A Dangerous Crypto Scam is Targeting YouTubers

Поділитися
Вставка
  • Опубліковано 26 гру 2024

КОМЕНТАРІ • 464

  • @asteroidrules
    @asteroidrules Рік тому +3759

    I guess it makes sense that crypto scammers didn't think to hide from people inspecting elements on their site, they know cryptobros can't right click.

    • @MSOGameShow
      @MSOGameShow Рік тому +62

      Lmao!

    • @BewegteBilderrahmen
      @BewegteBilderrahmen Рік тому +137

      lol cryptobros unable to right click is probably my favourite example of a modern geas.

    • @AngelusNielson
      @AngelusNielson Рік тому

      To be fair, the kind of person who falls for a crypto scam is too stupid to check.

    • @vizthex
      @vizthex 11 місяців тому +2

      lmfao

    • @migueeeelet
      @migueeeelet 11 місяців тому +8

      This joke's going over my head, can someone explain?

  • @hayberdasher8625
    @hayberdasher8625 11 місяців тому +1855

    "Oh you're getting a virus alert from our software? Try disabling the anitvirus, that should get rid of the alert."

    • @firestalker11
      @firestalker11 8 місяців тому +36

      💀💀💀

    • @marcotruschel9427
      @marcotruschel9427 8 місяців тому +63

      Works for me every time, that was until i lost my anti virus subscription due to my bank being drained

    • @paranoiaproductions1221
      @paranoiaproductions1221 8 місяців тому +50

      Some game engines legitimately give antivirus alerts. Specifically older RPGMaker versions and Ren'py.

    • @neoqwerty
      @neoqwerty 8 місяців тому

      @@paranoiaproductions1221 Depends on where you launch them from in a newer Windows install, most times.
      (protip, don't install anything but the RTPs in their default positions if you can, put everything in a folder on disc root (C, D, or whatever else the drive uses) instead.)
      Source: I've just fought with RPG Maker 2000, 2003, and XP to get them on Win11, the RTP is fine on default path and my habit of putting the actual editors and games in a dedicated set of folders to remember what's using which engine has stopped antiviruses from whining (also stopped admin prompt and saves failing).

    • @artsyscrub3226
      @artsyscrub3226 8 місяців тому

      @@paranoiaproductions1221
      Yes but you can tell when they are legit, also not every anti virus is the same I'd run something detected as a virus through at least one other program to check what kind it is

  • @annieshavingthoughtsagain
    @annieshavingthoughtsagain Рік тому +2429

    Wow, a scam that pretends to be a different scam. It's scamception!

    • @Xylophytae
      @Xylophytae Рік тому +25

      I love that movie!

    • @MilesProwerTailsFox
      @MilesProwerTailsFox Рік тому +38

      It's like when you tryna tell your friend is not gunna explode in Minecraft and you end up setting him on fire instead

    • @anomonyous
      @anomonyous Рік тому

      ​@@XylophytaeI loved the part where Georgia Cloonèy scammed 200 dying children, jiggled her tits and started morbing all over the place.

    • @anomonyous
      @anomonyous Рік тому +9

      ​@@MilesProwerTailsFoxTryna? Yeesh. That sounds bad, you might want to see a doctor about that.

    • @MatthewCampbell765
      @MatthewCampbell765 Рік тому +8

      It's more like a scam that pretends to be a recruitment for scammers, but the would-be recruits are actually the marks.

  • @jf6944
    @jf6944 Рік тому +943

    Reminds me of that GameStop NFT creator who made tons of sloth NFTs. They opened some malicious file to "collab" with someone, and ended up losing his seed phrase. This resulted in all the existing NFTs that had been sold to become worthless because the scammer had control of the wallet and could theoretically create more NFTs (although he just stole his money). Then the Sloth had to re-mint every single NFT with a new wallet and send the NEW, REAL nft to the old holders

    • @valivali8104
      @valivali8104 Рік тому +13

      🤣

    • @brandontoates
      @brandontoates Рік тому +210

      Ah yes, another huge benefit of blockchain tech. Getting robbed blind with zero recourse. Future of finance for sure.

    • @prettyevil6662000
      @prettyevil6662000 Рік тому +150

      @@brandontoates Decentralization is so important though!
      For thieves and scammers.

    • @williamdrum9899
      @williamdrum9899 Рік тому +34

      So much for non-fungible

    • @SFStransit
      @SFStransit 7 місяців тому +2

      If that can happen, why can’t they just assign randomized prices and worth the NFT since they can just ChatGPT new ones for free?

  • @cicadaseance
    @cicadaseance Рік тому +1036

    I have an Aunt Nancy, and it's good to finally know she isn't real. Thanks, Jauwn

    • @AlexPBenton
      @AlexPBenton 8 місяців тому +9

      We wouldn’t happen to be related, would we?

