The first red flag is a download button on github. The entire thing about github is that you have to look around for 10 minutes before you figure out how to download something
You should see how stupid phishers are in emails it's gullible that people don't check and trace headers for any signs of flaws or have a link checker someone tried phishing my brother by claiming he didn't pay for his "Apple" phone when he never even bought one I called them out and they never replied and the funny part is the idiot was using his gmail what fucking idiot uses their own gmail to try and click bait someone?
As Thio Joe shows you can upload a file as a comment to any repository and it will show that repository url as the source of the info stealer .zip file
@@DeadAmericanBestAmerican Here the file appears to be in a release, not as an attachment, since you can upload any files to repo releases. (not tags) EDIT: examined the repo, looks like the user themselves released the malicious zip, the code itself belongs to some kind of role manager app?
Usually, software released on github doesn't have a direct download link and instead has a download in the "Releases" tab since things can change with each version. It doesn't mean that if it does that it's safe, no, it still could be malware, but the telltale sign is a sketchy download link.
No smart person uses Google results to search for pirated software. You just use reputable websites which Google of course doesn't show on search results.
You can def legally upload malware on Github but u have to write "Those files are dangerous and shall be ran on isolated environment for testing purpose". If the repository miss this statement , the author is trying to social engineering. Github itself can't stop this attack effectively, cuz (again) malware can be uploaded legally in some scenarios.
You should be using the wording "allowed by their ToS" because literally no state in the world legally allows info-stealing never mind in the form of malware.
Interesting, had no clue that GitHub allows it for legal reasons. Quite sad it's being abused though cause if you think about it, the possibility of AV companies learning about the malware would be infinite. Rip
When it comes to digital anything, it's always about trust. Piracy isn't actually any different in that regard. That's just the ethos of digital security.
My favorite part about cracks (in this case for Microsoft's Office) is that only Windows Defender recognizes it as malicious software while other antiviruses don't.
@@Oruta-skk You used to not long ago. I think many people still use older versions of Office so they don't have to do the 365 version (which was Microsoft's attempt to stop pirating).
This is so accurate! My co worker downloaded something on GitHub and she confessed that it was an attempt to pirate a software. The infostealer manage to steal her notes and her cookies trying to hijack her sessions which was disrupted shortly since it was suspended by our IT Dept thereafter. We watch in real time how the infostealer did it's work and leave without a trace. So everyone! It's not like those malware or trojans where your computer are infected through a backdoor. It requires you to sort of execute it for it to run and operate it's working command. The best way to avoid this is to not pirate softwares or games. Period.
@@Oruta-skk Yes and constant vigilance against behavioural patterns that leads to such penetration in the first place. Though infostealer isn't as heavyweight compared to other type of viruses such as leaving it's presence behind for future backdoor, it certainly warrants extra precautions such as changing your password for all accounts to prevent successful profiling penetration thereafter
The sneakest ones(and these have been around for a long time) are repacked cracks where its the actual crack for a program but either due to a badly written crack or some simple exploit they can tag along extra things that get executed or they just write a wrapper for the original crack either way there are plenty who look like they did the job and thus make you way less suspicious about anything having gone wrong and makes it less likely you try to find a way to get rid of it. Seen this happen to a few friends who all used the same reuploaded version of a game instead of getting it from the group who originally did it and they all had their info stolen and none of them knew why until they realize it all started after they got that game. the ones making the malware get smarter but the average user seems to be getting more stupid.
@@pipacombate393 Listing the site here will most likely get the comment removed as they typically do when people mention places like it but her stuff if it comes from her .site are safe that much i can say.
I downloaded the file (dont try at home) and Kaspersky did not detect its hash. It only detected it after I did an "in depth" scan. Virus total also shows that none of the popular antivirus software recognise the hash. What a joke, the file has been up for 2 months.
