[0:04]
this video is brought to you by incog this video is brought to you by incog this video is brought to you by incog stick around to hear more about the stick around to hear more about the stick around to hear more about the discount they're providing to the entire discount they're providing to the entire discount they're providing to the entire upper echelon Community okay today once upper echelon Community okay today once upper echelon Community okay today once again is a security topic but the again is a security topic but the again is a security topic but the pathway to get here was a little bit pathway to get here was a little bit pathway to get here was a little bit abstract all of it began with a simple abstract all of it began with a simple abstract all of it began with a simple tweet from a man named Michael girdley tweet from a man named Michael girdley tweet from a man named Michael girdley this tweet on screen right now said the this tweet on screen right now said the this tweet on screen right now said the following quote if I am annoyed at your following quote if I am annoyed at your following quote if I am annoyed at your company pointing to a Google advert at company pointing to a Google advert at company pointing to a Google advert at the top of the search page for slack the top of the search page for slack the top of the search page for slack pricing and then different quote if I pricing and then different quote if I pricing and then different quote if I like your company pointing to the actual like your company pointing to the actual like your company pointing to the actual slack website itself in the same search slack website itself in the same search slack website itself in the same search page the insinuation here is that 
[0:35]
page the insinuation here is that page the insinuation here is that clicking on the Google advert costs the clicking on the Google advert costs the clicking on the Google advert costs the company money whereas directly company money whereas directly company money whereas directly purchasing from their website avoids purchasing from their website avoids purchasing from their website avoids that unnecessary click fee in theory that unnecessary click fee in theory that unnecessary click fee in theory it's a rather funny way of striking back it's a rather funny way of striking back it's a rather funny way of striking back at corporate entities and I chuckled a at corporate entities and I chuckled a at corporate entities and I chuckled a bit when I read it however that levity bit when I read it however that levity bit when I read it however that levity was extremely shortlived because after was extremely shortlived because after was extremely shortlived because after reading the text and flipping back to reading the text and flipping back to reading the text and flipping back to whatever other project it is I was whatever other project it is I was whatever other project it is I was working on at the time I remembered working on at the time I remembered working on at the time I remembered something I remembered though I am something I remembered though I am something I remembered though I am certainly not an expert at this point in certainly not an expert at this point in certainly not an expert at this point in time just yet that something called time just yet that something called time just yet that something called malvertising has recently been gaining malvertising has recently been gaining malvertising has recently been gaining massive Traction in the online World massive Traction in the online World massive Traction in the online World leading to an unknown number of Highly leading to an unknown number of Highly leading to an unknown number of Highly damaging infections system infections 
[1:07]
damaging infections system infections damaging infections system infections with Untold consequences I'll try not to with Untold consequences I'll try not to with Untold consequences I'll try not to be a hyperbolic Doomer or an alarmist be a hyperbolic Doomer or an alarmist be a hyperbolic Doomer or an alarmist right now or anything like that but right now or anything like that but right now or anything like that but seeing this relatively popular tweet I seeing this relatively popular tweet I seeing this relatively popular tweet I guess with over 2.4 million views and guess with over 2.4 million views and guess with over 2.4 million views and 12,000 likes it really made me start 12,000 likes it really made me start 12,000 likes it really made me start thinking here's a top- down overview of thinking here's a top- down overview of thinking here's a top- down overview of the situation for a tremendous number of the situation for a tremendous number of the situation for a tremendous number of digital programs such as OBS Brave digital programs such as OBS Brave digital programs such as OBS Brave audacity utorent grammar Le notepad MSI audacity utorent grammar Le notepad MSI audacity utorent grammar Le notepad MSI afterburner blender and more the Google afterburner blender and more the Google afterburner blender and more the Google sponsored Links at the top of the page sponsored Links at the top of the page sponsored Links at the top of the page which are paid for through Google 
[1:38]
which are paid for through Google which are paid for through Google AdWords have been infected with highly AdWords have been infected with highly AdWords have been infected with highly dangerous malware a little bit more dangerous malware a little bit more dangerous malware a little bit more context here even though most people context here even though most people context here even though most people will probably know at least one of those will probably know at least one of those will probably know at least one of those programs by name OBS is obviously a programs by name OBS is obviously a programs by name OBS is obviously a program for streamers and creators Brave program for streamers and creators Brave program for streamers and creators Brave is a privacy based browser client is a privacy based browser client is a privacy based browser client audacity is an audio editing Suite audacity is an audio editing Suite audacity is an audio editing Suite uTorrent is a peer-to-peer sharing uTorrent is a peer-to-peer sharing uTorrent is a peer-to-peer sharing Network grammarly is for spellchecking Network grammarly is for spellchecking Network grammarly is for spellchecking notepad Plus plus is a text and source notepad Plus plus is a text and source notepad Plus plus is a text and source code editor MSI After Burner is code editor MSI After Burner is code editor MSI After Burner is overclocking software for gaming overclocking software for gaming overclocking software for gaming hardware and blender is a 3D editing hardware and blender is a 3D editing hardware and blender is a 3D editing program all walks of life all types of 
