsoring malware search results. Its should be same as with food in restaurants. If the food is stale it can be supplier fault, but you are serving the meal to the people.
WHY don't companies make authentication tokens device specific?
Make authentication tokens only work on the device where a sign-in took place. And get invalidated if a different device tries to login with it.
agreed, however it could be spoofed and also if you have a webagent/hwid randomizer it will be problematic
Because it’s cheaper to relay on user awareness than make complex security systems
@@Misimpa Sad but true.
#1 Red flag for me is sponsored links. simply scroll a few links down and you'll find what you need.
also adblocker is essential and set up right and adjusted time to time
Unfortunately the VAST majority of people will click on the sponsered links
infostealers are such a common malware
ikr, so mediocre so boring, I miss the 2000s
No shit sherlock
@@TheBoostedDoge I miss when viruses used to be flashy and creative.
I want a ransom before cookie stealerse@@NicoTheCinderace
I get them every day. Never cease to amaze me the different ways shapes and forms.
Google should be fined BIG for this, this is their responsability to make sure ads are verified correctly and are safe to the user!
That will never happen
@@danibell106 in america, but in the EU, thats a whole different story if they ever pass rules enabling this punishment
80% of google's yearly profits per case should suffice
@@Diddz Google has been getting away with this kind of stuff for years so I don't think anything will happen to them this time either
Those 2 corps. are top info stealers. What should we expect? 🤷♂
At this point I just wanna go to a remote town, open a small grocery store and not go anywhere near the internet for the rest of my life.
don t be a pozzy . . . What did you expect? It to be milk and honey? HA HA HA This is jungle and wolves. The best man wins!
@@black_dragon274 i expected a less du MBA ss reply.
@@shadhinov definitely u are a pozzy
@@shadhinov definitely u are a pozzy
If you have a AV good firewall and common sense taking a bit of time verifying what you download and install you are usually fine
truly horrifying
Why would you install authentication software on your desktop for? Isn't it supposed to be separated from your desktop?
I used Authy desktop because I'm not attached to my mobile 24/7
I was asking myself exact same question. Why do I need authenticator software in the first place? And @lev0x why would I uninstall malware bytes after scanning my pc in safe mode?
It is supposed to like name suggest authenticate, to give extra layer of security and make it harder to get into your account. What you are logically asking that if you are having this on your PC does this decrease my security?
Well ask yourself do you have Password manager on your phone? If you do then in theory you have 1fa since if someone manage to get your phone and get acess to PM and 2FA app you are done. Same will happend in you would have them on PC.
So if you are willing to have password manager only on PC and 2FA app only on phone you are in theory safer. But it would have drawback having to log in from browser on phone into for ex. bitwarden everytime when you are trying to log in. So what this people are asking for is quality of lifechange in login procedure that create vulnerability but most likely they already have it in their pockets everytime they walk away from home.
And for the ending: thats why yubico is best option with aegis support: Create encrypten backup at aegis and keep it on encrypted pen/disc then delete app and use yubikey and it authenticator instead. There for you have safest version of 2FA with max comfort.
i was careless back then, when dling pirated apps, ended up running a similar exe file. got hacked and was wondering how since i have 2fa, and that’s when i only knew about stealing session cookies
What? Elaborate more please, I’m a boomer
@@YaBoyfelipe hackers take your browser cookies . So, they don't have to deal with authenticator or 2 step verification.
@@YaBoyfelipe Im not super techy into cyber security stuff as well, but basically when you login into websites in your browser, the session gets saved so the website can determine if you’re logged in and when you logout and stuff. Therefore, 2FA is rendered useless since if the hackers get your session/cookie, the website would think it’s you and hence wouldn’t ask for any sorts of confirmation
@@kozuta8858was there any way you fixed it and any recommendations to those who are new to this information and ways to prevent this?
@@kozuta8858 Hello goodmorning/night/afternoon question, how did you fix the issues or are you still currently fix the issue with this matter and what precautions did you take and what did you do to fix the issue?
I believe these desktop authenticators are meant for people who lug around laptops along with phones and tablets...not really for a tower PC. I wonder if they did that so the auth app could be accessible to more users, but that backfired since they aren't vetting copies, noticing something fishy about the digital signature, and removing them.
Loving my yubikey authenticator
Same
Are you still going to love it when you lose it and can't remember where you last had it?
That's why I have lots of yubi keys 😂. Paranoid much? Yup.