> I downloaded the file (dont try at home) I mean, it's not downloading a virus that gives you a virus, it's opening the virus after downloading it but i get it
@@erroroliver this file isn't the virus though so it will never be detected as such, this file downloads a chain of viruses that continuously download more in order to scrape as much of your data as possible. its not like an active keylogger, they just searched for all your saved passwords from your web browser and all currently logged in apps and dumps all the info it gets so if every virus it downloaded isn't blocked immediately by your antivirus then your passwords are all compromised. i was dumb enough to fall for it a couple months ago and had to re install my operating system because for every 1 virus you detect they have downloaded 3 more. weird part to me is they only took my steam, reddit and instagram. also it detects if you run a windows scan and shuts off your pc lmfao
@@erroroliver i know but why risk it, i did it in a VM because Kaspersky didnt detect it and I might have accidentally ran it. until the hash is known to all the different AV companies its dangrous. Its now showing as something like 50/100 on VirusTotal but before i reported it to Microsoft, Norton, Kaspersky, BitDefender and McAfee, it was 9/100.
Only having readme and the license on the GitHub, and having the download button, that downloads the whole software on the readme is completely wrong anyways. Real and legit piracy tools are going to be some sort of patcher with the source code provided and the download is going to be always on the "Releases" tab, and the readme going to tell us how to exactly use the tool and sometimes it is simply a CLI tool meaning you need to run some sort of terminal first and pass in some argument / parameters. Only thing you have to worry is the tool probably won't work "on your machine".
It's not even just softwares, even "corn" videos too. I think it's very keyword specific, like if you search for leaks, google will return results from github too. Very modern day limewire I'd say.
@@Jimmy_The_Goat just like in limewire days, it wouldnt be in video format of course. It would be an executable file like Linkin Park - Crawling.exe back in the day
somewhat unrelated but seeing that a "Toon-Boom" crack was apart of these campaigns made me realize they also go after artists and aspiring animators. I know I shouldn't be surprised but it still upsets me
nowadays people think github is a safe place to download stuff because it repos have source code, but it's already a huge red flag the repo itself only has a readme and license file and the download button redirects to somewhere else
I've been thinking for the last 2-3 years that the "big dogs" of malware (wannacry, etc) will gradually fade from common attacks. It's much easier and cheaper.
Heyyyyy fellow Flare user! for those who don't know, John and I do a monthly (somewhat) hangout on our discord: discord.com/invite/y7q3qMM So if ever wanted to hear UA-camrs talk about behind the scenes stuff, that's a gold session to join.
depends on your os, but all modern browsers have built-in protections that don't allow for a system command or executable to be built/hooked to system files without first being downloaded and ran by an admin user
Hey Leo, Thanks for the video and sharing awareness. I would like to recommend a few steps to the audience on how to protect themselves from these threat actors. 1. Always use non-privileged user to operate your system on a daily basis 2. Run your browser using a different account. 3. Use Admin account with care and ensure you are 100% sure what you're doing. 4. Enable "Core Isolation" in Windows 5. Enable "Controlled folder access" and ensure to add only the known programs to the "Authorized" list.
Hi, another great video. But I once had a question of interest. Do you know of any other channels (or would you make a video) that shed more light on spyware and malware on cell phones (especially iPhones)? As this is a topic that is often neglected, I would be interested to know whether users really notice whether malware or spyware is installed?
This is why I couldn't get into many direct installation Ai systems and Git repositories that some influencers are pushing. Some in the instructions even encourage to disable your AV.
Same thing happened to me with a Mod for an Assassins Creed game yesterday. Exe was clean but the dll had a logger payload. Unfortunately i found out after running it. None of the normal tools (NPE, HitmanPro, Malwarebytes etc.) detected anything. Reinstalled windows anyway. Didnt format my other drives tho. Is there anything else i can do?
you mean besides taking more care about what you install on your PC? well you can try some advance HIPS utility like COMODO utility pack, some registry watcher like mjregwatcher. They MAY help you to make a right decision, but it's always your decision to run or not to run an unknown app or to hook a dll
why would you goto an open source software hub for access to closed source software? Am I just thinking about this too rationally or who’s the target mark here?
@@visitante-pc5zcSpoken like someone who has never RE'd paid software before. Many paid softwares can be unlocked by just adding a mov and ret instruction to return true from a single function.
In the early 2000's it was understandable to look for "options", but nowadays pirated software is so outdated. There is so much free and open source software for everything, that you don't need to pirate anything as a private person. No matter what software it is, there are free, safe, open source alternatives. Obviously not games, but this is not what we talk about here.
