He tried to hack me...

Рет қаралды 371,425

Жыл бұрын

Samples: tria.ge/220829-1dktasgdc6 // tria.ge/220829-ray23sbdh9
Twitter thread: / 1564246090748141568
Help the channel grow with a Like, Comment, & Subscribe!
❤️ Support ➡ j-h.io/patreon ↔ j-h.io/paypal ↔ j-h.io/buymeacoffee
Check out the affiliates below for more free or discounted learning!
🖥️ Zero-Point Security ➡ Certified Red Team Operator j-h.io/crto
💻Zero-Point Security ➡ C2 Development with C# j-h.io/c2dev
🐜Zero2Automated ➡ Ultimate Malware Reverse Engineering j-h.io/zero2auto
🐜Zero2Automated ➡ MISP & Malware Sandbox j-h.io/zero2auto-sandbox
⛳Point3 ESCALATE ➡ Top-Notch Capture the Flag Training j-h.io/escalate
👨🏻‍💻7aSecurity ➡ Hacking Courses & Pentesting j-h.io/7asecurity
📗Humble Bundle ➡ j-h.io/humblebundle
🐶Snyk ➡ j-h.io/snyk
🤹‍♀️SkillShare ➡ j-h.io/skillshare
🌎Follow me! ➡ j-h.io/discord ↔ j-h.io/twitter ↔ j-h.io/linkedin ↔ j-h.io/instagram ↔ j-h.io/tiktok
📧Contact me! (I may be very slow to respond or completely unable to)
🤝Sponsorship Inquiries ➡ j-h.io/sponsorship
🚩 CTF Hosting Requests ➡ j-h.io/ctf
🎤 Speaking Requests ➡ j-h.io/speaking
💥 Malware Submission ➡ j-h.io/malware
❓ Everything Else ➡ j-h.io/etc

Пікірлер: 985

@grant8653 Жыл бұрын

This is my first video but right off the bat question..... BRUNCH?!?!? Brunch bro? You fancy

@calholli Жыл бұрын

You guys have friends? wuh??

@CreativeDissonance Жыл бұрын

@@calholli imho opinion, brunch is just breakfast for those who sleep in

@dheijnemans Жыл бұрын

@@CreativeDissonance No, it's second breakfast :)

@randomyoutuberthatdoesntex5236 Жыл бұрын

@@dheijnemansbreakfast and lunch had a baby, people got so excited for the baby they fell asleep for an extra 2 hours, and so brunch was made

@ElectricoGamez Жыл бұрын

@@dheijnemans no its a meal that occurs between breakfast and lunch

@abdelfattahhilmi5213 Жыл бұрын

john is so good at what he does to the point where if you wanted to attack him he would think you are submitting a malware for analysis

@ultimate8673 Жыл бұрын

bruh.... XD

@visual-graffix Жыл бұрын

lmao

@McNooby142 Жыл бұрын

that sounds pretty good actually, could get some interesting stuff out of it

@nikhilt3755 Жыл бұрын

scammer sends email to scam john john: "so you have chosen death"

@upolpi3171 Жыл бұрын

More like public malware vivisection.

@markusTegelane Жыл бұрын

The scammer tried to hack John, but be basically just pulled an Uno reverse card

@learneducateteach9624 Жыл бұрын

I want scambater to expose them

@superJK92 Жыл бұрын

@@learneducateteach9624 @Scamer Payback

@superJK92 Жыл бұрын

crap it didn't work

@DavidAlvesWeb Жыл бұрын

Your face in the thumbnail had me like 😂😂😂😂

@jeremiahdurotola5921 Жыл бұрын

This is wonderful, specific and detailed. You should consider createing a malware analysis class. FYI, you have your first student. 😆

@alimustafa2682 Жыл бұрын

He already did that

@JeremiahRamirez Жыл бұрын

@@alimustafa2682 LOL

@biraj599 Жыл бұрын

@@alimustafa2682 link

@BrandonMoeller Жыл бұрын

*creating

@jane2303 Жыл бұрын

The guy across the street hacked my wifi, my phone. His buddy upstairs shares everything with him. They know everything I do online, passwords included. The woman upstairs stomps on the floor and they both walk up on me from upstairs when they hear a noise and follow me around my apartment. VPN and Tor are no help, they're already in them. Got rid of WiFi because they're in my TV's, too. Any suggestions?

