He tried to hack me...
Samples: tria.ge/220829-1dktasgdc6 // tria.ge/220829-ray23sbdh9
Twitter thread: / 1564246090748141568
Help the channel grow with a Like, Comment, & Subscribe!
❤️ Support ➡ j-h.io/patreon ↔ j-h.io/paypal ↔ j-h.io/buymeacoffee
Check out the affiliates below for more free or discounted learning!
🖥️ Zero-Point Security ➡ Certified Red Team Operator j-h.io/crto
💻Zero-Point Security ➡ C2 Development with C# j-h.io/c2dev
🐜Zero2Automated ➡ Ultimate Malware Reverse Engineering j-h.io/zero2auto
🐜Zero2Automated ➡ MISP & Malware Sandbox j-h.io/zero2auto-sandbox
⛳Point3 ESCALATE ➡ Top-Notch Capture the Flag Training j-h.io/escalate
👨🏻💻7aSecurity ➡ Hacking Courses & Pentesting j-h.io/7asecurity
📗Humble Bundle ➡ j-h.io/humblebundle
🐶Snyk ➡ j-h.io/snyk
🤹♀️SkillShare ➡ j-h.io/skillshare
🌎Follow me! ➡ j-h.io/discord ↔ j-h.io/twitter ↔ j-h.io/linkedin ↔ j-h.io/instagram ↔ j-h.io/tiktok
📧Contact me! (I may be very slow to respond or completely unable to)
🤝Sponsorship Inquiries ➡ j-h.io/sponsorship
🚩 CTF Hosting Requests ➡ j-h.io/ctf
🎤 Speaking Requests ➡ j-h.io/speaking
💥 Malware Submission ➡ j-h.io/malware
❓ Everything Else ➡ j-h.io/etc
This is my first video but right off the bat question..... BRUNCH?!?!? Brunch bro? You fancy
You guys have friends? wuh??
@@calholli imho opinion, brunch is just breakfast for those who sleep in
@@HansBelphegor No, it's second breakfast :)
@@dheijnemansbreakfast and lunch had a baby, people got so excited for the baby they fell asleep for an extra 2 hours, and so brunch was made
@@dheijnemans no its a meal that occurs between breakfast and lunch
john is so good at what he does to the point where if you wanted to attack him he would think you are submitting a malware for analysis
bruh.... XD
lmao
that sounds pretty good actually, could get some interesting stuff out of it
I’ve received similar emails but never a Google drive notification. Interesting how they keep changing small things within the same scams.
Wsg bro
This is wonderful, specific and detailed. You should consider createing a malware analysis class. FYI, you have your first student. 😆
He already did that
@@alimustafa2682 LOL
@@alimustafa2682 link
*creating
The guy across the street hacked my wifi, my phone. His buddy upstairs shares everything with him. They know everything I do online, passwords included. The woman upstairs stomps on the floor and they both walk up on me from upstairs when they hear a noise and follow me around my apartment. VPN and Tor are no help, they're already in them. Got rid of WiFi because they're in my TV's, too. Any suggestions?
What do you think, would you fall for a phishing email like that? What other kinds of social engineering scams and malware attempts have you seen that have been successful?
I receive about 2 spam email/day, and it seems that they gave up mostly, they just send a hyperlink and google flags it as spam. No interesting story, no fancy pictures or threat, just a hyperlink.
I don't know if it's a coincidence or not but, anytime I order something online, I will receive all these emails titled with tracking number blah blah has been put on hold awaiting potential import tax. Usually titled as DHL. I never even open them because I'm scared it will infect me lol
This barebones, off-the-cuff, low level approach is exactly what makes your videos so interesting and relatable, John. Thank you for doing these. I almost fell for the classic 'Your work mailbox will be locked' phishing once. what tripped me off was the password box not showing asterisks or stars, but clear text. so yes, they came within 5 keystrokes from success...
Working as an ethical hacker, I'm too paranoid to click on links in e-mail that _are_ legit 😀But having something so pressing, trying to be a youtuber myself... scary stuff
Sir can u give that malware for my study on digital forensics
scammer sends email to scam john john: "so you have chosen death"
More like public malware vivisection.