'even if something is listed for free, there is still going to be a price... and that price comes in many different forms. They will make you pay for it no matter what'
To be fair, people who pirated for years and use their head know how to be safe when pirating, these days it's easier than ever (especially with reddit). Of course there are people who don't use their head, but that's on them, those people would probably get infected without pirating anything. It basically comes down to "download from trusted sources" and "don't run anything you don't trust".
i gott a question, will having a portable chrome and having duplicated exe but there no trace of it saying chrome/google in process will that negate a stealer searching for those processe/default paths? also filecr is a site i use a lot lol
Theres no way this is happening, and theyre not all even gone, but when i uploaded memz to one of my repos to use on a vista vm (no tools moment) my account was banned after 1 day💀 and i cant get it back
The stealer will grab anything on that VM, GPU or not. Basically if you have that VM solely for gaming, it may not steal your credit card info, but will steal your online games credentials, as well as any game launcher info installed on that machine. On a blank machine tho? Wont steal what's not there
All cracks are considered malware of some kind even if they are genuinely harmless, because they make minor adjustments to the software on the system, just like a dangerous virus would. So you never know for sure if you screwed until you screwed,lol
I have a queston, I accidentally downloaded a 1,666kb unknown.msi file while trying to use skindex (it looked exactly like the download button and in the same location somehow. i immediately knew something was up when it pulled me to a redirect and downloaded the unknown.msi file in my upper right corner (chrome) so i quickly dropped it in recycle bin and emptied. Can it still be on my device? I really don't want malware on it. (I downloaded malwarebytes later and scanned but nothing came up)
UPDATED 1 sorry to say (i am at 1 minute so dont judge me for the resoning...) but if the conclusion "Malware in Cracks on Github" only lays on 1 VT test? then sorry to say... but mostly EVERY crack gets detected on VT just because the softwar was "modified..." but may there a more reasons XD for this conclusion... update1 3:47 an gdata report is more an reason :D
Hey, you should point out in another video in github or something, there is normal software in the malware repo's BUT at the veryy top of the repo's you scroll sideways, you will see a payload installing a malware
In the meantime windows defender gave a warning message and when I scanned the pc with kaspersky I cleaned 4 trojans, but is this enough. What information was leaked?
I used atlas OS on top of the ghost spectre iso. It's safe. Even more safer than stock windows because there's no telemetry running, my processes only have like 50 processes on fresh install.
I typically crack software myself if I feel like it, if I want to use someone else's crack I'll just binary diff the original files against the patch (or use a keygen in vm), if I dont have the original files I wont run it unless there's a keygen I can use in a vm
How to know if the crack is really just a false positive or an actual virus? (without telling me to just purchase the app or install the free alternatives)
Wow, I found something on github and ran it, and an av provider stopped it from executing, I replicate it on a online sandbox and sure enough it is what it is, I even reset the entire computer in the end just to be extra safe.
We tried Flare, The company doesnt seem setup to accept new customers. They are insisting on phone interviews/verifications to demo their software. You got us interested in the software but the vendor dropped the ball on this one. Perhaps your next video can recommend another tool?
Actually my first ransomware that attack on my laptop is iobit software like their security, screen fecorder, and uninstaller, I installed qll of it and very next day my laptop now infected with ransomware I don't know what is the malware name but the extension I saw is .wrui
I don’t want to give anyone idea (just typing this I might), but wouldnt github activation stuff like Windows activation or whatever may be, contain one of these?
If your referring to MAS no that’s completely different, they have a whole dedicated server and page explaining how it works but fakes do exist so be careful
No software is 100% safe however on GitHub they do have the “issues” tab and if someone has an issue with the software , it’ll be reported there most likely 👍🏾
A guy I know occasionally sails the high seas for software, and when he does he runs the cracks through virustotal just to be safe, how can this guy tell cracks/false positives from actual malware on VT? This person sees stuff like "packed" and "themida" on these files
Once you have quite an experience on sailing the high seas, you will bound to know where to look at good crack and how to avoid the bad crack with malware.
Let's say we installed a info stealer, Is there a way to prevent it from reading cookies?
I also want to know the answer of this question.
Not really. You are kinda fucked when you download the infostealer.
Immediately disconnect from the Internet then Investigate
@@Plazmal You could... But who has that time lmao
It reads your cookies at the exact milisecond it starts to run. And your data is already sent to a server (probably) overseas somewhere
A download button in github? That's suspicious.
I never managed to see one.