    • @arandomstreetcat
      @arandomstreetcat 8 місяців тому +7

      Same, except mine is my Uncle Nancy. Yeah, my grandparents were sadistic

    • @snakewithapen5489
      @snakewithapen5489 8 місяців тому +9

      ​​@avgredditmod Boy named Sue situation. Did uncle Nancy meet his dad later on and start a barfight?

    • @Generic_Game_Makers
      @Generic_Game_Makers 8 місяців тому

      lol what a reference@@snakewithapen5489

    • @Grayson-tk5hn
      @Grayson-tk5hn 8 місяців тому

      @@arandomstreetcat what is "sadistic"

  • @pantallahueso
    @pantallahueso Рік тому +331

    8:15 It's also worth noting that a stealer malware can also steal your cookies, which allows them to bypass your 2FA because they don't need to actually sign in.

    • @Mario583a
      @Mario583a Рік тому +52

      Yup.
      Just changing your password is enough to make this not work as well as unchecking the [Remember this location/this pc]

    • @williamdrum9899
      @williamdrum9899 7 місяців тому +18

      Cookie Monster: "And I took that personally"

    • @QQnowQQlater
      @QQnowQQlater 6 місяців тому

      @@Mario583a You don't need a password for cookies, though. You can change it all you want if the site doesn't de authenticate that session, the cookie gives you access to the already logged in session. The "Remember this pc" also has nothing to do with saving session data in cookies which are stored in a trivially accessible database locally by your browser.

    • @TheHammerGuy94
      @TheHammerGuy94 3 місяці тому +3

      @@pantallahueso ah yes
      The ol' session hijack trick

  • @michaeltylerstewart
    @michaeltylerstewart Рік тому +1012

    Not only was this entertaining, this was also educational.

    • @orangetabby7122
      @orangetabby7122 Рік тому +15

      I guess you could say that this content is called...
      Edutainment.

  • @pyroman7196
    @pyroman7196 Рік тому +706

    Amazing quality breakdown, as a cyber security person I love to see advanced topics broken down into human basic English for those less tech literate. I wish I had the production skills you have to be able to help build this bridge of awareness and avoidance for vulnerable people. Keep up the spectacular work

    • @jauwn
      @jauwn  Рік тому +191

      glad you found it interesting as a security person! I have no formal cyber security training, so everything I shared was just stuff I taught myself over the years

    • @musikalniyfanboichik
      @musikalniyfanboichik 2 місяці тому +2

      bro just try, i'm sure you'll manage to make some at least decent videos

  • @blankityblankblank2321
    @blankityblankblank2321 11 місяців тому +146

    I'm not in cyber security but seeing the breakdown of the virus, what it does on a virtual machine, and everything else was very educational. Much better than repeating "don't download weird things" again and again. You did a good job.

  • @_crowfisher
    @_crowfisher Рік тому +324

    i think this is the video where I realized this guy knew way more than I thought he did about tech stuff

    • @jauwn
      @jauwn  Рік тому +138

      Eh im still no expert though I just pretend I am

    • @Doomerang01
      @Doomerang01 Рік тому +41

      @@jauwnHow do I know that you're just pretending to pretend that you know, and actually DO know?

    • @theor3472
      @theor3472 Рік тому +36

      Yea I was genuinely impressed. My man's out here with fancy softwares all over the place when I thought he was only for the funny nft gaming. Keep up ur right work !

    • @lesslighter
      @lesslighter 11 місяців тому

      @@theor3472 if you have been through scam baiting vods some of these tools and info are infact out in the open also security researchers are in the tube which is also a good thing watching LPL led me to some pen testing channels which then led me to tech security pen testing related channels

    • @tokorikam1936
      @tokorikam1936 7 місяців тому +4

      ​@@jauwn😂

  • @Ariamaki
    @Ariamaki Рік тому +519

    My favorite goof-up in their chain of stupid steps here was the 760M file magically coming out of a 26M zip along with several other directories "worth" of files. That implies the data was trivially compressed (IE, like you said mostly 0 bits) or self-springing, because there's no way in the nine hells an actual proper program, not even a launcher, scrunched that effectively.

    • @abdou.the.heretic
      @abdou.the.heretic Рік тому +14

      Unless it's Kkrieger which it's not.

    • @someguy4915
      @someguy4915 Рік тому +79

      Heck they could've just sent a small program without malware as a launcher and have it start to download the actual '700MB' file to make it look far more realistic.

    • @tardistrailers
      @tardistrailers Рік тому

      @@someguy4915 Exe files downloading and then executing other exe files usually get detected by heuristic anivirus.

    • @williamdrum9899
      @williamdrum9899 11 місяців тому +4

      The classic "billion laughs attack"

    • @PandoraStratos
      @PandoraStratos 10 місяців тому

      That's pretty normal compression.

  • @bwarrent
    @bwarrent Рік тому +122

    I bet they stole the assets of an old failed crowdfunding game to make theirs look legit.

