A Dangerous Crypto Scam is Targeting YouTubers

preview_player
Показать описание
Yesterday, a pretty blatant #crypto #scam reached out to me via Discord to coordinate a promotional video. Obviously, I would never do a promotional video for a crypto game, so I decided to have a little bit of fun with them. However, what I uncovered was instead a very sophisticated and scary piece of malware.

I decided to perform a little bit of malware analysis on this and break their scam down to help raise awareness. While a scam like this may seem obvious if you have a strong technical background, this specific example was much more convincing than some of the others I've seen in the past.

They asked for a promotional video, I delivered!

Thanks for watching!

Subscribe:
Buy me a Coffee:
Follow me on Twitter:
Join our Discord!:
  1. Jauwn
  2. crypto
  3. scam
  4. exposed
  5. malware analysis
  6. scammer
Рекомендации по теме
A Dangerous Crypto 0:11:11

A Dangerous Crypto Scam is Targeting YouTubers

The Most Dangerous 0:13:57

The Most Dangerous Crypto Scam in the World

The Most Dangerous 0:11:11

The Most Dangerous Crypto Scam: Victims Speak Out

TAPSWAP CODE:The most 0:00:22

TAPSWAP CODE:The most DANGEROUS crypto scams you SHOULD know about! #tapswap #tapcoin

The most DANGEROUS 0:00:29

The most DANGEROUS crypto scams you SHOULD know about

Why Bitcoin is 0:07:40

Why Bitcoin is a Scam

Free 0.31 BTC 0:02:08

Free 0.31 BTC Promo Code XGRANT Scam Using Elon Musk EXPOSED! Vexorabit Review

Tapswap Task Code 0:03:02

Tapswap Task Code - The most Dangerous crypto scams

I Trusted the 0:00:34

I Trusted the US Treasury - Here’s What Happened

Code TapSwap | 0:01:10

Code TapSwap | The Most DANGEROUS Crypto Scams You SHOULD Know About! |

3 Crypto Scams 0:08:55

3 Crypto Scams YOU WILL Fall For & How To Avoid

The Discord Bitcoin 0:11:11

The Discord Bitcoin Scam: This Never-Ending Crypto Exchange Scam is Dangerous

Crypto is a 0:22:40

Crypto is a Giant Ponzi Scheme, Here's Why

Elon Musk: Why 0:00:35

Elon Musk: Why I HATE Bitcoin?

12 July Tapswap 0:01:03

12 July Tapswap Code Today | The most DANGEROUS crypto scams you SHOULD know about!

ANDREW TATE SAYS 0:00:34

ANDREW TATE SAYS THIS ABOUT CRYPTO FUTURE #shorts

Most Dangerous Crypto 0:10:51

Most Dangerous Crypto Scam Yet in 2020

How Crypto Scammed 0:18:04

How Crypto Scammed The World

This Guy Made 0:00:59

This Guy Made 114 Crypto SCAMS In 1 Month...

Warren Buffett Exposes 0:15:52

Warren Buffett Exposes Bitcoin

Is Bitcoin a 0:00:39

Is Bitcoin a Scam? Peter Zeihan Tells All

The most dangerous 0:09:59

The most dangerous crypto MEV scam

Yocoja.com Crypto Scam 0:08:48

Yocoja.com Crypto Scam Review: Is It a Safe Investment or a Risky Fraud?

Edward Snowden | 0:09:07

Edward Snowden | 'The Future of Crypto Is Not What It Seems'

Комментарии
Автор

I guess it makes sense that crypto scammers didn't think to hide from people inspecting elements on their site, they know cryptobros can't right click.

asteroidrules
Автор

"Oh you're getting a virus alert from our software? Try disabling the anitvirus, that should get rid of the alert."

hayberdasher
Автор

Wow, a scam that pretends to be a different scam. It's scamception!

