Unmasking what a fake Fortnite Skin Changer is really doing...

Рет қаралды 25,408

9 ай бұрын

In this video I setup MITMProxy with kali linux so that I could intercept and read exactly what the malware was doing. I learnt how the fake skin changer actually steals your data, then I show how to remove the virus.
Follow me on Twitter - / atericparker
Disclaimer: The content in this video is for education and entertainment purposes to showcase the dangers of malware & malicious software. I do not encourage any form of illegal hacking, nor do I encourage the usage of game cheats, cracks or hacks.
Cracks are sometimes shown to highlight the dangers of software piracy, my content is not intended to teach anybody how to pirate, or maliciously hack.
More Malware Investigation Videos:
→ Cyberpunk 2077 Highly Compressed: • Video
→ The latest "NORD" Malware - Nordsecured: • The latest 'NORD' Malw...
→🧧VIRUS WARNING🧧 NEW Optifine for Minecraft 1.16 SCAM: • 🧧VIRUS WARNING🧧 NEW Op...
→ The wilkreate KZfaq stealer virus that started this whole trend: • Fake sponsor DESTROYS ...
Much of the music in my videos comes from the KZfaq audio library, especially this amazing music creator: / @patrickpatrikios2050 .
Outro Music
Track: Lost Sky - Where We Started (feat. Jex) [NCS Release]
Music provided by NoCopyrightSounds.
Watch: • Lost Sky - Where We St...
Free Download / Stream: ncs.io/WhereWeStarted
(C) Eric Parker 2021

Пікірлер: 39

@MP3Crypt 9 ай бұрын

You gotta upload more dude,you could get a cult following with this stuff,absolutely amazing.

@1teamboy 24 күн бұрын

That’s happening. As I type this

@Kykof 9 ай бұрын

Holy, haven't seen a video from you in a while man, nice to know that you still post videos. All of your videos are super helpful and informative, I am glad that you make these.

@Awesomium3 Ай бұрын

3:40 eric's voice sounds like COD:MW2 silenced M21 when he said can

@Awesomium3 Ай бұрын

btw question, does using sandboxie save you from actually getting way more infected? since it cant use most of the files, the files inside the sandbox

@ShinyCoder 24 күн бұрын

@@Awesomium3 it can see what you're doing on your computer (keylog etc), basically everything but messing with files

@prohax1 24 күн бұрын

S@@ShinyCoder

@ShinyCoder 24 күн бұрын

@@prohax1 more like W

@LastSkill19 9 ай бұрын

Is that possible that you maybe make the right side of the screen (where connections are shown) bigger than the left side? It could greatly improve the video quality as it would be a lot easier to read which I find (and probably a lot of people) very interesting. Very cool video, great job! :D

@EricParker 9 ай бұрын

Yes, I'm still thinking about the best way to format this kind of video. I zoomed in where I thought it was specifically interesting.

@mariocamspam72 9 ай бұрын

Ayy welcome back

@yxngsellei 23 күн бұрын

This dude is a modern OS oriented danooct1

@jacobtinkle9686 17 күн бұрын

Absouletly great, interesting and informative content!

@BonziBUDDY 18 күн бұрын

I remember falling for something similar when I was young and stupid. It was a TF2 item generator, and it wasn't really hiding what it was trying to do. It had fields for sending both your steam and your email username and password. I don't know why I thought that was even remotely a good idea. Thankfully nothing happened to my steam or email, but still. It was alarming that I didn't care that much. I'm surprised my steam account never got hijacked after all these years. I do wonder if it did anything else behind the scenes though. It was just some exe file in a zip.

@Jesus.Christ106 27 күн бұрын

some things never change, putting password stealers in fake software was already popular and easy 15 years ago. also never try to manually remove such malware, there is so many out there and the risk of missing traces of the malware and being exposed again is too high, just format your drives and move on with a new OS installation. (also if you save passwords on your pc/phone, atleast use a paid password manager and not free software or 100% not the built in browser password savers)

@icantcomeupwithnames469 27 күн бұрын

Why would you use paid, proprietary, probably networked software instead of free (as in freedom) software like pass or keepassxc?

@EtherealVortexYT 18 күн бұрын

i remember meting a "hacker" that "made" something like this

@b4sicallyf0x 29 күн бұрын

Love it! Keep it up!

@Daniel-hz6pt 27 күн бұрын

The WinRing0 is interesting, what malware family is this? The fact it’s downloading a driver that gives r/w kernel access is very interesting, possibly for rootkit functionality?

@Bombexploid34 Ай бұрын

what do you use to see what the hackers are doing?

@EricParker Ай бұрын

Tutorial on this coming out tomorrow actually!

@hasupasu 8 ай бұрын

hi should i download op auto clicker i know you made a video of it but i dont know if i should download it or not and where should download it

@Stratxgy. 29 күн бұрын

its safe

@hasupasu 29 күн бұрын

@@Stratxgy. thanks

@trimidsmod6391 29 күн бұрын

@@Stratxgy. can confirm

@georgecrutchfield8561 5 ай бұрын

very cool and interesting video

@raaptex 21 күн бұрын

very interresting, but impossible to watch on 1080p...

@danonaogrosso1518 6 ай бұрын

Can you check if Projecto Nova has viruses?

@pelaajahacks8358 28 күн бұрын

just dont download it. why would you even need it anyways?

@watercloud 18 күн бұрын

4:15 in the paste in are 3 exe with a download link I suppose at least for: lol miner and xmrig those should be legitimate mining tools. However you shouldn't get these bundled with unless you specifically want to mine, duh. Also you can see the custom flags for the specific miners, aka the malicious persons crypto address. You can mine using the CPU though it is inefficient for etcash, xmr is designed to only be mine able on a CPU. I checked the current address that is listed there, it has a total of 1.4k USD in it in ethc. The ethcash from the looks get transferred to the in video shown. And on that address 16k USD was transferred out last month 😮. So apparently it is lucrative, I can't say how long it took to 'earn' it.

@watercloud 18 күн бұрын

Interestingly the pastebin link still works and shows new command and controll server