@pcsecuritychannel Жыл бұрын

I’ve received similar emails but never a Google drive notification. Interesting how they keep changing small things within the same scams.

@Cyclically Жыл бұрын

Wsg bro

@ShadowImpressive Жыл бұрын

Funny, it's a good time to bring up how DMCA requests actually work: you don't typically receive them, KZfaq will give you a notice they have received it but they won't provide you, the creator, with a copy. That may be slightly different now, but generally you won't receive some lawyer-speak notice about violating copyright unless you are a company, own your own business where you are the CEO. In that case, you should have your own lawyer(s) anyway. So, don't open anything in any emails ever, don't trust DMCA notices because you wouldn't personally receive them anyway, and definitely question all links and attachments. If you get an attachment from a coworker, notify them and ask if they sent it, even if it's a legitimate email address and came from them. Remember, emails can be spoofed very well, just as phone numbers.

@BobBob-qm2bm Жыл бұрын

Thanks for sharing the knowledge👨‍💻

@scottspa74 Жыл бұрын

I just completed a 2yr degree at community college for cyberdefense and digital forensics, and it was still fascinating and instructive to see such a brief, streamlined, walk-thru of how it's done. 2yrs of school summarized in 30 min. Lol. It's really great to see it in practical application.

@trapOrdoom Жыл бұрын

Insane how well crafted these security threats are becoming. They’re literally almost easily able to get any IT professional to fall for it… that’s scary.

@xulux9028 Жыл бұрын

yeah it's not 2010 anymore

@drygordspellweaver8761 Жыл бұрын

don't click any links or run any executables on your desktop

@anonwilczek6044 Жыл бұрын

yes its nice in bad way... show how evrything change and if you dont know how to adapt, you be in trouble

@lazix9769 10 ай бұрын

@@drygordspellweaver8761 😂😂

@dark_sunset 10 ай бұрын

@@drygordspellweaver8761 Put your PC in a Faraday cage and board up the windows and move to another state. Never use technology again.

@G6PBS Жыл бұрын

DEFINITELY not boring. If you're serious about cyber security then ANY knowledge is good knowledge. Thanks for the video.

@THEAbhimanyuKumar90s Жыл бұрын

Such content should reach out to every KZfaq creators. It will surely help them to stay away their hands on clicking such links !! Thank you for posting it,

@zvimelkman4407 Жыл бұрын

I'm taking my first steps in cyber security. To see such a pro how you deal with this was extraordinarily educational and very interesting. Thnks!

@maxwellcatlol Жыл бұрын

Correct your thnks

@cynicalthoughts4695 Жыл бұрын

Welcome... to Jurassic Hack 👏 great video

@_JohnHammond Жыл бұрын

What do you think, would you fall for a phishing email like that? What other kinds of social engineering scams and malware attempts have you seen that have been successful?

@LeonVQZ Жыл бұрын

I receive about 2 spam email/day, and it seems that they gave up mostly, they just send a hyperlink and google flags it as spam. No interesting story, no fancy pictures or threat, just a hyperlink.

@y3wtub3 Жыл бұрын

I don't know if it's a coincidence or not but, anytime I order something online, I will receive all these emails titled with tracking number blah blah has been put on hold awaiting potential import tax. Usually titled as DHL. I never even open them because I'm scared it will infect me lol

@GhostOfAnubis09 Жыл бұрын

This barebones, off-the-cuff, low level approach is exactly what makes your videos so interesting and relatable, John. Thank you for doing these. I almost fell for the classic 'Your work mailbox will be locked' phishing once. what tripped me off was the password box not showing asterisks or stars, but clear text. so yes, they came within 5 keystrokes from success...