And the link is from another repository 💀
Easy to download on GitHub? Hmmm sus
gets me every time
The first red flag is a download button on github.
The entire thing about github is that you have to look around for 10 minutes before you figure out how to download something
@@wallachia4797 ohhh so that was done on purpose?
I instantly noticed the download button to be a different repository. Major red flag.
You should see how stupid phishers are in emails it's gullible that people don't check and trace headers for any signs of flaws or have a link checker someone tried phishing my brother by claiming he didn't pay for his "Apple" phone when he never even bought one I called them out and they never replied and the funny part is the idiot was using his gmail what fucking idiot uses their own gmail to try and click bait someone?
As Thio Joe shows you can upload a file as a comment to any repository and it will show that repository url as the source of the info stealer .zip file
@@DeadAmericanBestAmerican I know. And they didn't even bother to do that.
@@DeadAmericanBestAmerican Here the file appears to be in a release, not as an attachment, since you can upload any files to repo releases. (not tags)
EDIT: examined the repo, looks like the user themselves released the malicious zip, the code itself belongs to some kind of role manager app?
Usually, software released on github doesn't have a direct download link and instead has a download in the "Releases" tab since things can change with each version.
It doesn't mean that if it does that it's safe, no, it still could be malware, but the telltale sign is a sketchy download link.
No smart person uses Google results to search for pirated software. You just use reputable websites which Google of course doesn't show on search results.
Disagree on that one for video games
@@kingofmontechristo what do you mean?
@@kingofmontechristo all sites that google lists when you type cracked are straight-up malware wdym?
@@kingofmontechristo who tf uses google search for games? You go directly to fitgirl and the likes.
@@kingofmontechristo opposite for me, most things on google arent that good, excluding a few. General search results, not reddit
You can def legally upload malware on Github but u have to write "Those files are dangerous and shall be ran on isolated environment for testing purpose". If the repository miss this statement , the author is trying to social engineering. Github itself can't stop this attack effectively, cuz (again) malware can be uploaded legally in some scenarios.
I will legally steal your Social password 😊
For teaching purposes you would make the user input their own dump IP instead
@@wsg1231yes dadi
You should be using the wording "allowed by their ToS" because literally no state in the world legally allows info-stealing never mind in the form of malware.
Interesting, had no clue that GitHub allows it for legal reasons. Quite sad it's being abused though cause if you think about it, the possibility of AV companies learning about the malware would be infinite. Rip
I just love the fact that every cyber security tip leads to "Just don't run anything untrusted on your device" at the end
When it comes to digital anything, it's always about trust. Piracy isn't actually any different in that regard.
That's just the ethos of digital security.
Windows for example 😅😂
What if i don't trust any software?
@@globalist1990 Not even a program you wrote yourself?
@@globalist1990 then good luck man life is hard for you
My favorite part about cracks (in this case for Microsoft's Office) is that only Windows Defender recognizes it as malicious software while other antiviruses don't.
because microsoft flags software they dont like as malicious, even if isnt.
Bro you don't download crack for Microsoft office 💀
@@Oruta-skk You used to not long ago. I think many people still use older versions of Office so they don't have to do the 365 version (which was Microsoft's attempt to stop pirating).
@@in_vas_por8810So is MS office virus?
@@Oruta-skkYou can absolutely crack office365
This is so accurate! My co worker downloaded something on GitHub and she confessed that it was an attempt to pirate a software. The infostealer manage to steal her notes and her cookies trying to hijack her sessions which was disrupted shortly since it was suspended by our IT Dept thereafter. We watch in real time how the infostealer did it's work and leave without a trace. So everyone! It's not like those malware or trojans where your computer are infected through a backdoor. It requires you to sort of execute it for it to run and operate it's working command.
The best way to avoid this is to not pirate softwares or games. Period.
This is why companies need to limit regular employee access
@@Oruta-skk Yes and constant vigilance against behavioural patterns that leads to such penetration in the first place. Though infostealer isn't as heavyweight compared to other type of viruses such as leaving it's presence behind for future backdoor, it certainly warrants extra precautions such as changing your password for all accounts to prevent successful profiling penetration thereafter
But games r expensive
The sneakest ones(and these have been around for a long time) are repacked cracks where its the actual crack for a program but either due to a badly written crack or some simple exploit they can tag along extra things that get executed or they just write a wrapper for the original crack either way there are plenty who look like they did the job and thus make you way less suspicious about anything having gone wrong and makes it less likely you try to find a way to get rid of it.