The scammer tried to hack John, but be basically just pulled an Uno reverse card
I want scambater to expose them
@@learneducateteach9624 @Scamer Payback
crap it didn't work
Funny, it's a good time to bring up how DMCA requests actually work: you don't typically receive them, KZhead will give you a notice they have received it but they won't provide you, the creator, with a copy. That may be slightly different now, but generally you won't receive some lawyer-speak notice about violating copyright unless you are a company, own your own business where you are the CEO. In that case, you should have your own lawyer(s) anyway. So, don't open anything in any emails ever, don't trust DMCA notices because you wouldn't personally receive them anyway, and definitely question all links and attachments. If you get an attachment from a coworker, notify them and ask if they sent it, even if it's a legitimate email address and came from them. Remember, emails can be spoofed very well, just as phone numbers.
Thanks for sharing the knowledge👨💻
Your face in the thumbnail had me like 😂😂😂😂
I just completed a 2yr degree at community college for cyberdefense and digital forensics, and it was still fascinating and instructive to see such a brief, streamlined, walk-thru of how it's done. 2yrs of school summarized in 30 min. Lol. It's really great to see it in practical application.
Insane how well crafted these security threats are becoming. They’re literally almost easily able to get any IT professional to fall for it… that’s scary.
yeah it's not 2010 anymore
don't click any links or run any executables on your desktop
yes its nice in bad way... show how evrything change and if you dont know how to adapt, you be in trouble
@@drygordspellweaver8761 😂😂
@@drygordspellweaver8761 Put your PC in a Faraday cage and board up the windows and move to another state. Never use technology again.
Great video! The Twitter thread was excellent too. This dissection was a fantastic learning experience, thank you for sharing it and going so in depth.
This right here! Is why I enjoy learning from you my friend. This was super enlightening. Thank you for doing a deep dive and sharing your findings with us. Stay safe John! 💪🏼
Your the best John. I work in IT myself but not in the security segment, you always make content so interesting to watch. Love your work. Keep it up!
This was so awesome. Kudos to you John. Really appreciate you taking us along with you.
I loved the “rumbling”. This was fun, I subscribed, keep going!
It's always a pleasure to have your insight on malware attacks, there's habits we need to have in "alarming" emails/messages even calls
I'm taking my first steps in cyber security. To see such a pro how you deal with this was extraordinarily educational and very interesting. Thnks!
Correct your thnks
DEFINITELY not boring. If you're serious about cyber security then ANY knowledge is good knowledge. Thanks for the video.
i am very thankful that i found this video. I've been just starting in content creation, and being aware of this is super helpful for the future (especially this early in the game when one may not know the emails of youtube, google, or the common formatting used for these emails). Thank you for spreading awareness
This is not boring at all John. I watched the complete video and it was hanging tight in my chair and being fascinated for the last half hour in my university library! I learned some things i had no idea things like a Linux Distro existed for Malware analyses until now. Thanks for being such a great help in the IT comminity!
Incredibly useful and helpful video, thank you John! It's interesting seeing under the hood for threats related to content creators.
One of the best TI and Malware analysis I've watched. This is a great video for new SOC analysts. Thank you so much JH 💓
Thank you for digging so deep and for sharing all of your findings! Please do more of these
Such content should reach out to every KZhead creators. It will surely help them to stay away their hands on clicking such links !! Thank you for posting it,
Educational, fun, not boring at all! Thanks a lot for your work. Studies computer networks myself and I only regret not having a teacher like your. Certainty would have a much better professional path by now! You, Bombal, Chuck: great lads! I wish I could study and learn more from you. Such a knowledge base!
It’s nice to see what an analyst would do. Very well explained, and use free tools to do your PoC. Bravo!
honestly the best soft tutorial ive ever seen. short and straight to the point ! i love it
Every content creator need to see this video!!! This analysis is so simple yet so effective i bet everyone would understand.
Hey John, thanks for sharing your thought process with us. I love the detailed explanation of how you analyze suspicious files.
The details, the way you dive in to the malware is superb. Nice video. You earned a Sub and I'm your student now even I'm new to these threat analysis
great work on that one ive seen that going around for a long time i know a few that did fall for that one. hopefully now that you busted it people will be more careful on what they open. great work
I honestly love these kind of videos if im honest. Good stuff John thank you
Great video and clearly useful information for many people! You can always add a writeup in the description with that uber-elite hacking skills you used. My degree is network security and I enjoy all of your content, especially those that include more technical information about what you're doing. Many of us don't have time to do what you do so get our "hacking" enjoyment from social media content.
this was so informational & exciting to see & definitely not boring, hope to see videos like this in future!