@4a6f62 Жыл бұрын

Working as an ethical hacker, I'm too paranoid to click on links in e-mail that _are_ legit 😀But having something so pressing, trying to be a youtuber myself... scary stuff

@popeyehacks Жыл бұрын

Sir can u give that malware for my study on digital forensics

@SHUFFLEZBlack Жыл бұрын

Your the best John. I work in IT myself but not in the security segment, you always make content so interesting to watch. Love your work. Keep it up!

@andresvillarroel1236 Жыл бұрын

I loved the “rumbling”. This was fun, I subscribed, keep going!

@dougOptics Жыл бұрын

This was so awesome. Kudos to you John. Really appreciate you taking us along with you.

@pierre-huguesaubertin1654 Жыл бұрын

It’s nice to see what an analyst would do. Very well explained, and use free tools to do your PoC. Bravo!

@sirw369 Жыл бұрын

This right here! Is why I enjoy learning from you my friend. This was super enlightening. Thank you for doing a deep dive and sharing your findings with us. Stay safe John! 💪🏼

@qpSubZeroqp Жыл бұрын

Thank you for digging so deep and for sharing all of your findings! Please do more of these

@muzamaze Жыл бұрын

One of the best TI and Malware analysis I've watched. This is a great video for new SOC analysts. Thank you so much JH 💓

@JoeC_aka_PwnerJoe Жыл бұрын

Incredibly useful and helpful video, thank you John! It's interesting seeing under the hood for threats related to content creators.

@nswan363 Жыл бұрын

Great video! The Twitter thread was excellent too. This dissection was a fantastic learning experience, thank you for sharing it and going so in depth.

@Flightful Жыл бұрын

i am very thankful that i found this video. I've been just starting in content creation, and being aware of this is super helpful for the future (especially this early in the game when one may not know the emails of youtube, google, or the common formatting used for these emails). Thank you for spreading awareness

@bradsen Жыл бұрын

Hey John, thanks for sharing your thought process with us. I love the detailed explanation of how you analyze suspicious files.

@kidbullet Жыл бұрын

Educational, fun, not boring at all! Thanks a lot for your work. Studies computer networks myself and I only regret not having a teacher like your. Certainty would have a much better professional path by now! You, Bombal, Chuck: great lads! I wish I could study and learn more from you. Such a knowledge base!

@cyberdevil657 Жыл бұрын

This is not boring at all John. I watched the complete video and it was hanging tight in my chair and being fascinated for the last half hour in my university library! I learned some things i had no idea things like a Linux Distro existed for Malware analyses until now. Thanks for being such a great help in the IT comminity!

@M3TTRO Жыл бұрын

Wow, so well done! Thanks for posting, man! Very helpful.

@TheDrMayonnaise Жыл бұрын

I honestly love these kind of videos if im honest. Good stuff John thank you

@an3ssh Жыл бұрын

Every content creator need to see this video!!! This analysis is so simple yet so effective i bet everyone would understand.

@bakaryk2435 Жыл бұрын

It's always a pleasure to have your insight on malware attacks, there's habits we need to have in "alarming" emails/messages even calls

@swillra Жыл бұрын

Great video and clearly useful information for many people! You can always add a writeup in the description with that uber-elite hacking skills you used. My degree is network security and I enjoy all of your content, especially those that include more technical information about what you're doing. Many of us don't have time to do what you do so get our "hacking" enjoyment from social media content.