Seen this happen to a few friends who all used the same reuploaded version of a game instead of getting it from the group who originally did it and they all had their info stolen and none of them knew why until they realize it all started after they got that game.
the ones making the malware get smarter but the average user seems to be getting more stupid.
Bro atleast tell us where did they download the repacks from. I always use fitgirl repacks are those safe?
@@pipacombate393 Listing the site here will most likely get the comment removed as they typically do when people mention places like it but her stuff if it comes from her .site are safe that much i can say.
@@pipacombate393There are lists on Reddit, if you are downloading from the original website, that should be safe
I downloaded the file (dont try at home) and Kaspersky did not detect its hash. It only detected it after I did an "in depth" scan. Virus total also shows that none of the popular antivirus software recognise the hash. What a joke, the file has been up for 2 months.
> I downloaded the file (dont try at home)
I mean, it's not downloading a virus that gives you a virus, it's opening the virus after downloading it but i get it
@@erroroliver this file isn't the virus though so it will never be detected as such, this file downloads a chain of viruses that continuously download more in order to scrape as much of your data as possible. its not like an active keylogger, they just searched for all your saved passwords from your web browser and all currently logged in apps and dumps all the info it gets so if every virus it downloaded isn't blocked immediately by your antivirus then your passwords are all compromised. i was dumb enough to fall for it a couple months ago and had to re install my operating system because for every 1 virus you detect they have downloaded 3 more. weird part to me is they only took my steam, reddit and instagram. also it detects if you run a windows scan and shuts off your pc lmfao
Yep! It's not the downloads that activates it. It's the executables.
@@erroroliver i know but why risk it, i did it in a VM because Kaspersky didnt detect it and I might have accidentally ran it. until the hash is known to all the different AV companies its dangrous. Its now showing as something like 50/100 on VirusTotal but before i reported it to Microsoft, Norton, Kaspersky, BitDefender and McAfee, it was 9/100.
When you ran it did it immediately got detected?
That readme should already bring up a huge red flag
Why is that?
Only having readme and the license on the GitHub, and having the download button, that downloads the whole software on the readme is completely wrong anyways. Real and legit piracy tools are going to be some sort of patcher with the source code provided and the download is going to be always on the "Releases" tab, and the readme going to tell us how to exactly use the tool and sometimes it is simply a CLI tool meaning you need to run some sort of terminal first and pass in some argument / parameters. Only thing you have to worry is the tool probably won't work "on your machine".
a github repo even having a download button is a huge red flag, like..... just build
Says readme is a red flag
Proceeds to not elaborate why
Some game crack have the readme for pwd to unlock the file. I ran scan and nthg show up.
It's not even just softwares, even "corn" videos too. I think it's very keyword specific, like if you search for leaks, google will return results from github too. Very modern day limewire I'd say.
but how would a video infect you?
@@Jimmy_The_Goat just like in limewire days, it wouldnt be in video format of course. It would be an executable file like Linkin Park - Crawling.exe back in the day
somewhat unrelated but seeing that a "Toon-Boom" crack was apart of these campaigns made me realize they also go after artists and aspiring animators. I know I shouldn't be surprised but it still upsets me
Thats a smooth transition to the sponsor segment
braucu ar vilcienu
Sponsorblock 😊
Sailing the seas hones your bullshit detector on pirating things
As a person who occasionally sails the sea, having a trusted platform helps a lot to find your pirated copy.
@@GregorianMG My issue as a newbie is finding safe waters to sail upon.
True but my bs detector has failed once =(
@@veteranhamster7410But those waters are home to large sea monsters😔
@@veteranhamster7410 1337xx is a good start. FitGirl and DODI repacks are highly respectable, and from that you can find more trusted sources.
nowadays people think github is a safe place to download stuff because it repos have source code, but it's already a huge red flag the repo itself only has a readme and license file and the download button redirects to somewhere else
It really is if you build it yourself and can read the code.
I've been thinking for the last 2-3 years that the "big dogs" of malware (wannacry, etc) will gradually fade from common attacks. It's much easier and cheaper.
Flaaaarreeeeee!