@@wildbill4496that's why it's recommended to have at least 2, with one stored away like in a fire proof safe
I need to get one 😂
Thanks. Very informative.
What is the best way to identify an infostealer and remove it efficiently without having to spend more money?
Maybe malwarebytes, just unistall malwarebytes after the scan or disable it
@@lev0x Sounds good to me, thank you Levox
Run Microsoft Defender Offline Scan, Malwarebytes is also good. If you're still infected, might want to invest in a paid subscription for a good AV, at least for a short while.
Man, tired of these new day malwares
Please make part 2 of unknown malware vs Kaspersky, eset and other tools
Common people why are your Governments not forcing these companies to provide a secure/valid method of choosing an App from their store, and removing duplicates.
Thanks for sharing ❤
So, you uploaded the sanple and it gets flagged by 45 AVs. How does people get infected?? Surely micorsoft defender has to jump out and people have to suspect no? For real i dont understand how a malware that is so detected can even work
microsoft defender could've been one of the vendors that didn't flag it. they would need to send out a patch to update defender for this specific malware
I searched the file hash on VT, Microsoft flags it. AFAIK Defender is lazy by default and tools like DefenderUI makes it detect faster
These detections are a month or more after the malware is released. On day one it was only detected by one vendor.
@@pcsecuritychannel a ok, that makes more sense, thanks for the quick response!
@@pcsecuritychannelbesides that if someone uses Norton instead of a real Antivirus they are F...ed
i stoped using chromium based so adblock works
U can still use Brave or Chrome with ublock lite
great work! screw scammers
Oh that's been her for a while now.. The amount of times I've spoken to a user that has just reset their AD password and MFA token, and is "unable to authenticate for some reason?!" only for us both to end up realizing he has installed a discount MFA , are more than a few :D
edit: just to point out (as I see its somehwat different here) the fake MFA app was both in apple play and play store, and had the EXACT SAME logo as MS Multi-factor authenticator.
Brought to you by GOOGLE PLAY
Evil is efficient.
Everyone starts using antivirus software because lots of malware and virus attacks are going on in the world.
Insane google what are you doing?
Thank you for this video
I though it was Part 2 of the ransomware test 😢
Surely fighting against ad blockers and temp monkey is more important than fighting against malware
Thank the Lord for Malwarebytes
google search including ads is just crime aganist humanity.
Gonna take a look, but do you have a video explaining what authenticators are? 🤔 i ask bc I think you'd explain it well
None the less, put the fault on google and Microsoft.
They both have auth app, would not cost much to make built in chrome or
Windows and sync to mobile, and as bonus you get to add otp with one click instead the whole shitty qr or copy paste
Does Virus Total have a RTS for reputation based results & is there a way to block all "tunnel" connections?
I got sick of google stalking me so I quit using it and use brave now for months so I didn’t know about this since I haven’t been on google for months
Yeah Ads. Everyone MUST use add blockers. And why would you use an authenticator on your computer - does that not undo the idea of 2fa. I use Microsoft authenticator on a phone - I would never use one on the pc.
This could have fooled me if I didn't understand the whole point of having an authenticator is to verify using a *second* device, and not the first one again. I retyped the url from your virustotal result and it does show my antivirus detecting it, so that's good.
That's why you should use password manager with 2fa authenticator...
Stealing your session cookies stored in your browser after you successfully log in, is an easy way to bypass 2fa authentication.
@@taqtix8949 Chromium team is working on a local encryption feature that should render this no longer possible.
The one shown that's "legit" is not the Google Authenticator from Google. Its the authenticator FOR Google Authenticator. Hell even the icon is not the same as the official Google Authenticator app. Its just an extension. Not made by Google.
I sometimes wonder who is behind these malware apps. Is there one guy operating or multiple haxxors under an organization? If there are multiple haxxors how they can trust each other? What if one hacks the other ones and runs with the prize?
3:26 especially not if the github repo is just the exe and not actual source code
yeeeaahhhhh more insecurity....oh boy.....at one point we will be better off with paper...
So if authenticator isn't good, what can we use?
@2:41 not there anymore, google has taken it down or blocked it
Is the Authenticator only Phone based? Cause that’s all I use.
Either I never clicks google ads lol
DAmn insane !
What are the solutions to stopping an info stealer on an infected system?
Removing it
get a new one (new iso
I have it installed on my android phone, should i stop using it and uninstall it ?
Thank you so much for this advise.