[2:10]
program all walks of life all types of program all walks of life all types of programs multiple user demographics and programs multiple user demographics and programs multiple user demographics and all of them were overrun with malware all of them were overrun with malware all of them were overrun with malware that list is actually a whole hell of a that list is actually a whole hell of a that list is actually a whole hell of a lot longer no one has the full lot longer no one has the full lot longer no one has the full comprehensive list right now because comprehensive list right now because comprehensive list right now because threat actors can spin up a new version threat actors can spin up a new version threat actors can spin up a new version with minimal effort proceeding to with minimal effort proceeding to with minimal effort proceeding to advertise it at the top of Google search advertise it at the top of Google search advertise it at the top of Google search results through their own advertising results through their own advertising results through their own advertising portal but in reality these websites are portal but in reality these websites are portal but in reality these websites are not a legitimate vendor for the software not a legitimate vendor for the software not a legitimate vendor for the software they are fabricated pages that redirect they are fabricated pages that redirect they are fabricated pages that redirect to a separate distribution platform like to a separate distribution platform like to a separate distribution platform like Dropbox or Discord CDN the content Dropbox or Discord CDN the content Dropbox or Discord CDN the content distribution network of Discord which distribution network of Discord which distribution network of Discord which I've talked about previously as being a 
[2:41]
I've talked about previously as being a I've talked about previously as being a massive Distribution Hub for malware massive Distribution Hub for malware massive Distribution Hub for malware prompting the user to download an prompting the user to download an prompting the user to download an infected version of whatever program infected version of whatever program infected version of whatever program they are looking for that contains one they are looking for that contains one they are looking for that contains one of many possible malware Steelers which of many possible malware Steelers which of many possible malware Steelers which will harvest pretty much all sensitive will harvest pretty much all sensitive will harvest pretty much all sensitive data on your machine which can then lead data on your machine which can then lead data on your machine which can then lead to everything from loss of identity to to everything from loss of identity to to everything from loss of identity to compromised social media accounts etc compromised social media accounts etc compromised social media accounts etc etc it's scary stuff before going etc it's scary stuff before going etc it's scary stuff before going further it's time for today's video further it's time for today's video further it's time for today's video sponsor incog every day that you exist sponsor incog every day that you exist sponsor incog every day that you exist online your data is being sold by online your data is being sold by online your data is being sold by thirdparty Brokers and accessed without thirdparty Brokers and accessed without thirdparty Brokers and accessed without your knowledge as a result of data your knowledge as a result of data your knowledge as a result of data breaches most people may not know this 
[3:12]
breaches most people may not know this breaches most people may not know this or worse yet they don't even care but or worse yet they don't even care but or worse yet they don't even care but it's actually a very big concern in a it's actually a very big concern in a it's actually a very big concern in a rapidly growing digital landscape rapidly growing digital landscape rapidly growing digital landscape companies hold and utilize a lot of your companies hold and utilize a lot of your companies hold and utilize a lot of your personal information for business personal information for business personal information for business purposes which goes Way Beyond the purposes which goes Way Beyond the purposes which goes Way Beyond the companies you actually trust and opted companies you actually trust and opted companies you actually trust and opted to sign up for the places you enter your to sign up for the places you enter your to sign up for the places you enter your information willingly are the Gateway information willingly are the Gateway information willingly are the Gateway but after that goes out everywhere there but after that goes out everywhere there but after that goes out everywhere there are hundreds of data Brokers pedaling are hundreds of data Brokers pedaling are hundreds of data Brokers pedaling your information to the highest bidder your information to the highest bidder your information to the highest bidder and it's an impossible process to and it's an impossible process to and it's an impossible process to contact all of them yourself and fight contact all of them yourself and fight contact all of them yourself and fight objections or get your data removed so objections or get your data removed so objections or get your data removed so for that there is incog simple process 
[3:43]