    • @nathangamble125
      @nathangamble125 8 місяців тому +27

      When I saw it, I immediately thought of concept art from nightmareworld (a game prototype created entirely for the sake of demonstrating the incompetence of the developers of "dreamworld", an NFT scam game).
      I don't think it is from nightmareworld, but some of it looks similar.

  • @drdiabeetus4419
    @drdiabeetus4419 Рік тому +420

    Hey! You forgot about the other places that style of ASCII art appears. Old all-text game walkthroughs and mod readmes.

    • @youtube-kit9450
      @youtube-kit9450 8 місяців тому

      Yeah, was gonna say so. I remember seeing that kind of stuff on old forums like gamefaqs frequently for guides.

    • @mauricioalvarezpino1818
      @mauricioalvarezpino1818 8 місяців тому

      Gamefaqs my beloved

    • @wombatpandaa9774
      @wombatpandaa9774 8 місяців тому +42

      GameFAQs! Just thinking about that takes me back. I used to read stuff on that site for hours as a kid.

    • @LepidoliteMica
      @LepidoliteMica 8 місяців тому +19

      I remember printing out and stapling together a walkthrough for Lego Star Wars 2; that thing got tattered from near-constant use.

    • @TrueBruceTube
      @TrueBruceTube 6 місяців тому +1

      Yeah I've seen those when playing FNF moods.

  • @medea27
    @medea27 Рік тому +260

    Great video! 👍 Just wanted to point out @ 10:32 that reporting these scams is _very important,_ even if no-one responds to your specific complaint. You might not notice any immediate action being taken, but that doesn’t mean the report doesn’t achieve anything. Scammers rely on people's reluctance to report, knowing it's not feasible for cybersecurity teams & law enforcement to investigate small numbers of incidents… so reporting “near-misses” or attempts like this one always provides valuable info while helping the issue reach critical mass to prompt action by authorities.
    “Near-miss” data is also incredibly valuable for big-picture analytics & being proactive with security, _especially_ when there’s a significant social engineering element to it. If I get a scam text or email for a company I’m a customer of, I always report it to them because I know how useful that info is from the other side of the equation. Cybersecurity whack-a-mole is much easier to play if you can work out which hole they’re likely to pop out of next!

    • @migueeeelet
      @migueeeelet 11 місяців тому +45

      Every report gives every other report validity. One report is a false positive, a hundred reports is a matter of concern.

    • @fuilli
      @fuilli 7 місяців тому +7

      @@migueeeelet and a million reports is hopefully someone in jail (or at least fined, which I guess is... *fine.* ... yea that was a bad joke)

    • @Red-in-Green
      @Red-in-Green 6 місяців тому +9

      Yeah, the place I work for does this funny thing where THEY send you spam/fishing emails. Like, the cybersecurity team is the one sending them. If you report the spam you get a little “Good Job!” pop-up. I don’t know how well it works in general, but now MY first response at seeing something even slightly Sus is to report it as spam.

  • @esuelle
    @esuelle Рік тому +252

    Great work, Jauwn. Their website and art actually look quite decent which is surprising. Still, the scam falls apart if you look closer. Or if you're not in the habit of downloading and running shady NFT games from the web. I guess that's an occupational hazard for you now. 🧐

    • @jauwn
      @jauwn  Рік тому +97

      Just another day out working in the mine field

    • @asteroidrules
      @asteroidrules Рік тому +50

      I do have to wonder how much of the art was plagiarized, since clearly the text is.

    • @prettyevil6662000
      @prettyevil6662000 Рік тому

      @@asteroidrules Since it wasn't detected as AI made, I'm betting it wasn't and was just snagged off little known websites or sites that aren't cached by Google image so you can reverse search. (Such as pixiv). Just like was done with those articles. Easy to get professional quality material when you just steal it. No AI even needed.

    • @mrprogamer96109
      @mrprogamer96109 Рік тому

      I think they just booted up Inkarnate, a tool mostly used by Tabletop RPG GMs to quickly make fantasy worlds.

  • @faawks
    @faawks Рік тому +140

    Mate, I like to think I'm pretty up to date with all the scams going on, but this was mostly new to me, I firmly believe that EVERYONE should watch this video, super informative, I hope it can somehow go viral, I'll do my part.

    • @Yairaph
      @Yairaph 5 місяців тому +3

      You are _never_ up to date on the scams.

  • @Axcille
    @Axcille Рік тому +132

    "there are no real people with the name nancy" -got me laughing

  • @ZeroPlayerGame
    @ZeroPlayerGame 10 місяців тому +96

    One thing you didn't mention but is a HUGE red flag is a password-protected archive next to a password in a text file. The only reason I've ever seen that done is so that your antivirus cannot snipe the file dead as you're downloading it, as it has no way to decrypt the archive and access the contents.
    You ever see a password-protected archive like this, it should go directly to trash, no matter what it claims to be.