Heya just came from the Network Chuck channel just wanted to say that I appreciate that you explain smaller details of stuff that more advanced users probably don't need to hear. But some of us are dumb :)
Welcome... to Jurassic Hack 👏 great video
John Hammond, I feel confident enough to say - "we", as in the community can most definitely feel as if this was absolutely amazing! This (as well as most of your videos if not all), are always practical and showcase actual steps. Steps that a "poor man's" way of doing things is most likely a more advance way of doing some actual poking for those of us who value cyber security and ethical hacking but haven't made it a career. For all of the tinkerers out there, and even for just study purposes this is an excellent! We don't need to see the Mr. Robot type hacking all the time...though we love it...- Don't get me wrong I absolutely love the movie, i've done my review / some of thee tactic used are legit. But anyway, this video was an absolute treat for us and all the more very educational indeed. Definitely appreciate as always brother, stay blessed and safe out there. I'm very thankful you did not fall victim to this attack! ~ Cheers!
You got a new subscriber! love the content! Always nice to see a tuber that really goes in depth with this sort of stuff, as curious as I am I love seeing this especially as someone who has no idea about this sort of thing, it really lets me appreciate this line of work more!
probably the most informative video i have watched in a long time, learned about reverse engineering all the cool sandboxes and some really useful utilities, Thanks alot.
I'm always amazed by just how far down the rabbit hole its possible to go looking into these malware attacks. Keep up the good work
Honestly feel pretty fortunate to be able to watch videos like this while I’m going to school studying cyber security 😅
Very useful, and intriguing. You aren't rambling or anything like that, thank you mate!
Dude, so fascinating! Found your channel through network chuck! Subscribed!
It was very interesting and informative! Great job John!
Exactly 👨💻
Imagine thinking that John Hammond would have hidden file extensions turned off
Yeah, Window's default is to hide all known extensions. Call me old school, but I agree with you, this is a massive security hole in Windows. Same thing in Mac OS. The default should be to show extensions. Remember anna_kournikova.jpg.exe? Everyone should turn on their extensions. However in this case it was a virtual machine, so not much customization.
It's literally the first thing I do when I install a new OS: turn on file extensions. In fact I think it's irresponsible of OS designers to have them be invisible by default.
Wow, so well done! Thanks for posting, man! Very helpful.
I love these videos - your analysis really helps me and my career. Thank you
Imagine the hackers themselves watching this videos. Well if they are, just learn from him 🤣🤣🤣
John keeps dropping gems for us! Thank you so much for your endless efforts to spread knowledge and awareness among the community, very much appreciated!
Dude! This walk-through was real, relevant, and sweet to my tech buds. Got me seeing BLUE again, dang-it! Thanks John for taking us on this journey.👨💻
super awesome content ! ty for sharing this. my cousin is learning about cyber security. and i think this will help him as h progresses through his classes. you know give him something too write a report on. again ty so much for getting the word out.
Really interesting to see how something like this actually works.
I honestly really liked this video because it showed a real-world example, and gave me an idea of how someone might begin scratching the surface of malware to figure out what it's trying to do and where it comes from. I'm a web developer with a passing interest in cyber security and reverse engineering, so seeing your process (even if you consider it a fairly basic, poor man's way of doing things) was really fun and educational for me.
Very interesting case. Thank you for talking us through it!
This is fascinating; thanks for guiding us through it!
As a person with and analytical mind I do find this segment extremely interesting and I’m making a big shout out to you and everybody who views this film to have good luck and everything you do thank you for listening to me
Awareness of these TTPs is just as vital for those who are responsible for protecting access to critical infrastructure. Content creators may sometimes be more visible targets, but everyone should remain vigilant.
I just started my security+ classes and I feel like I’m learning a totally different language. Look forward to your content to help in my journey!
It is indeed beyond helpful and you are so modest.
FYI guys- at work we are seeing alot of "student loan forgiveness" phishing emails, I collect phishing emails and they are well designed. Be careful.
We really need MORE people to enter the cybersecurity field. Like, even if they don't get a job in cyber, these are becoming life skills for survival.
Fantastic video!! I'm a cybersecurity noob so this is helpful, loads of great resources to flag and lots of info to be on the lookout for. Thanks again!!
I'm not suggesting to attack to any unauthorised machines, but he did what you deserved for (as you have jokingly said, please try hack me). Love it!
Do you think its okay to share a possible victims email address? Might be just an unlucky user who got their account compromised and might now be spammed by KZhead users.
That doesn’t look like a victim mail more like a randomly generated one
@@noname4319 People who use redline or other cred stealing tools have 10,000s+ of victims emails, Its harder to make new gmails accounts then to just steal them.
Your video was very helpful, I'm still learning and getting the hang of it still. I'm into House and EDM. I look forward to seeing more of your
You're my hero! That knowledge level on cyber-security... dude, you're the absolute best!