for that there is incog simple process for that there is incog simple process sign up for the website give them sign up for the website give them sign up for the website give them specific legal permission to work on specific legal permission to work on specific legal permission to work on your behalf in this particular capacity your behalf in this particular capacity your behalf in this particular capacity and let them know what kind of and let them know what kind of and let them know what kind of information they will be having removed information they will be having removed information they will be having removed I have personally done this and as you I have personally done this and as you I have personally done this and as you can see there are 59 completed requests can see there are 59 completed requests can see there are 59 completed requests with 45 still pending as my data is with 45 still pending as my data is with 45 still pending as my data is systematically removed from Shady systematically removed from Shady systematically removed from Shady Brokers and corporate servers that never Brokers and corporate servers that never Brokers and corporate servers that never even wanted to be associated with in the even wanted to be associated with in the even wanted to be associated with in the first place keep in mind incog is first place keep in mind incog is first place keep in mind incog is created by the same developers as surf created by the same developers as surf created by the same developers as surf shark another long-standing partner of shark another long-standing partner of shark another long-standing partner of the channel which means we have a the channel which means we have a the channel which means we have a special deal as well the first 100 special deal as well the first 100 special deal as well the first 100 people to click the link Down Below in people to click the link Down Below in people to click the link Down Below in the description and use code Echelon a 
[4:13]
the description and use code Echelon a the description and use code Echelon a checkout will get 20% off their checkout will get 20% off their checkout will get 20% off their subscription to incog again link down subscription to incog again link down subscription to incog again link down below and promo code Echelon for the below and promo code Echelon for the below and promo code Echelon for the first 100 viewers or clickers who use it first 100 viewers or clickers who use it first 100 viewers or clickers who use it to get 20% off their subscription big to get 20% off their subscription big to get 20% off their subscription big thank you to incog for sponsoring the thank you to incog for sponsoring the thank you to incog for sponsoring the channel let's dig deeper to be clear channel let's dig deeper to be clear channel let's dig deeper to be clear this problem isn't exactly new person this problem isn't exactly new person this problem isn't exactly new person say it's not breaking news of any sort say it's not breaking news of any sort say it's not breaking news of any sort and the FBI has even warned about this and the FBI has even warned about this and the FBI has even warned about this new emerging attack Vector a couple of new emerging attack Vector a couple of new emerging attack Vector a couple of months ago in the end of 2022 but how months ago in the end of 2022 but how months ago in the end of 2022 but how many people actually keep up with this many people actually keep up with this many people actually keep up with this [&nbsp;__&nbsp;] I know some people do and that's [&nbsp;__&nbsp;] I know some people do and that's [&nbsp;__&nbsp;] I know some people do and that's great for them but most people don't 
[4:43]
great for them but most people don't great for them but most people don't most people have no idea when they most people have no idea when they most people have no idea when they search Google that the ads they see at search Google that the ads they see at search Google that the ads they see at the top of the page in the most the top of the page in the most the top of the page in the most authoritative slot might be maliciously authoritative slot might be maliciously authoritative slot might be maliciously designed to infect their machine and the designed to infect their machine and the designed to infect their machine and the more people that understand this kind of more people that understand this kind of more people that understand this kind of danger the better one of the most danger the better one of the most danger the better one of the most comprehensive analysis writeups for this comprehensive analysis writeups for this comprehensive analysis writeups for this particular topic actually comes from a particular topic actually comes from a particular topic actually comes from a company called guardio funnily enough company called guardio funnily enough company called guardio funnily enough they used to be a video sponsor of mine they used to be a video sponsor of mine they used to be a video sponsor of mine which is awesome so it's great to see which is awesome so it's great to see which is awesome so it's great to see them leading the pack with awareness them leading the pack with awareness them leading the pack with awareness campaigns and it also benefits me campaigns and it also benefits me campaigns and it also benefits me massively because they've created a massively because they've created a massively because they've created a series of infographics for the subject series of infographics for the subject series of infographics for the subject which I now get to use this is 
[5:14]
which I now get to use this is which I now get to use this is essentially what it all looks like and essentially what it all looks like and essentially what it all looks like and while I did do a search for some while I did do a search for some while I did do a search for some contemporary examples of the malware in contemporary examples of the malware in contemporary examples of the malware in use on Google ads right now none of the use on Google ads right now none of the use on Google ads right now none of the December 2022 versions are currently December 2022 versions are currently December 2022 versions are currently operating out in the open at least not operating out in the open at least not operating out in the open at least not anymore that doesn't mean that there anymore that doesn't mean that there anymore that doesn't mean that there aren't dozens more campaigns actively aren't dozens more campaigns actively aren't dozens more campaigns actively out there as I write this it just means out there as I write this it just means out there as I write this it just means that Google became aware of that that Google became aware of that that Google became aware of that particular list of known threats in particular list of known threats in particular list of known threats in their AdWords system and they purged their AdWords system and they purged their AdWords system and they purged them don't get me wrong that's a good them don't get me wrong that's a good them don't get me wrong that's a good thing but this is also I guess thing but this is also I guess thing but this is also I guess reactionary not proactive I do believe reactionary not proactive I do believe reactionary not proactive I do believe Google is working on this and fixing it 