  • @SHDW-nf2ki
    @SHDW-nf2ki Рік тому +226

    Fun fact, Magical World is a D&D slang term for a campaign or setting that revolves around the DM's sexual fetish(es)

    • @coltonlong7562
      @coltonlong7562 Рік тому +64

      You mean "Dare you enter my Magical Realm?"

    • @ZorotheGallade
      @ZorotheGallade Рік тому +56

      @@coltonlong7562 All bow before the Whizzard

    • @ZKtheMAN
      @ZKtheMAN 11 місяців тому +23

      Would this magical world have anything to do with putting on a robe and wizard hat?

    • @toby818
      @toby818 8 місяців тому +6

      @@ZorotheGallade wizhard

    • @imhomephobicdontshowmehous2478
      @imhomephobicdontshowmehous2478 7 місяців тому +12

      @@ZorotheGallade Don't you mean the Jizzard?

  • @Pipkiablo
    @Pipkiablo Рік тому +55

    My guess is that the art and gameplay clips look legitimate because it is. They probably stole it from another crypto project or a failed kickstarter.

  • @hi-friaudioman
    @hi-friaudioman Рік тому +42

    I came across a facebook bot today, i posted something with the word "hacked" in a public post and almost immediately i had someone with no posts and an obviously fake account comment with a link to someone who is her "computer wiz" and then the fishy link. I instantly blocked the user, took the post private and deleted the comment.

  • @sinty0x
    @sinty0x Рік тому +111

    J, excellent video showcasing how easy it is to create a fully fleshed out profile online that appears legitimate at the surface level, and we could all use the refresher regardless of how experienced we are!
    P.S. I know gosh darn well you didn't just pronounce 1337 as thirteen thirty-seven.

    • @jauwn
      @jauwn  Рік тому +116

      If you think I'm going to say the word "leet" out loud in 2023 you're dead wrong

    • @Unnamed86
      @Unnamed86 Рік тому +13

      @@jauwn it's "one thousand three hundred and thirty-seven"

    • @hand13932
      @hand13932 Рік тому

      LOLOLOLO 1053R @@jauwn

    • @williamdrum9899
      @williamdrum9899 8 місяців тому

      ​@@Unnamed86 You forgot "In The Year of Our Lord" at the beginning

    • @trouty7947
      @trouty7947 8 місяців тому +1

      ​@@Unnamed86no it's one thirty three seven

  • @QuanticBlob
    @QuanticBlob Рік тому +50

    After that ASCII art I thought there would be an installer playing a royalty free song.

  • @asteroidrules
    @asteroidrules Рік тому +23

    All things considered the level of polish they put in to their fake website and social media should have been a red flag, it looks way too good to be a crypto game.

  • @thatmspaintgirl
    @thatmspaintgirl 5 місяців тому +9

    1:16 These are SUSPICIOUSLY similar numbers. You'd expect them to have closer to 16,000 Twitter followers if they have that many people on their Discord. It's a much less high-commitment action, so you'll automatically get more traction on that platform. Them being the same implies bots purchased in equal amounts for each Social Media Platform they're engaging on.

  • @skyfeelan
    @skyfeelan 4 місяці тому +6

    I thought that this is just a crypto scam uncover channel, I was pleasantly surprised when you start pentesting, packet capturing, and reverse engineering the scam

  • @crispx19
    @crispx19 8 місяців тому +10

    This is the most clean and simple exposition of a real scam , i see now how little one has to know to "hack" people...
    All you could do with just money and almost none computer knowledge.
    Thanks for this video

  • @theuncannyalex
    @theuncannyalex 10 місяців тому +6

    obsessed with the way you systematically deconstructed their whole deal, informative ~and~ satisfying

  • @mysticyam4109
    @mysticyam4109 Рік тому +71

    I looked it up and saw that there are people named Nancy😱

    • @jauwn
      @jauwn  Рік тому +50

      Fake (real)

  • @qwerty_artist
    @qwerty_artist Рік тому +40

    Dang, now Jauwn is getting into investigative videos? I can only like a video once my dude!
    Also, I would so enjoy a video just going over the cringe email offers you get ngl

  • @Cleric4521
    @Cleric4521 8 місяців тому +7

    The most suspicious part of this was seeing the ASCII art without hearing some banger of a chiptune song blaring.

  • @DarrenMc
    @DarrenMc 5 місяців тому +4

    "Dear" and "Kindly" are instant flags that whatever being pitched is a scam

  • @bobroberts2581
    @bobroberts2581 Рік тому +55

    Dude seriously tried to Bioshock you? “would a you Kindly to be turning off your abitivrus software please now kindly.”