Ive been learning basics of linux and hacking on OverTheWire and watching you has shown how much more i have to learn. Keep making content!
usually I heard many cases where the famous KZhead account get hacked or compromised. Thanks John for sharing this on KZhead as well as on Twitter as it helped to understand how these things works.
Awesome video, appreciate some extra osint tools to work with and never really heard of the Redline until now. I also appreciate the clarity and visibility you provide on each adventure.
Really cool vid John, I am getting into Cybersec and this was exquisite to watch. Thank you for the videos.
Hey John, thanks for sharing this... definitely not boring and also not too lengthy! I suspect that the file was inflated to pass through web filters. Most firewalls with webfilter have a resource limit up to which size they scan downloads which is typically some 100 MB. So thats the easy or poor man way to bypass these. By the way, Hetzner is a large German hoster, which also has a datacenter in Finland. They rent everything from simple webspace to dedicated root servers or even colocation space. You can write them an mail, they have a good team!
was listening and semi watching as I was playing a game but i realized I kind of just stopped playing my game to watch you do this...I didn't understand like most of the video but it was really awesome to watch :O
Thank you for sharing this! It will help us to be aware and pay attention to details before opening any emails.
NetworkChuck sent me here, but wow, what a video! Absolutely superb and appreciate the breakdown. Very interesting to watch and an eye opener for sure. Thanks John, you have another subscriber!
Wow, it's the first time seeing how a virus works and what calls make to a computer. It's both amazing and terrifying in the same time! Thank you for the informative video! P.S. I'm coming from NetworkChuck who made a video with you :) I'm now a subscriber of your channel as well.
this was really fun, kinda interesting seeing actual analysis of real-time scams
Found you from Network Chuck. Love your content. Subbed!
Fantastic work, John. I heard about this horror-show form NetworkChuck and I just _could not believe_ this one so I've arrived here and watched the whole thing with my jaw hanging open! Now a subscriber. Cheers 👍🤗
Very educational, and thank you! As a very small scale KZheadr (on behalf of a small, local club) it's useful to hear about such scams. Thanks to you (and NetworkChuck!) for the heads up!
For what its worth, I found this fascinating to watch how it worked and some of the techniques you used to analyse the sneaky malware. Excellent video.
The duality between channel profile picture and thumbnail makes this video already great before I even start watching.
This has popped up a couple times recently so they're still at it. Glad you broke this one down👍😃
Definitely not boring content! I personally just want to be more aware of how these things work and this achieved that for me. Plus, it's kind of nice seeing one of these scams put on display given that they thrive on information asymmetry.
Exactly what I needed and was looking for! Thanks!!
Just got a similar email myself. Glad I saw your video first!
Super educational! I get tons of phishing emails from Iceland and I've always wanted to know how to safely dive deeper to track down homebase. Of course I assume any risks involved.
Man you are awesome and I learn so much from your videos. Thank you 🙏🏽
Thank you John, we are now definitely very knowledgedable!
In addition to the content what I really appreciate about your videos is that you don't start with the usual "smash that like and subscribe". Bless you!
Yo this helped so much and I always appreciate the content and when i found the channel and got the energy from you from the previous video, you've been nothing but real and can vouch for the amazing content and how down to earth you are with everything! All the most love, respect, and appreciation
Oh my gsoh. This was such a fun video to watch. I loved watching you analyze the malware. What a great video, thanks for sharing John!
This was awesome in its detail and I appreciate John's efforts to educate but also to tell a great story. Also I might add that if I were a content creator, I wouldn’t use a Microsoft product such as windows. Windows is clearly ground zero for these folks.
A channel I wish I had found many years ago. Great stuff - thanks ... Cheers
Dude your overview was great! I would've liked to see the whole process.
Thanx for the info, Yet another thing I will have to be on the look for. I have had many scammers trying to go for my cash, and so far, through luck and good judgement, none (so far) have managed to get to my cash.. mind you, I don't usually have much of that sat in a bank account anyway... money and inflation usually means the cash you have is getting worth less and less throughout the weeks, so it's better investing it in classic motorcycles/cars or gold etc anyway
Super nice to see the process of what's happening, I would watch more videos like this. 😁
Thanks for the update i normally trash the email when i see suspicious links such as those pesky paypal Phishing emails. I love these gangsta techniques you are using.
John, excellent analysis. Thank you for sharing :)
Wonderful ! well explained! best work John
Amazing! Good stuff! Thank you for this video!