[5:45]
Google is working on this and fixing it Google is working on this and fixing it but until we know for certain that it's but until we know for certain that it's but until we know for certain that it's been fully curved yeah don't go clicking been fully curved yeah don't go clicking been fully curved yeah don't go clicking on Google ads for digital programs go on Google ads for digital programs go on Google ads for digital programs go straight to the actual Source the basic straight to the actual Source the basic straight to the actual Source the basic gist is this a threat actor Will first gist is this a threat actor Will first gist is this a threat actor Will first replicate some sort of existing software replicate some sort of existing software replicate some sort of existing software product that they have been able to to product that they have been able to to product that they have been able to to infect right they'll take a program that infect right they'll take a program that infect right they'll take a program that a lot of people want they'll infect it a lot of people want they'll infect it a lot of people want they'll infect it with malware Steelers from one of the with malware Steelers from one of the with malware Steelers from one of the families and they'll have something they families and they'll have something they families and they'll have something they can infect a machine for our purpose can infect a machine for our purpose can infect a machine for our purpose today we'll use Turbo Tax as an example today we'll use Turbo Tax as an example today we'll use Turbo Tax as an example because there are Turbo Tax adverts because there are Turbo Tax adverts because there are Turbo Tax adverts actively served at the top of the actively served at the top of the actively served at the top of the results on Google please keep in mind 
[6:16]
results on Google please keep in mind results on Google please keep in mind though this is not a statement against though this is not a statement against though this is not a statement against Turbo Tax in any way it's simply an Turbo Tax in any way it's simply an Turbo Tax in any way it's simply an example of how the process works Turbo example of how the process works Turbo example of how the process works Turbo Tax ads right now on Google as far as I Tax ads right now on Google as far as I Tax ads right now on Google as far as I could tell after examining them are not could tell after examining them are not could tell after examining them are not infected again just an example once the infected again just an example once the infected again just an example once the replicated page has been made and the replicated page has been made and the replicated page has been made and the malware has been attached to whatever malware has been attached to whatever malware has been attached to whatever program they're going to be using to get program they're going to be using to get program they're going to be using to get you to install it it will be advertised you to install it it will be advertised you to install it it will be advertised through Google to sit at the top of the through Google to sit at the top of the through Google to sit at the top of the search results for all keywords search results for all keywords search results for all keywords associated with it side note during the associated with it side note during the associated with it side note during the initial rise of this problem multiple initial rise of this problem multiple initial rise of this problem multiple malware ads would be situated at the 
[6:47]
malware ads would be situated at the malware ads would be situated at the absolute top of all search results for absolute top of all search results for absolute top of all search results for dozens of popular programs dozens of popular programs dozens of popular programs simultaneously when a user finally simultaneously when a user finally simultaneously when a user finally clicks on one of the dummy Pages a clicks on one of the dummy Pages a clicks on one of the dummy Pages a hidden redirect will take them to a hidden redirect will take them to a hidden redirect will take them to a completely different web page the completely different web page the completely different web page the process is called cloaking which I'll process is called cloaking which I'll process is called cloaking which I'll talk about later on which then attempts talk about later on which then attempts talk about later on which then attempts to use a third-party file storage to use a third-party file storage to use a third-party file storage website or service to prompt users into website or service to prompt users into website or service to prompt users into downloading whatever it is they were downloading whatever it is they were downloading whatever it is they were initially looking for let's say with initially looking for let's say with initially looking for let's say with Turbo Tax using our current example that Turbo Tax using our current example that Turbo Tax using our current example that we were looking to get the program and we were looking to get the program and we were looking to get the program and click on the first sponsored advert click on the first sponsored advert click on the first sponsored advert after we search Google the actual site after we search Google the actual site after we search Google the actual site being advertised by Google would be 
[7:18]
