Hiding Malware in Space Pictures
ฝัง
- เผยแพร่เมื่อ 30 ก.ค. 2024
- Try out OctoPart 👉 octopart.com/
Altium 👉 www.altium.com/yt/seytonic
Timestamps:
0:00 Hiding Malware In James Webb Images
2:06 Major Cyber Crime Gang Changes Tactics
4:39 Massive Cyber Attack Hits Montenegro
6:38 Cyber Espionage in the South China Sea
8:28 Octopart (Altium)
9:04 Outro
Sources:
www.bleepingcomputer.com/news...
www.securonix.com/blog/golang...
www.darkreading.com/vulnerabi...
www.hackread.com/hackers-malw...
securityaffairs.co/wordpress/...
www.theregister.com/2022/09/0...
www.bleepingcomputer.com/news...
www.bleepingcomputer.com/news...
www.bleepingcomputer.com/news...
apnews.com/article/russia-ukr...
www.spiegel.de/netzwelt/monte...
me.usembassy.gov/security-ale...
www.bleepingcomputer.com/news...
www.bleepingcomputer.com/news...
securityaffairs.co/wordpress/...
therecord.media/montenegro-st...
therecord.media/china-linked-...
www.proofpoint.com/us/blog/th...
www.bleepingcomputer.com/news...
===============================================
My Website: www.seytonic.com/
Follow me on TWTR: / seytonic
Follow me on INSTA: / jhonti
=============================================== - บันเทิง
3:45 "Hacking back would be illegal."
You are aware gov agency's do stuff illegal stuff all the time and so do companies, Owners and legit everyone. An eye for an eye is what some believe in but that being said with all the people they ticked off and the easy access to d dos that all you need is money it could be literally anyone.
So you'd risk fed time to "get even"? You have smol brain.
I got an email to my spam folder the other day claiming that someone had installed a virus on all my devices and if I didn't pay their ransom, all my files would be leaked online as well as videos of me doing naughty things that theyhad captured.
They didn't even include a crypto address or any links in the email 🤦♀️
It probably sat in my spam folder for a month, and then I deleted it.
That's my story of the first time in my life I've ever been 'hacked', and the only time the problem wasn't because I intentionally installed something nefarious.
Did it look a little something like this?
Hello, bad news!
dd/mm/yy
On this date, I infected your device with malware.
I've learned a lot about you!
I had an idea, what if I make a video of you watching [redacted] while doing [redacted] and then send it to all of your friends?
If it did, then it's fake. Seen it hundreds, no, THOUSANDS of times.
@@cardboard_is_not_edible Nah, it was like six paragraphs long talking about the exact type of virus (cobalt) and how all my files are on a remote server and not too look for it and all sorts of other nonsense.
It was very obviously fake, to the extent my spam folder caught it long before I did.
It just makes me really sad that this pathetic level of quality is what skids have come to.
I'm sure there's at least one idiot out there who would fall for this scam, but they didn't even put a payment address or anything.
It was. So dumb.
@@jeffbrownstain Ah ok. As long as your scans come back clean you're all good.
No "hacker" worth a crap would go to the trouble of emailing you to tell you you're hacked. They'd either make it work behind the curtains, or make it very obvious that there is ransomware running on your desktop.
For those saying that the title is misleading, it says exactly what happened you just interpreted it wrong.
You need to consider that the title cuts off right before "Image"
Clearly you cannot get the jpg without the word document. So yes it is, kido.
The jpg isnt the issue... what tech level are you, cause you cannot get anything from the jpg.. it requires (key word here kid) requires the word doc... huge, huge difference.
@@csmastery1337 Isn't cut off just on a second line underneath, shows in thumbnail title.
@@dertythegrower Semantics oldo.
I mean I would not be that surprised to find that image on my computer, but then again I have a dedicated folder for space images, so it not being in that might tip me off.
Now, tracking the interests of your target to hide inside an image they wouldn't be surprised to find on their computer would be interesting
The idea of ScanBox sounds pretty cool. It seems like a private framework, but are there any public ones that do something similar?
im not sure if creep js is oss but you can take a look
fingerprintjs, creepjs
hope i never go to any of your websites
@@Purely_Andy lol I don't condone using this for watering hole attacks or anything malicious, I just find it interesting that so much information can be tracked without a user's knowledge and by just visiting a website. I wonder why/how that's possible.