    • @jauwn
      @jauwn  Рік тому +47

      That game must've trained me to never listen to anyone saying "kindly" do anything

  • @nolife874
    @nolife874 Рік тому +50

    you should of cobbled together a game launcher for the game and sent them a screen shot of that

  • @Tydusis1
    @Tydusis1 7 місяців тому +5

    I've taken a reverse engineering course as part of cybersecurity coursework, and worked with debuggers like IdaPro. Windows defender probably couldn't scan it for at least a couple reasons. One, it is novel, and lots of scanning is signature based, and perhaps the file definition table wasn't up to date, especially if you are using an unpatched windows VM. Two, and probably the biggest one, is that lots of malware is packed, that is compressed, in such a way as to obscure its intentions, and make it harder to analyze. The unpacking program will decompress the actual instructions before running those. It's possible the program was packed, though having at least one scanner successfully figure out what it was tells me that it wasn't THAT novel, as most malware worth their salt will use a custom packer (variants of UPX packer are common) and require manual analysis of some kind to reverse engineer. The inflated filesize is a separate issue which I think you covered well.

  • @brandontoates
    @brandontoates Рік тому +14

    Awesome work Jauwn. And, just for the record, I believe March 28rd will be the day of the MOASS. Buckle up.

  • @anum4776
    @anum4776 6 місяців тому +3

    Immediately after this video I got an ad from (legit) bank warning about opening links that pretend to be postal service, your bank, IRS etc. and to stay safe online

  • @teamworm5932
    @teamworm5932 Рік тому +35

    Probably worth noting that SMS 2FA is usually considered one of the least secure 2FA types

    • @jauwn
      @jauwn  Рік тому +56

      😅 everyone keeps commenting this lol, I pinned my response. But SMS 2FA is miles better than Email 2FA, which is what I was trying to get at in the video. Guess it wasn't very clear

  • @cccapuno
    @cccapuno 9 місяців тому +4

    i've taken down a couple of websites like these, the scammers are always from countries where the police don't even care even when you send them their address and full name of the scammer, they just open another website and continue stealing money

  • @crowcoregames1785
    @crowcoregames1785 Рік тому +23

    its not entirely pointless math its a enlarge prompt, its entire purpose is basically to fill the code with pointless data, it basically is a bunch of math that is designed to increase its own file space, with the malware attached to it basically what happens is the code runs and gains the same error over and over wile secretly running the malware in the background. at least as far as i know

    • @jauwn
      @jauwn  Рік тому +12

      Yuuuup you are right I learned that after making the video

    • @crowcoregames1785
      @crowcoregames1785 Рік тому +1

      yeh malware coding is like a whole thing, use to do stuff about f12 coding at collage and what applications binary can have@@jauwn

    • @MandrakeFernflower
      @MandrakeFernflower Рік тому +2

      CIH did a similar thing back in the 1990's

    • @crowcoregames1785
      @crowcoregames1785 Рік тому +1

      yerp@@MandrakeFernflower

  • @jacobn8509
    @jacobn8509 10 місяців тому +8

    Thanks to this video, I could tell a friend-of-a-friend was hacked when they asked me to test an indie game "she" and "some friends" were "working on." They had an actual UA-cam of fake game footage and a fake website, too.

    • @jauwn
      @jauwn  10 місяців тому

      Hell yeah!

  • @dicedoomkid
    @dicedoomkid Рік тому +8

    Running a virtual is crazy useful to protect your pc I wish I understood more about this kind of stuff

  • @shrug_shrugsly
    @shrug_shrugsly Рік тому +7

    Best. Thumbnail. Ever. Thumbnailed.

  • @emmajane7055
    @emmajane7055 Рік тому +4

    i watched this and expected your subscriber count to be like 500k wtf, this video was awesome + you’re definitely gonna grow very quickly :))

  • @agnesg
    @agnesg Місяць тому +2

    March 28rd is one reason i love this channel..like for real, this is one of my favorite channels. And im not a gamer, its just such good content. You have a great personality and you do a thorough job of explaining stuff while keeping it engaging.

    • @jauwn
      @jauwn  Місяць тому +1

      thanks buddy

  • @vamuse
    @vamuse Рік тому +7

    The sheer amount of tools and techniques you used to pick this malware apart is what really impressed me. I consider myself pretty computer savvy but have not heard of 2/3 of these applications. Thanks for the detailed breakdown, inspired me to look into how some of these tools work so I can at least feel like I can browse more safely.

  • @-Siknakaliux-II
    @-Siknakaliux-II Рік тому +20

    I like the explanations and programs featured to give a deeper look at things. Would a list of the sites used be put in the description or via text on screen for reference?

  • @crazycatlady2744
    @crazycatlady2744 Місяць тому +1

    I was suspicious about how a 700+MB exe file can come out of a 27MB zip file. That level of compression just doesn't make sense. So I now know that you can make a fake exe that's filled with fake data to make it look over 20 times bigger than it actually is, as long as you don't compress it.
    Also I suspect the art may be plagiarised; If I look up the art lead, I can't find anything about her except her Twitter account which appears to all be crypto stuff, she doesn't appear to have a presence on any art sites (at least not under that name), no art comes up on image search, so I'm suspicious. (There's also the fact that I pretty much expect a scam project within a scam community to do plagiarism.)