being advertised by Google would be being advertised by Google would be clean right the actual domain name that clean right the actual domain name that clean right the actual domain name that we think we're clicking on is clean but we think we're clicking on is clean but we think we're clicking on is clean but when navigating to it you would be when navigating to it you would be when navigating to it you would be redirected to a separate interface redirected to a separate interface redirected to a separate interface disguised as if it were real where the disguised as if it were real where the disguised as if it were real where the goal is to get you to download something goal is to get you to download something goal is to get you to download something that is likely too large a file for your that is likely too large a file for your that is likely too large a file for your antivirus to actually scan and could be antivirus to actually scan and could be antivirus to actually scan and could be distributed through a number of options distributed through a number of options distributed through a number of options like Mega Dropbox GitHub Discord or like Mega Dropbox GitHub Discord or like Mega Dropbox GitHub Discord or Google Drive if successful the program Google Drive if successful the program Google Drive if successful the program would obviously hijack your system would obviously hijack your system would obviously hijack your system that's its primary purpose but the scary that's its primary purpose but the scary that's its primary purpose but the scary part is that sometimes the falsified part is that sometimes the falsified part is that sometimes the falsified sites can be nearly indistinguishable sites can be nearly indistinguishable sites can be nearly indistinguishable from the real ones here's some examples 
[7:50]
from the real ones here's some examples from the real ones here's some examples of real versus fake websites that were of real versus fake websites that were of real versus fake websites that were part of the first wave of this problem part of the first wave of this problem part of the first wave of this problem to clarify here the domain that's to clarify here the domain that's to clarify here the domain that's actually advertised through Google's actually advertised through Google's actually advertised through Google's AdWords program is not something that's AdWords program is not something that's AdWords program is not something that's malicious it's actually totally clean to malicious it's actually totally clean to malicious it's actually totally clean to fool all the different bot checks and fool all the different bot checks and fool all the different bot checks and different moderation techniques however different moderation techniques however different moderation techniques however when you click it the redirect takes you when you click it the redirect takes you when you click it the redirect takes you to a different website that then to a different website that then to a different website that then impersonates a brand and tries to infect impersonates a brand and tries to infect impersonates a brand and tries to infect your system right so the first website your system right so the first website your system right so the first website that you think you're clicking sometimes that you think you're clicking sometimes that you think you're clicking sometimes is even just a totally innocent is even just a totally innocent is even just a totally innocent unconnected thing it's just being unconnected thing it's just being unconnected thing it's just being advertised on Google with a very similar 
[8:20]
advertised on Google with a very similar advertised on Google with a very similar name a very similar domain and the whole name a very similar domain and the whole name a very similar domain and the whole thing is to just trick you into getting thing is to just trick you into getting thing is to just trick you into getting into this redirect funnel and then into this redirect funnel and then into this redirect funnel and then downloading the infected files when I downloading the infected files when I downloading the infected files when I say that this was and likely still is a say that this was and likely still is a say that this was and likely still is a widespread problem I absolutely mean it widespread problem I absolutely mean it widespread problem I absolutely mean it here's a list of impersonation websites here's a list of impersonation websites here's a list of impersonation websites just for one single brand in this case just for one single brand in this case just for one single brand in this case MSI afterburner targeting Gamers and MSI afterburner targeting Gamers and MSI afterburner targeting Gamers and crypto miners to steal all of their crypto miners to steal all of their crypto miners to steal all of their information over 50 entries of information over 50 entries of information over 50 entries of redirected web pages advertised through redirected web pages advertised through redirected web pages advertised through Google AdWords placed at the top of the Google AdWords placed at the top of the Google AdWords placed at the top of the search results but designed to infect search results but designed to infect search results but designed to infect users rather than allowing them a true 
[8:51]
users rather than allowing them a true users rather than allowing them a true download and that's just one program download and that's just one program download and that's just one program with one demographic being targeted what with one demographic being targeted what with one demographic being targeted what makes it all even that much more makes it all even that much more makes it all even that much more dangerous is that the falsified websites dangerous is that the falsified websites dangerous is that the falsified websites will actually install a valid version of will actually install a valid version of will actually install a valid version of the software for the most part when the software for the most part when the software for the most part when clicked if you were to click through clicked if you were to click through clicked if you were to click through trusting the Google AdWords platform to trusting the Google AdWords platform to trusting the Google AdWords platform to be safe and fully installed the infected be safe and fully installed the infected be safe and fully installed the infected files they would actually work for the files they would actually work for the files they would actually work for the purpose that you wanted this attack purpose that you wanted this attack purpose that you wanted this attack Vector is so well-crafted for many Vector is so well-crafted for many Vector is so well-crafted for many people it would never even trip their people it would never even trip their people it would never even trip their alarm Bells because they would click an alarm Bells because they would click an alarm Bells because they would click an official Google sponsored post download official Google sponsored post download official Google sponsored post download a file that then runs and opens the 