@faran4536 Жыл бұрын

Imagine the hackers themselves watching this videos. Well if they are, just learn from him 🤣🤣🤣

@cmsupreme5832 Жыл бұрын

The details, the way you dive in to the malware is superb. Nice video. You earned a Sub and I'm your student now even I'm new to these threat analysis

@0_0NoOB Жыл бұрын

You got a new subscriber! love the content! Always nice to see a tuber that really goes in depth with this sort of stuff, as curious as I am I love seeing this especially as someone who has no idea about this sort of thing, it really lets me appreciate this line of work more!

@realdotty5356 Жыл бұрын

Imagine thinking that John Hammond would have hidden file extensions turned off

@ScottyDMcom Жыл бұрын

Yeah, Window's default is to hide all known extensions. Call me old school, but I agree with you, this is a massive security hole in Windows. Same thing in Mac OS. The default should be to show extensions. Remember anna_kournikova.jpg.exe? Everyone should turn on their extensions. However in this case it was a virtual machine, so not much customization.

@helloitismetomato Жыл бұрын

It's literally the first thing I do when I install a new OS: turn on file extensions. In fact I think it's irresponsible of OS designers to have them be invisible by default.

@grzegorztlusciak Жыл бұрын

It was very interesting and informative! Great job John!

@sebastianwojewodzki8588 Жыл бұрын

Exactly 👨‍💻

@edwardbrennan3963 Жыл бұрын

Dude, so fascinating! Found your channel through network chuck! Subscribed!

@aessi2746 Жыл бұрын

probably the most informative video i have watched in a long time, learned about reverse engineering all the cool sandboxes and some really useful utilities, Thanks alot.

@quentincaldway Жыл бұрын

John Hammond, I feel confident enough to say - "we", as in the community can most definitely feel as if this was absolutely amazing! This (as well as most of your videos if not all), are always practical and showcase actual steps. Steps that a "poor man's" way of doing things is most likely a more advance way of doing some actual poking for those of us who value cyber security and ethical hacking but haven't made it a career. For all of the tinkerers out there, and even for just study purposes this is an excellent! We don't need to see the Mr. Robot type hacking all the time...though we love it...- Don't get me wrong I absolutely love the movie, i've done my review / some of thee tactic used are legit. But anyway, this video was an absolute treat for us and all the more very educational indeed. Definitely appreciate as always brother, stay blessed and safe out there. I'm very thankful you did not fall victim to this attack! ~ Cheers!

@dannyboycalifornia Жыл бұрын

Honestly feel pretty fortunate to be able to watch videos like this while I’m going to school studying cyber security 😅

@boywarrick Жыл бұрын

NetworkChuck sent me here, but wow, what a video! Absolutely superb and appreciate the breakdown. Very interesting to watch and an eye opener for sure. Thanks John, you have another subscriber!

@Cole.Varial Жыл бұрын

I'm always amazed by just how far down the rabbit hole its possible to go looking into these malware attacks. Keep up the good work

@4a6f62 Жыл бұрын

Really interesting to see how something like this actually works.

@BuddyWazzup Жыл бұрын

You're my hero! That knowledge level on cyber-security... dude, you're the absolute best!

@CommunityFlagTeam Жыл бұрын

great work on that one ive seen that going around for a long time i know a few that did fall for that one. hopefully now that you busted it people will be more careful on what they open. great work

@coolmanberr1738 Жыл бұрын

John keeps dropping gems for us! Thank you so much for your endless efforts to spread knowledge and awareness among the community, very much appreciated!

@dflosounds Жыл бұрын

I honestly really liked this video because it showed a real-world example, and gave me an idea of how someone might begin scratching the surface of malware to figure out what it's trying to do and where it comes from. I'm a web developer with a passing interest in cyber security and reverse engineering, so seeing your process (even if you consider it a fairly basic, poor man's way of doing things) was really fun and educational for me.

@Talyzeni Жыл бұрын

I love these videos - your analysis really helps me and my career. Thank you

@zexceed65 Жыл бұрын

this was so informational & exciting to see & definitely not boring, hope to see videos like this in future!