@@nogr3369 It's possible because your browser just gives that information away so the website knows what to send back in order for the page to display correctly. The website has access to a lot of settings, software version, available hardware, etc. In fact it's so much information that your browser is more unique than your literal fingerprints on your fingers. So basically with that information you can be tracked and identified around the internet even if you delete cookies or use private browsing.
whoever thinks that they hid malware in the image you could find on google, they didnt. they are using the image when you download a malware by accident to spread it more i think (this is all from my understanding on the video so it may not be a 100% true)
The executable is stored in the image and dropped by the VB script.
Thanks for the latest news
Great work 🥳 Thank you 💜
And again, that Cyber espionage example evokes thoughts about why we have www/html etc. protocols in place and still dump system information to server (os, browser version, and much more).
Should the protocols whole point to be able server to black-box themselfs and say:" yes, we understand the protocol, send stuff in"?
WWW is designed to be as leaky as old granny
They are both excellent protocols, and once you understand them, can avoid leaking anything.
@@bigpickles You are right, they are not that bad.
It is more of implemention problem. How people uses those protocols.
Written law does not matter, if people don't follow it. There is the ideal protocol and de-facto standard usage.
There is no point that I can avoid leaking if majority don't do that. My behavior will be odd one in the ether and identificator.
@@MeltedMask most of us on vpns and private browsers don't leak anything though. Indeed, to get a 200, you need to send something across such as your resolution for example, in order for content to render correctly. Any personal information leaking out is due to the user's fault.
@@bigpickles That's great and all but the vast majority of people on the internet are consumers. They do something else with their lives, they don't have time to put into understanding protocols. Why is it inherently unsafe by default and not safe by default? Makes no sense.
@@mrkiky it makes total sense. People just don't adapt. Back in the 90s, resistance to AV software was massive, yet the operating systems weren't deemed "inherently unsafe" by default. It's a PEBCAK problem.
Kind of genius to use a builtin Windows utility to decode the Base64.
I didn't even know Windows had that built-in. I'd always use base64 from msys2, because I knew of it's existence.
Another great one
Until 5/6 years ago, Montenegro was full of Russians and Russian real estate - things have changed since Monte N. joining NATO
Like it~ you made good ~Seytonic!
Entrust being attacked with ransomware sounds like the plot of Mr. Robot
Nice Video! absolutely magnificent.
Good one!
Nothing is sacred anymore. I can’t even peacefully watch James Webb telescope space images no more without not worrying about the off chance of having to wipe my system. Where has this world come to?
It always starts with a word document. Smh.
encrypting someones data, and then ddos'ing them so they cant respond. Looks like they dont even want money
They're in fact probably wasting it
well I had perfect timing on learning steganography😂🙃
You should cover wtf happen in Indonesia right now
Almost every frickin Daye hacker stole government data lol
Ofc I had to use this image as a wallpaper.
in a way reminds me of the old 4chan rumor of a picture of a japanese guy eating a donut (I think it might had been the author of jjba?) having some malware in it that could infect you just by having the image open in the browser... Anyone remember that?
Bro, this is an art project by the same damn people who wrote the article.
Cmon now.
Can someone advise where to watch news about IT, Internet, server parts, etc.
Thanks!
Thanks my dude :)
What did they used to communicate at 2:59 ?
Why the fuck is hacking back illegal? That's like saying if someone comes into your house and threatens you, you're not allowed to fight back
How did they knew they were using go obfuscate?
"I have felt the power of the wifi going out and having to touch grass"
Subed.
Would it be possible to use a CDN to supply the image containing the "payload"?
but the target would have to run the macro
@@user-yv2fb4mi1k Of course. But supplying it using a CDN seems less suspicious than if you'd just randomly download an image from a weird URL
feel like ti is ticking way too fast for lol. but hey, as long as you do what you love- the sky is the limit! also just a little advice to
the point of hidding in large specialized file (with uncommon format) is that it's too hard for computer (for end user computer at least) to scan a file weighing 200Gb !