Yooo it's the legend himself
Heyyyyy fellow Flare user! for those who don't know, John and I do a monthly (somewhat) hangout on our discord: discord.com/invite/y7q3qMM
So if ever wanted to hear UA-camrs talk about behind the scenes stuff, that's a gold session to join.
Hi, John
@@stage6fan475 i thought he isn't real john, (there's a underscore in name) 😭
I would not be even slightly surprised if it was a publisher that placed the malware.
Ye olde poison pill
beginner question but is it possible to get hacked merely by clicking a button in a web browser without receiving any kind of downloaded file?
depends on your os, but all modern browsers have built-in protections that don't allow for a system command or executable to be built/hooked to system files without first being downloaded and ran by an admin user
Hey Leo, Thanks for the video and sharing awareness. I would like to recommend a few steps to the audience on how to protect themselves from these threat actors.
1. Always use non-privileged user to operate your system on a daily basis
2. Run your browser using a different account.
3. Use Admin account with care and ensure you are 100% sure what you're doing.
4. Enable "Core Isolation" in Windows
5. Enable "Controlled folder access" and ensure to add only the known programs to the "Authorized" list.
Unfortunately that also happens to be highly inconvenient. I just do my research, rely on my antivirus and hope for the best 👍
Hi, another great video. But I once had a question of interest. Do you know of any other channels (or would you make a video) that shed more light on spyware and malware on cell phones (especially iPhones)? As this is a topic that is often neglected, I would be interested to know whether users really notice whether malware or spyware is installed?
Not saying that you should pirate, but having a FitGirl manning the ship can help out a lot.
☠️☠️
wait till people learn that file names are entirely aethstetic "you can even get malware in an msi file" made me lol
that's why I look for source code of the crack, then look at the code and inspect it then finally compile it myself. I use stuff like pykms and etc.
Thanks!
smoooooth sales pitch. Interesting site.
The fun part is that even the screenshot of Obit states that it is the free version...
This is why I couldn't get into many direct installation Ai systems and Git repositories that some influencers are pushing. Some in the instructions even encourage to disable your AV.
Same thing happened to me with a Mod for an Assassins Creed game yesterday. Exe was clean but the dll had a logger payload. Unfortunately i found out after running it. None of the normal tools (NPE, HitmanPro, Malwarebytes etc.) detected anything. Reinstalled windows anyway. Didnt format my other drives tho. Is there anything else i can do?
you mean besides taking more care about what you install on your PC? well you can try some advance HIPS utility like COMODO utility pack, some registry watcher like mjregwatcher. They MAY help you to make a right decision, but it's always your decision to run or not to run an unknown app or to hook a dll
why would you goto an open source software hub for access to closed source software? Am I just thinking about this too rationally or who’s the target mark here?
i think its just people who know enough tech to know about open source then think "open source = safe"
It preys on the Dunning Kruger effect, people that thinks they know a lot about computers and the internet, while in reality just being ignorant.
@@romulo2714ironically the dunning-kruger effect has nothing to do with any of this
Lmao, you know who. Js and web devs.
because there ARE a lot of open source cracking/activation scripts
I always downloaded things from github and never had any problems what am I doing right?
Analyzing malware is often harder than cracking software. I just make my own cracks whenever none of the trusted sources have one.
Not a trivial thing to do for most of.. well, anyone.
That sounds like so much more work than just using something open source
@talkingthoughts4747 he aint doing shit. He's here for attention: look guys how awesome I am.
@@visitante-pc5zcSpoken like someone who has never RE'd paid software before. Many paid softwares can be unlocked by just adding a mov and ret instruction to return true from a single function.
Try cracking denuvo games, if you can
Will the container and virtualization environment will help to protect from these types of malwares. Using the malicious think in isolated env.
I was about to sign up with flare but they don't except gmail addresses. That's so strange
Is fitgirl repack safe??
Yes she is among the most reputable people in pirating community
People online try not to fall for the most obvious scam chalange: IMPOSSIBLE
good information, nice channel, subbed
Could you analyze hydra launcher on git hub?
hydra launcher is trusted. it's basically a torrent client, and its source is up for everyone to read (and build its own release)
I trust the song "RiveR - Solo" for my games and "known/trusted" pirates in the good ol pirate bay for other software
Lol he trusts pb
@@Rei322
>pirate bay
just toss the computer out man
In the early 2000's it was understandable to look for "options", but nowadays pirated software is so outdated. There is so much free and open source software for everything, that you don't need to pirate anything as a private person. No matter what software it is, there are free, safe, open source alternatives. Obviously not games, but this is not what we talk about here.
agreed for the most part. even VMWARE Pro just went free.