annieshavingthoughtsagain
Автор

Reminds me of that GameStop NFT creator who made tons of sloth NFTs. They opened some malicious file to "collab" with someone, and ended up losing his seed phrase. This resulted in all the existing NFTs that had been sold to become worthless because the scammer had control of the wallet and could theoretically create more NFTs (although he just stole his money). Then the Sloth had to re-mint every single NFT with a new wallet and send the NEW, REAL nft to the old holders

jf
Автор

I have an Aunt Nancy, and it's good to finally know she isn't real. Thanks, Jauwn

cicadaseance
Автор

Not only was this entertaining, this was also educational.

michaeltylerstewart
Автор

8:15 It's also worth noting that a stealer malware can also steal your cookies, which allows them to bypass your 2FA because they don't need to actually sign in.

pantallahueso
Автор

Amazing quality breakdown, as a cyber security person I love to see advanced topics broken down into human basic English for those less tech literate. I wish I had the production skills you have to be able to help build this bridge of awareness and avoidance for vulnerable people. Keep up the spectacular work

pyroman
Автор

I'm not in cyber security but seeing the breakdown of the virus, what it does on a virtual machine, and everything else was very educational. Much better than repeating "don't download weird things" again and again. You did a good job.

blankityblankblank
Автор

i think this is the video where I realized this guy knew way more than I thought he did about tech stuff

_crowfisher
Автор

My favorite goof-up in their chain of stupid steps here was the 760M file magically coming out of a 26M zip along with several other directories "worth" of files. That implies the data was trivially compressed (IE, like you said mostly 0 bits) or self-springing, because there's no way in the nine hells an actual proper program, not even a launcher, scrunched that effectively.

Ariamaki
Автор

"there are no real people with the name nancy" -got me laughing

Axcille
Автор

Great video! 👍 Just wanted to point out @ 10:32 that reporting these scams is _very important, _ even if no-one responds to your specific complaint. You might not notice any immediate action being taken, but that doesn’t mean the report doesn’t achieve anything. Scammers rely on people's reluctance to report, knowing it's not feasible for cybersecurity teams & law enforcement to investigate small numbers of incidents… so reporting “near-misses” or attempts like this one always provides valuable info while helping the issue reach critical mass to prompt action by authorities.

“Near-miss” data is also incredibly valuable for big-picture analytics & being proactive with security, _especially_ when there’s a significant social engineering element to it. If I get a scam text or email for a company I’m a customer of, I always report it to them because I know how useful that info is from the other side of the equation. Cybersecurity whack-a-mole is much easier to play if you can work out which hole they’re likely to pop out of next!

medea
Автор

Hey! You forgot about the other places that style of ASCII art appears. Old all-text game walkthroughs and mod readmes.

drdiabeetus
Автор

I bet they stole the assets of an old failed crowdfunding game to make theirs look legit.

bwarrent
Автор

Great work, Jauwn. Their website and art actually look quite decent which is surprising. Still, the scam falls apart if you look closer. Or if you're not in the habit of downloading and running shady NFT games from the web. I guess that's an occupational hazard for you now. 🧐

esuelle
Автор

Mate, I like to think I'm pretty up to date with all the scams going on, but this was mostly new to me, I firmly believe that EVERYONE should watch this video, super informative, I hope it can somehow go viral, I'll do my part.

faawks
Автор

One thing you didn't mention but is a HUGE red flag is a password-protected archive next to a password in a text file. The only reason I've ever seen that done is so that your antivirus cannot snipe the file dead as you're downloading it, as it has no way to decrypt the archive and access the contents.
You ever see a password-protected archive like this, it should go directly to trash, no matter what it claims to be.

ZeroPlayerGame
Автор

1:16 These are SUSPICIOUSLY similar numbers. You'd expect them to have closer to 16, 000 Twitter followers if they have that many people on their Discord. It's a much less high-commitment action, so you'll automatically get more traction on that platform. Them being the same implies bots purchased in equal amounts for each Social Media Platform they're engaging on.

thatmspaintgirl
Автор

Fun fact, Magical World is a D&D slang term for a campaign or setting that revolves around the DM's sexual fetish(es)

SHDW-nfki