It's not too hard, just time consuming. There is no reason I couldn't scan all 9TB on my PC, all I have to do is run the scan for about a week. If you are serious enough about security, I'm sure it won't be too hard to set up a scan before you go to work or something
@@specialopsdave that's the point of hidding... it can't be easily found ;-)
@@Nothing2Do417 It can't be found AT ALL within the image, because it isn't there.
But go files are so big?
Why not use c then
nah they uploaded virus in james web images
I wonder if a space telescope has ever been infected with malware lol.
watching this whilst this image is my desktop background...
did you hear about the voyager..
Man, I'm a bit into these pictures of other galaxies and of the universe, but I think it's time to delete the ones I have as I can just look them up on TH-cam any time.
Hackers be like that
Bruhhh they even got the James Web image
I cannot hear any sound, anyone else experiencing this? (September 3rd, 14:00 GMT).
I can
@@tezcanaslan2877 I can, too, now. But at that time it did not work for some reason (everything else worked fine). Thanks.
@@FlorinArjocu you probably had something like voicemod or a microphone set to speaker happens to me sometimes
@@tezcanaslan2877 I had not, as the previous clip and the one after had sound. Maybe it was a TH-cam glitch.
@@FlorinArjocu Generate a bug report and double check your microphone if you need it. Also has Google Assistant been activating on its own?
Well they tend to be big in size so its not so unique
macros were a mistake
macros are actually extremely useful in automating excel tasks in industries of all kinds, give it a decade or two and AI will replace them
pretty sure ik the kid who sold this way to infect. it was pretty smart and it was on a fourm. not gonna say the fourm
Yeah, not weird at all to see satellite pictures randomly appearing on your computer! It’s normal, and nothing bad is going on. Haha. 😂
Monte what?
This is steganography.
Misusing the word "random," as is commonly done these days (certain dictionaries modifying their lexicon to include this common misusage notwithstanding).
👍
Hell naw💀
Hacking a company is fine but a company fighting back illegal.
And who said that hacking a company is fine
Hi
What
"Hacking back is illegal"
😂
If someone would ransom my device, i would gladly unalive them very slowly.
*Feel the rage, let it flow*!
NFTs lmao
Really 🤔💭 hmmmmm
How sad
wait, since when can images hack you...
they can't, watch the vid
they can't
@@daliuskal I did
@@Tale3339 you clearly didnt
@@celerry yeah I just rewatched and released I’m stupid
Honestly sounds like the security researchers made it themselves to make clickbait
even space will hack you now
ESA launched it goddamn it.
dudos
Hahahahaha, pwn anything and everything
firstn't
Cryptography 🤌🏼
Word
Word
Small country of monta what? 👴🏿
Thr34T Kr3w
not first lmao
Why not use cat gifs
We all download em all the time
i don't think anyone except 40 year old moms have downloaded a single cat gif since 2012 lmao
why are you posting a screen shot on a mac this just comes off as unskilled and uneducated
Title is a bit misleading.
He talked malware embedded in a JWT image. What's the issue?
@@Brandon-zs7ko Title makes it seem like simply viewing the image will infect your pc, although you have to go through a LOT more steps.
@@Brandon-zs7ko It required a word doc... not a image. Big difference.
hahhaa u were hoping to get an easy hack lol
@@dertythegrower yes that's what makes it misleading, blind man
Clickbait :(
How?
@@Seytonic you probably used some javascript exploit to make him click
@@geraldbal7945 Sadly I'm not that advanced
@@Seytonic after reading the title everyone expected a malware in the image which would be runnable after opening it.
@@keypey8256 then the problem is with your expectations. the title is 100% accurate
Misleading title
unsubbing due to misleading title.
Why is the title misleading?
@@tombus8308 😂😂You realise TH-cam truncating the title has nothing to do with me
@@Seytonic Tried it out for myself and yes. I've realized my mistake. I feel downright silly. My apologies.
@@tombus8308 No worries my dude, I wish youtube would show me how much of the title they'd cut off
@@Seytonic Maybe you can fix it by changing "are Hiding" to just "Hid"?
Montenegro. That second E is supposed to be pronounced like 'ayy'.
hackers are pathetic
They are not but rather the Illuminati are.
@@Hook_Line_Sinker Spoken like a true schizo
Go Windoz (l)Users!
BTW, I love how many companies appeared recently selling spyware to other companies as Security Solutions
What