'even if something is listed for free, there is still going to be a price... and that price comes in many different forms. They will make you pay for it no matter what'
Hey guys weird question but does anyone know any sites what you can download cursors without viruses?
Cursors, that sounds fun! I don't know, but I used to make them a long time ago, which is easy enough to do.
Cursor fx
Open Cursor Library, has an array of cursors. You do have to manually set everything to be said cursor in your pointer settings.
@@sunla how did u make them?
@@JajaofAbuja thanks 👍
how do you know if your system is infected? and how to get rid of it then?
Ants I’m about to turn my second pc into a straight virus machine with no info to steal
Pirating software drops 99% after this video.
Great video as always!
Nah, the fact is that most of them will go to another site, I dont support it, but thats what always happens
To be fair, people who pirated for years and use their head know how to be safe when pirating, these days it's easier than ever (especially with reddit). Of course there are people who don't use their head, but that's on them, those people would probably get infected without pirating anything. It basically comes down to "download from trusted sources" and "don't run anything you don't trust".
@@Kalphalus I do support it, F companies
I do support it too, F you and the companies.
Nah, just look at other place, I already find mine.
So what’s the correct way to pirate software?
On reputable sites.
Ι kinda wonder. Why should someone download a cracked avast? I mean, he shouldnt even the official avast. :-)
I've found quite a few of those on github, been making sure to report all the ones I find
Does also means they gonna make your computer running slow too right? Especially in windows explorer! 5:08
I am confused to why https is replaced with hxxps
Back in my 13y i learned this the hard way 😂
Good on ya for this info
i gott a question, will having a portable chrome and having duplicated exe but there no trace of it saying chrome/google in process will that negate a stealer searching for those processe/default paths? also filecr is a site i use a lot lol
thanks for the knowledge
Same thing if people search on UA-cam for free-payed software linking to a phishing software
Theres no way this is happening, and theyre not all even gone, but when i uploaded memz to one of my repos to use on a vista vm (no tools moment) my account was banned after 1 day💀 and i cant get it back
downloading a random exe off the internet to crack an antivirus must be the most chad thing I've ever seen
How do we know if the software we already installed have info sealer
Why is Defender UI actually recognized as a virus? You can also check that
I noticed this a while ago but forgot about it
How to check if there is info stealer in memory 😮😢😮
So lets say, I use a VM with GPU pass-through. What will happen?
Will you please make a video about this matter?
The stealer will grab anything on that VM, GPU or not. Basically if you have that VM solely for gaming, it may not steal your credit card info, but will steal your online games credentials, as well as any game launcher info installed on that machine.
On a blank machine tho? Wont steal what's not there
All cracks are considered malware of some kind even if they are genuinely harmless, because they make minor adjustments to the software on the system, just like a dangerous virus would. So you never know for sure if you screwed until you screwed,lol
I have a queston, I accidentally downloaded a 1,666kb unknown.msi file while trying to use skindex (it looked exactly like the download button and in the same location somehow.
i immediately knew something was up when it pulled me to a redirect and downloaded the unknown.msi file in my upper right corner (chrome) so i quickly dropped it in recycle bin and emptied.
Can it still be on my device? I really don't want malware on it.
(I downloaded malwarebytes later and scanned but nothing came up)
please do a video about rav end point protection by reason labs
UPDATED 1
sorry to say (i am at 1 minute so dont judge me for the resoning...) but if the conclusion "Malware in Cracks on Github" only lays on 1 VT test?
then sorry to say...
but mostly EVERY crack gets detected on VT just because the softwar was "modified..."
but may there a more reasons XD
for this conclusion...
update1
3:47
an gdata report is more an reason :D
how is that repo still up...
What if I download from direct github?
Still harmful?
is that a 3 swords style pirates jolly roger?
I ran an apk on virus total and there's onky 1 to 2 red flag, is it false positive or what?