@Private-GtngxNMBKvYzXyPq Жыл бұрын

Awareness of these TTPs is just as vital for those who are responsible for protecting access to critical infrastructure. Content creators may sometimes be more visible targets, but everyone should remain vigilant.

@carjockey7 Жыл бұрын

As a person with and analytical mind I do find this segment extremely interesting and I’m making a big shout out to you and everybody who views this film to have good luck and everything you do thank you for listening to me

@NotGeri Жыл бұрын

Very useful, and intriguing. You aren't rambling or anything like that, thank you mate!

@milo_andrs Жыл бұрын

Really cool vid John, I am getting into Cybersec and this was exquisite to watch. Thank you for the videos.

@applePrincess Жыл бұрын

I'm not suggesting to attack to any unauthorised machines, but he did what you deserved for (as you have jokingly said, please try hack me). Love it!

@shaolinsword6698 Жыл бұрын

FYI guys- at work we are seeing alot of "student loan forgiveness" phishing emails, I collect phishing emails and they are well designed. Be careful.

@kavinpaulfaderagao5920 Жыл бұрын

honestly the best soft tutorial ive ever seen. short and straight to the point ! i love it

@slugbones Жыл бұрын

Heya just came from the Network Chuck channel just wanted to say that I appreciate that you explain smaller details of stuff that more advanced users probably don't need to hear. But some of us are dumb :)

@techfunnels Жыл бұрын

We really need MORE people to enter the cybersecurity field. Like, even if they don't get a job in cyber, these are becoming life skills for survival.

@zomgninja Жыл бұрын

Do you think its okay to share a possible victims email address? Might be just an unlucky user who got their account compromised and might now be spammed by KZfaq users.

@noname4319 Жыл бұрын

That doesn’t look like a victim mail more like a randomly generated one

@zomgninja Жыл бұрын

@@noname4319 People who use redline or other cred stealing tools have 10,000s+ of victims emails, Its harder to make new gmails accounts then to just steal them.

@hannahsmith6095 Жыл бұрын

It is indeed beyond helpful and you are so modest.

@Robdeltonie Жыл бұрын

Just got a similar email myself. Glad I saw your video first!

@SpaceTacos60316 Жыл бұрын

Fantastic video!! I'm a cybersecurity noob so this is helpful, loads of great resources to flag and lots of info to be on the lookout for. Thanks again!!

@gelexblazeshorts7679 Жыл бұрын

Exactly what I needed and was looking for! Thanks!!

@1Alex925 Жыл бұрын

Wow, it's the first time seeing how a virus works and what calls make to a computer. It's both amazing and terrifying in the same time! Thank you for the informative video! P.S. I'm coming from NetworkChuck who made a video with you :) I'm now a subscriber of your channel as well.

@darkrider318 Жыл бұрын

Awesome video, appreciate some extra osint tools to work with and never really heard of the Redline until now. I also appreciate the clarity and visibility you provide on each adventure.

@rosecottagegarden Жыл бұрын

Thank you for sharing this! It will help us to be aware and pay attention to details before opening any emails.

@BobBob-qm2bm Жыл бұрын

Dude! This walk-through was real, relevant, and sweet to my tech buds. Got me seeing BLUE again, dang-it! Thanks John for taking us on this journey.👨‍💻

@yoshairivega585 Жыл бұрын

Your video was very helpful, I'm still learning and getting the hang of it still. I'm into House and EDM. I look forward to seeing more of your

@Popstylez Жыл бұрын

I just started my security+ classes and I feel like I’m learning a totally different language. Look forward to your content to help in my journey!

@biggiecheez6879 Жыл бұрын

Ive been learning basics of linux and hacking on OverTheWire and watching you has shown how much more i have to learn. Keep making content!

@TheDesiCybersec Жыл бұрын

I just learned so many things here . Thanks for the video and information you shared . We appreciate it.