How do you know if your adblocker doesn't steal your data?
I wish I could get away from Google nonsense, unfortunately the only other established mobile OS is Apple.
Good thing my adblocker runs at the os level not on browser so i havent seen one of those sponsored links in years
What are you using?
more reason to use an authenticator that's not your desktop PC
That genuine app you show in the Chrome store isn't by Google.
Thats why googles adds on youtube forces malware on youtubers - I had antivirus blocked TH-cam adds - Now they googles corporate overlords made that impossible unless as Of Course You Are Rich and pay for no adds -You get what you deserve again from Rich people.............
Why do you need google authenticator at all?
Can .exe file scanned with virustotal showing none or close to none threats still be malicious? In first situation being only one file.
In 2nd situation being two or more files but only one of them being executable and only one being scanned.
If you are a "patient zero" sortof, it can be undetected.
even using the real version of google auth is a bad security practice , also not using an ad blocker in 2024 is another one
Not using an ad blocker is a bad security practice or a good one?
@@YaBoyfelipe LOL
Do you mean google authentication in general or only on windows? And if google auth in general, why so?
@@MagicMasterCommentsThe last I heard of, the cloud backup didn't have end to end encryption. That's why I use Aegis
@@UmVtCg Explain bro, I’m a boomer
3:14 Well if you click the 3 lines it does nothing.
wow
Firewall doing nothing dangerous ports inbound and outbound Connection
et bien ça craint 😮
It does it on android too lately, just do not press ok , ok ?
Your description does not have links to the original article. But you sure as hell made sure to include your sponsor. Not a good look.
😂 google is certainly looking out for you!
change the title, "google Authenticator" is an android app too
Come to Linux.
The company signing this looks like a Chinese company lol
Whoever verified this company should be held accountable
I need Malware Atacked Mail
Never trust a link got it
google ads always bad
3:13 you can clearly see the domain which is definitely not from Google...who would be fooled by this😅😅
You would be surprised. Most non tech savvy people, especially the ones I work with in K-12 IT, have 0 clue about web addresses.
@@JJFlores197 what is k12 it
@@Samsung-zg9ql Public education in the USA. K-12 refers to kindergarten through 12th grade
@@JJFlores197 ok...👍
How do I know if mine is authentic ? ............
hash
@@SoundsBy80K ? it is installed chrome extension how can i tell plz?
@@thisoldminer if you want to be safe remove it and install it from verified source but if youve installed the malicious one, you wouldnt be able to type here pretty sure.
😊😊😊😊😊 more malware damage windows pc with hjacking Trojan and kernel malware
Bros cursor is on fat acceptance 💀
What's an authenticator anyway and why would anyone ever use one?
{:o:O:}
I don't use Windows for anything serious so this has no effect on me. Let the Windows users get hacked. I can use Qubes OS and OpenBSD and No one dares to hack me or find a vulnerability for OpenBSD but everyone is always trying to hack a Windows user. I use Windows for some testing and some gaming but I don't care if Windows users get hacked.
I can agree about Windows, but should we be worried about Android too?
If so, should we stop using smartphones all together for our safety? I need some good advices since malware has become increasingly worse and smarter than us.
@@木島カオリ @user-rx4up7jf9y Organisations will pay more for smartphone vulnerability the privacy community recommends pixel phone with Graphane OS as the pixel phone has an unlocked bootloader and has updates to the newest version of Android and security updates for years to come.
I can buy the latest phones once I'm rich but I don't care for smartphone security as smartphone screens are small and I don't put anything important on my phone when I'm home I use a Computer tower. even a Cheap laptop would be a small improvement over a smartphone.
I'm not telling you to stop using a smartphone but Focus on storing your information on a Computer with an open source operating system and encrypt your hard drive like I do with Linux.
I can add file encryption with Veracrypt. With Smartphones, they won't have full disk encryption when you boot up the phone, unlike my Linux computer which has full disk encryption.
If a smartphone user gets hacked I am not worried most normies use iPhones anyway my best advice is to use a Computer tower for more important tasks instead of putting all your data on a phone.
If I want to store files I can install Qubes os on a SSD I use Kali Linux as my daily distro. and I can sometimes use Windows for gaming or a little testing/work.
So youre basically an asshole.
Easy fix, Don't do searches for Google authenticators. I mean WHO does, NOBODY.
...
You get this from _Google?_
{:o:O:}
Yes, Google ads are one of the major sources of malware and scams.
wow