  • @kenirainseeker539
    @kenirainseeker539 Рік тому +17

    It could just be stolen art, do a reverse image search

  • @khan-bm3zz
    @khan-bm3zz 2 місяці тому +2

    Came for the crypto scam, stayed for the fun malware analysis work.

  • @Atsumari
    @Atsumari 11 місяців тому +20

    You are a gift to humanity; thank you.

  • @ana.wordswordswords
    @ana.wordswordswords 6 місяців тому +4

    the “no real people are named Nancy” made me actually have to stop and think, because i actually know no one, family, friend or celebrity, named Nancy. my mind just kept going to Nancy Wheeler. i know that people named Nancy exist, but I don’t know any

  • @Kalel_The_Protogen
    @Kalel_The_Protogen Рік тому +2

    still hard to believe people like this can exist, it’s great how there are websites to handle these viruses

  • @StefanoAgrotis
    @StefanoAgrotis 10 місяців тому +6

    8:18 Please remember that token stealing will bypass MFA.. that's the truly scary part.
    Also, SMS 2FA is among the weakest type, as your phone number is a fairly easy target for social engineering.

  • @jakeh2034
    @jakeh2034 Рік тому

    Man...... You are tickling my fancy making me feel internet savvy and unscammable in this video. The ASCII art brought me back to TPB glory days.

  • @BobLu
    @BobLu Рік тому +6

    I am wondering if the scammer got the assets of some abandoned project to make their website looks legit?

  • @BigFatty3819
    @BigFatty3819 2 місяці тому +2

    I'm a Police officer and I'm tired of taking these reports where people are scammed anywhere from 100 to seriously $50,000. It's quite unfortunate tho, Grind Techiei Seriously thank you for flagging down these swindlers. You make me want to spend my next 10 years learning how to do this𝘀

  • @jerryf5528
    @jerryf5528 Рік тому +14

    I know this will sound stupid but I actually ran the exe on my PC. Took me 20 mins to realize what happened and I wiped my drives clean, reinstalled windows and did a ton of scans.
    This was about 7 days ago and I had text docs with some semi-important info. Nothing has happened so far though.
    And I safe now or can this thing survive even a clean reinstall?

    • @jauwn
      @jauwn  Рік тому +22

      Not stupid at all! Like I said this is a very convincing scam.
      As far as I know, there are very few pieces of malware that can persist through a full system wipe, and I wouldn’t think this one would be an exception. I would make sure to change every single password you have, starting with you email. You also want to make sure that you have 2FA enabled for all accounts.
      If they didn’t steal anything yet, there’s a chance that either you simply didn’t have anything interesting for them to steal, or they haven’t gotten around to it yet. If you had any seed phrases stored on the computer, those are probably compromised though, so I would get all of your crypto out of their ASAP.
      If they do manage to steal any of your crypto (if you have any) then it would be interesting to see what wallet they sent it to

    • @jerryf5528
      @jerryf5528 Рік тому +4

      @@jauwn Thanks for the reply. Already did all of that. FWIW I also played with the exe file in a controlled environment and malwarebytes found nothing. I also managed to scan it online (can't remember which one allowed the upload of such a large file) nothing was found.
      Avast picked it up and from your video I see that NOD did too. Did you manage to discover which files does it scan for?

    • @jauwn
      @jauwn  Рік тому +2

      Not sure I understand your question. What files does what scan for?

    • @frag0638
      @frag0638 Рік тому +2

      Consider all your browser passwords sold

  • @anon9469
    @anon9469 8 місяців тому +1

    It says something about the quality of crypto games when you get better website design and more effort from direct scam attacks then the actual 'triple-A' games.

  • @mattb8075
    @mattb8075 Рік тому +6

    Great analysis! I am particularly interested in your knowledge of the intricacies of this. Are you just a power user, or did you go to school for InfoSec? I did myself, so it feels to me like you did too, or you just do a lot of good self research. I'm curious to the case. I'd like to see more content of dissecting scam attempts, they are fun to watch the scammers fail spectacularly

    • @jauwn
      @jauwn  Рік тому +6

      Just a power user! Nothing I learned in school really helped me learn this sort of stuff. I learned way more just from being a PC power user since the early XP days, and was even more pushed to learn by my father who used to be a big PC enthusiast in the late 90s-early 2000s.
      I think the best way to learn this sort of stuff is to take an honest interest in it and start teaching yourself. School is great and all but your passion to learn will teach you far more in the long run.