@chekov6668 Жыл бұрын

Hey John, thanks for sharing this... definitely not boring and also not too lengthy! I suspect that the file was inflated to pass through web filters. Most firewalls with webfilter have a resource limit up to which size they scan downloads which is typically some 100 MB. So thats the easy or poor man way to bypass these. By the way, Hetzner is a large German hoster, which also has a datacenter in Finland. They rent everything from simple webspace to dedicated root servers or even colocation space. You can write them an mail, they have a good team!

@tramcrazy Жыл бұрын

This is fascinating; thanks for guiding us through it!

@Darksunbird Жыл бұрын

super awesome content ! ty for sharing this. my cousin is learning about cyber security. and i think this will help him as h progresses through his classes. you know give him something too write a report on. again ty so much for getting the word out.

@MHTHINK Жыл бұрын

Definitely not boring content! I personally just want to be more aware of how these things work and this achieved that for me. Plus, it's kind of nice seeing one of these scams put on display given that they thrive on information asymmetry.

@smr6482 Жыл бұрын

Found you from Network Chuck. Love your content. Subbed!

@alaahaider Жыл бұрын

Man you are awesome and I learn so much from your videos. Thank you 🙏🏽

@123ezekiel456 Жыл бұрын

John, excellent analysis. Thank you for sharing :)

@dominickbitsui9596 Жыл бұрын

Oh my gsoh. This was such a fun video to watch. I loved watching you analyze the malware. What a great video, thanks for sharing John!

@H_Feyyy Жыл бұрын

Yo this helped so much and I always appreciate the content and when i found the channel and got the energy from you from the previous video, you've been nothing but real and can vouch for the amazing content and how down to earth you are with everything! All the most love, respect, and appreciation

@vadrif-draco Жыл бұрын

Thank you John, we are now definitely very knowledgedable!

@jimmyc3030 Жыл бұрын

For what its worth, I found this fascinating to watch how it worked and some of the techniques you used to analyse the sneaky malware. Excellent video.

@OligoST Жыл бұрын

Super educational! I get tons of phishing emails from Iceland and I've always wanted to know how to safely dive deeper to track down homebase. Of course I assume any risks involved.

@zhiqi0125 Жыл бұрын

This is great. I've learned a lot. Keep up the good work

@markrhoades8822 6 ай бұрын

This has popped up a couple times recently so they're still at it. Glad you broke this one down👍😃

@gregf9160 Жыл бұрын

Fantastic work, John. I heard about this horror-show form NetworkChuck and I just _could not believe_ this one so I've arrived here and watched the whole thing with my jaw hanging open! Now a subscriber. Cheers 👍🤗

@ijnebzor Жыл бұрын

Thanks so much for this! Absolutely fascinating analysis.

@refaiabdeen5943 Жыл бұрын

That was Awesome Mate. Thanks for educating us all. Cheers!

@koledirks Жыл бұрын

was listening and semi watching as I was playing a game but i realized I kind of just stopped playing my game to watch you do this...I didn't understand like most of the video but it was really awesome to watch :O

@Yozzy... Жыл бұрын

Thank you very much man, seriously you helped a lot i started from 0 to 10.

@mrdakik8357 Жыл бұрын

dont hesitate! this video was just perfect, i really learn a lot from this video, the idea that i can restore VM to a state, that redline stealer was a thing, .scr, the ways they scam, and much much more, thank you very much, appreciated.

@michaelmcshane6395 Жыл бұрын

This was awesome in its detail and I appreciate John's efforts to educate but also to tell a great story. Also I might add that if I were a content creator, I wouldn’t use a Microsoft product such as windows. Windows is clearly ground zero for these folks.

@atsekbatman Жыл бұрын

Very interesting case. Thank you for talking us through it!

@venkateshnambi1576 Жыл бұрын

usually I heard many cases where the famous KZfaq account get hacked or compromised. Thanks John for sharing this on KZfaq as well as on Twitter as it helped to understand how these things works.