My github account and google play store has been suspended after this malware
Hey, you should point out in another video in github or something, there is normal software in the malware repo's BUT at the veryy top of the repo's you scroll sideways, you will see a payload installing a malware
Where can I find RAT / malware ? What legit website / onion link ?
What should u do if you got infected by this? Format?
Factory reset the pc
I was saddened to see this video after realizing that my pc was infected with trojans after downloading the wox app from github two days ago
In the meantime windows defender gave a warning message and when I scanned the pc with kaspersky I cleaned 4 trojans, but is this enough. What information was leaked?
Dozens of Trojans exist. We're just magically supposed to know the ones you had and what they did?
Hi can you make a vid on atlas os. I think your input on whether or not its safe would be a cool topic.
I used atlas OS on top of the ghost spectre iso. It's safe. Even more safer than stock windows because there's no telemetry running, my processes only have like 50 processes on fresh install.
Why can't github/Microsoft scan for threats? I also found hacks for warzone on github/Microsoft. Probably root kit. 😅
I typically crack software myself if I feel like it, if I want to use someone else's crack I'll just binary diff the original files against the patch (or use a keygen in vm), if I dont have the original files I wont run it unless there's a keygen I can use in a vm
Is there any free resources to check if your pc has malware?
Malwarebytes free, autoruns, process explorer
ESET online scanner seems like a good choice.
Can kaspersky block these?
Does Microsoft Office app (cracked) that i got it from filelist can be a virus?
How to know if the crack is really just a false positive or an actual virus? (without telling me to just purchase the app or install the free alternatives)
the short answer is: it's less expensive to pay for an app than for hiring an IT specialist who can make an informed decision about the modified file
Yolo it, then see it yourself.
Jokes aside, no easy answer here. I would say go for reputable source and then start from there.
when I was a kid I had installed an msi crack on a laptop with a GTX 460 that ended up bricking it beyond repair ;D
Wow, I found something on github and ran it, and an av provider stopped it from executing, I replicate it on a online sandbox and sure enough it is what it is, I even reset the entire computer in the end just to be extra safe.
i had something like this but i scanned it on virustotal it didnt give a flag tho it was virus
I look for the south american 15 year old speaking broken english on youtube, that usually works for me lol
since M$ owns GitHub then why on Earth are these allowed?
We tried Flare, The company doesnt seem setup to accept new customers. They are insisting on phone interviews/verifications to demo their software. You got us interested in the software but the vendor dropped the ball on this one. Perhaps your next video can recommend another tool?
Actually my first ransomware that attack on my laptop is iobit software like their security, screen fecorder, and uninstaller, I installed qll of it and very next day my laptop now infected with ransomware I don't know what is the malware name but the extension I saw is .wrui
so what should I do if I already do install that shit?
Run untrusted software in a sandbox or sandbox VM.
I don’t want to give anyone idea (just typing this I might), but wouldnt github activation stuff like Windows activation or whatever may be, contain one of these?
If your referring to MAS no that’s completely different, they have a whole dedicated server and page explaining how it works but fakes do exist so be careful
Pirating IObit or CCleaner is wild
i did that back then. 😂
pirating trash software is something else, truly
Rule of the Internet: If it's a "crack," then it's "hacked." Play with said fire at your own tremendous risk
Not really you just need to know where to look and you're good
How about stablel diffusion? is this 100% safe?
No software is 100% safe however on GitHub they do have the “issues” tab and if someone has an issue with the software , it’ll be reported there most likely 👍🏾
@@theycallmeken thanks for the info 🙏
Stable diffusion?
That's text to image generation?
Yes that safe sound 38k star the repo so obv that safe even I use that in my pc for unlimited use
@@pxllfx3207 do i need to instal cuda and cudnn first or just follow the youtuber tutorial to instal SD? Thanks in advance
A guy I know occasionally sails the high seas for software, and when he does he runs the cracks through virustotal just to be safe, how can this guy tell cracks/false positives from actual malware on VT? This person sees stuff like "packed" and "themida" on these files
Once you have quite an experience on sailing the high seas, you will bound to know where to look at good crack and how to avoid the bad crack with malware.
Could you review ESET NOD32?
usually it has a lot of tags, thats a BIG red flag
Cracked antivirus is the most ironic thing I've heard in a while 😂
I have already suffered this breach in April due to Telegram mod hack.
Telegram and WhatsApp are bad.