    • @mattb8075
      @mattb8075 Рік тому +2

      @@jauwn Thank you for the response, yeah I've been an early PC power user myself since the early Win 2000 days. Interesting to hear your perspective. Like I mentioned, I hope you might do more of these scam attempt investigation videos they are fun to watch. I'm pretty much watching anything you put out though lately

  • @Splashzone263
    @Splashzone263 8 місяців тому +1

    I had my discord almost stolen by this type of scam and trust me it is ALWAYS smart to have 2FA, if i didn’t have discord support help me i would had been done for
    I had to completely restart my PC and that was always my most embarrassing moment, and to be honest seeing that scam being shown still scares me

  • @stickyfox
    @stickyfox Рік тому +8

    "Crypto Scam"
    Next time someone asks you for an example of a tautology.

  • @Violetstainn
    @Violetstainn Рік тому +11

    Jauwn you did it again, this video is extremely entertaining, well put together AND informative.
    Your content is getting better and better with every upload :')
    Can't wait for the next crypto scam XD

  • @zantanzuken
    @zantanzuken 8 місяців тому +1

    i feel like that website is probably built off someones school project, which is why it looks so good... they likely WANTED to make a game at some point but dropped off because they realized it was more difficult than they expected. files fall into the internet cracks, some random shmuck rebrands it as a web3 project, bam boom scam time.

  • @Eddygeek18
    @Eddygeek18 4 місяці тому

    This needs far more views to spread awareness of this kind of scam

  • @kessiniktange8861
    @kessiniktange8861 6 місяців тому

    "If something seems too good to be true, it probably is." I learned a slightly different version studying business in college: "If something seems too good to be true, it is."

  • @sofastuffing
    @sofastuffing Місяць тому +1

    Hearing Jauwn spell out "thirteen thirty-seven" instead of saying "leet" kind of hurts me

    • @jauwn
      @jauwn  Місяць тому +1

      @@sofastuffing good

  • @holyhelga
    @holyhelga Рік тому +10

    well NFTS are always a scam the way i see it

  • @attilamagyar91
    @attilamagyar91 10 місяців тому +1

    I love this IT investigation arc.

  • @AsterInDis
    @AsterInDis Рік тому +1

    Thanks for the reminder to set up 2FA. I have it on a lot of my stuff but I had forgotten to set up non-email version on one of my more important passwords.

  • @northropi2027
    @northropi2027 Рік тому +2

    "Our new game engine, a program ran on a local device, uses Blockchain Technology, a means of intercommunication between a set of devices!" What Does That Even Mean

  • @Fadsy
    @Fadsy Рік тому +2

    I appreciate getting to see how scams like this work
    There's been a few times that this kind of knowledge came in handy when helping my parents with certain situations

  • @ratbaby3107
    @ratbaby3107 10 місяців тому +2

    Hey that ASCII text isn't JUST from nefarious files, it's also from every gamefaqs walkthrough circa 2010

  • @koridic3188
    @koridic3188 8 місяців тому +1

    My childhood remembers ascii artwork at the start of walkthrough guides back in the day for games.

  • @miso-ge1gz
    @miso-ge1gz 11 місяців тому +2

    These 27 megabyte zip files that extract into a full game-like size are real funny. They are usually just endless downloader links and download an insane amount of bloatware programs and add toolbars to your browser. The only reason they can be compressed so much is because the file is padded with a bunch of zeroes/ones.

  • @maddhistorian_jil1464
    @maddhistorian_jil1464 11 місяців тому +3

    No reference to old Gamefaqs with the ASCII art smh.

  • @chucklesdeclown8819
    @chucklesdeclown8819 Рік тому +2

    man, the website looks so good too. they should have made an actual game XD

  • @hamburger_eatspie
    @hamburger_eatspie 8 місяців тому

    I find it funny how crypto games keep asking to be sponsored and end up getting completely exposed

  • @DisinformationAgent
    @DisinformationAgent 8 місяців тому

    ASCII art like that is a safety blanket for people for the real people of the Internet, seeing it being used to steal money from real people and not corporations breaks my heart.

  • @davidstaffen6783
    @davidstaffen6783 2 місяці тому +3

    I use ascii art for my batch programs to just make em look nicer

  • @skeletonBOI-wn4lw
    @skeletonBOI-wn4lw 6 місяців тому +1

    i declare marshall law against crypto scams

  • @ccwebs
    @ccwebs 7 місяців тому +1

    I teach computer science. This was an excellent video about the importance of following basic safety practices when online.

  • @MsTerkup
    @MsTerkup 4 місяці тому +2

    Pointless math? Wow it is a crypto game after all

  • @Mako-rh6tl
    @Mako-rh6tl Рік тому +1

    Only recently discovered your channel and been binging the content. Didn't ever expect to see VT, Triage, and Ghidra referenced. Love it.

  • @范廷容
    @范廷容 2 місяці тому

    Brother please take care always and your team, *VortexTrace* you're the hero of us who helped watched out for this scumb**gs and give us knowledge not to be scam by these animals and aliens. Please never give up helping to those innocent people….!!!

  • @MrMeowstic7
    @MrMeowstic7 Рік тому +6

    Yeah this whole thing just screams "scam"

    • @jauwn
      @jauwn  Рік тому +11

      The funniest part is that it still exists and people are still falling for it. Someone just messaged me saying he lost $10,000+ of crypto from downloading it.

    • @MrMeowstic7
      @MrMeowstic7 Рік тому +2

      @@jauwn damn

    • @oliver_twistor
      @oliver_twistor Рік тому +10

      @@jauwn I partly blame legitimate developers of Windows software who teach users to allow privileged access for every little thing. That way, when a malicious software comes along and asks for access, most users will click Yes without a second thought. I also blame Microsoft for making it seem like not a big deal to let software run as administrator and even higher privilege than that. That's what I like with Linux. Running a software as root is scary, as it bloody well should be.

    • @Sopsy_Hallow
      @Sopsy_Hallow Рік тому +3

      @@oliver_twistor i think its a double issue ngl, on one hand, making it so easy/the norm to run things as admin or allow admin privileges is bad, but it's not helped that a suprising amount of normal stuff just often doesnt run without them.

  • @Meepb
    @Meepb 7 місяців тому +2

    My mom’s name is Nancy and our last name starts with B. Suspicious.

  • @delusionaut
    @delusionaut 6 місяців тому +1

    explaining it like i was 5 was Very good and i rly liked this vid. Educational , simple 2 follow and quite Funny tbh

  • @sauce5893
    @sauce5893 7 місяців тому +1

    Searching the IP at ~9:47 seems to lead to other 'projects' like this one.

  • @rickywalters7717
    @rickywalters7717 8 місяців тому +2

    Hey, they wanted to see a short recording of you launching the "game", right? Why not take a quick recording of you launching the .exe, asking "huh, it didn't open up. Did I do something wrong?" And then wait for them to notice they didn't even get any real info.

  • @SalusFuturistics
    @SalusFuturistics 10 місяців тому +1

    The AI Detector will also say that clearly AI generated Artwork, has less than 10% AI in it. It's not reliable Proof.

  • @batchampa
    @batchampa Рік тому +2

    2FA that sends a code to your phone is actually pretty bad these days. Too easy to Sim swap people if they think you're worth it. An authenticator app is a better option

  • @Mantafirefly
    @Mantafirefly 5 місяців тому +3

    Looking at this again, I think I know why your virus did a bunch of useless calcs; It detected it was in a VM sandbox. A lot of droppers now can detect if they're in a VM and do a bunch of misdirecting junk rather than unpacking their payload in a bid to make it harder for security researchers to work out how they function, and it seems like you hit that here.

    • @jauwn
      @jauwn  5 місяців тому +2

      Very well could be the case

  • @TheLastYnzy
    @TheLastYnzy 7 місяців тому

    I think the most depressing thing to me is that (assuming not everything on the site is stolen) they have what could be an interesting looking game. Like drop the NFT thing and make it some kind of Card Battler or Darkest Dungeon style game out of it and they'd probably actually make money off it.

  • @filipbitala2624
    @filipbitala2624 Місяць тому

    5:09 depends on the game, for example cdda has only around 70 MB and its huge

  • @tylern6420
    @tylern6420 Рік тому +5

    It must be good that i'll like never interact with this blockchain stuff then

    • @tylern6420
      @tylern6420 Рік тому

      but if i change my mind and start using basic crypto (like Bitcoin) then i'll simply mine it and trade it as that seems much less volatile than buying a digital asset and hoping it doesnt crash in price

    • @jauwn
      @jauwn  Рік тому +6

      Nah it’s not worth it you’re not missing anything by just ignoring anything crypto

    • @tylern6420
      @tylern6420 Рік тому

      @@jauwn fair enough

    • @tylern6420
      @tylern6420 Рік тому

      @@jauwn if i HAD to choose between mining or these nft games tho, i would choose mining because if you have hardware, you only really gotta pay the electricity used by the rig

    • @Hifuutorian
      @Hifuutorian Рік тому +1

      @@tylern6420You cannot possibly mine efficiently enough to pay for the electricity you are using to mine in the first place. Maybe if this were 10 years ago.

  • @lethalee
    @lethalee Рік тому +1

    Oppa Gangnam style. Elite haxxzor defending skills on display. Good vid!

  • @malkavcandy
    @malkavcandy 10 місяців тому

    excellent breakdown of the scam! knowing how these things look and work is super helpful

  • @TonySpike
    @TonySpike 7 місяців тому +1

    Thats some nice detective work their Nancy Drew

  • @bobbobber4810
    @bobbobber4810 7 місяців тому +1

    Imagine when bots are going to become sentient.
    OnlyFan bots and crypto bots are going to rule the world.