[9:21]
a file that then runs and opens the a file that then runs and opens the exact program that they wanted on exact program that they wanted on exact program that they wanted on multiple occasions for a lot of people multiple occasions for a lot of people multiple occasions for a lot of people but alongside that their entire digital but alongside that their entire digital but alongside that their entire digital life has been laid bare which is really life has been laid bare which is really life has been laid bare which is really a scary concept these threat actors will a scary concept these threat actors will a scary concept these threat actors will systematically rotate through different systematically rotate through different systematically rotate through different malware variant types ensuring that they malware variant types ensuring that they malware variant types ensuring that they never use the same version for too long never use the same version for too long never use the same version for too long one day it will be raccoon stealer the one day it will be raccoon stealer the one day it will be raccoon stealer the next day it could be Redline or vdar for next day it could be Redline or vdar for next day it could be Redline or vdar for those that don't know these are names of those that don't know these are names of those that don't know these are names of malware families that steal information malware families that steal information malware families that steal information protect themselves sometimes circumvent protect themselves sometimes circumvent protect themselves sometimes circumvent virtual machines even you name it virtual machines even you name it virtual machines even you name it depending on their level of depending on their level of depending on their level of sophistication according to threat 
[9:52]
sophistication according to threat sophistication according to threat analysis posted by HP researcher Patrick analysis posted by HP researcher Patrick analysis posted by HP researcher Patrick schlapfer who focused it seems on a schlapfer who focused it seems on a schlapfer who focused it seems on a campaign targeting users who were campaign targeting users who were campaign targeting users who were looking to download The Audacity program looking to download The Audacity program looking to download The Audacity program Google malvertising as it's called is Google malvertising as it's called is Google malvertising as it's called is not just on the rise it's exploding even not just on the rise it's exploding even not just on the rise it's exploding even more examples of infected ad campaigns more examples of infected ad campaigns more examples of infected ad campaigns include szip Microsoft OneNote [&nbsp;__&nbsp;] or include szip Microsoft OneNote [&nbsp;__&nbsp;] or include szip Microsoft OneNote [&nbsp;__&nbsp;] or Microsoft teams and for a much more Microsoft teams and for a much more Microsoft teams and for a much more individual example we can look at a user individual example we can look at a user individual example we can look at a user named nft God who fell prey to OBS but named nft God who fell prey to OBS but named nft God who fell prey to OBS but again A lot of people are going to again A lot of people are going to again A lot of people are going to recognize these programs at least a recognize these programs at least a recognize these programs at least a couple of them as things that they 
[10:23]
couple of them as things that they couple of them as things that they either have have used in the past or either have have used in the past or either have have used in the past or might get in the future and if you're might get in the future and if you're might get in the future and if you're going to do that be aware of of this now going to do that be aware of of this now going to do that be aware of of this now keep in mind I don't actually have any keep in mind I don't actually have any keep in mind I don't actually have any familiarity with who this particular familiarity with who this particular familiarity with who this particular person is or what they do but they are person is or what they do but they are person is or what they do but they are nft God presumably a rather prominent nft God presumably a rather prominent nft God presumably a rather prominent figure in crypto no one really knows figure in crypto no one really knows figure in crypto no one really knows because that space is so botted to hell because that space is so botted to hell because that space is so botted to hell it's almost unbelievable but nft God it's almost unbelievable but nft God it's almost unbelievable but nft God recounts a tragic scenario where his OBS recounts a tragic scenario where his OBS recounts a tragic scenario where his OBS download compromised all of his accounts download compromised all of his accounts download compromised all of his accounts profiles and communities simultaneously profiles and communities simultaneously profiles and communities simultaneously devastating his life and ruining his 
[10:53]
devastating his life and ruining his devastating his life and ruining his finances crypto is particularly finances crypto is particularly finances crypto is particularly vulnerable to all this so anyone with vulnerable to all this so anyone with vulnerable to all this so anyone with portfolios of digital assets and coins portfolios of digital assets and coins portfolios of digital assets and coins needs to be hyper aware here's what to needs to be hyper aware here's what to needs to be hyper aware here's what to look out for and these tricks may sound look out for and these tricks may sound look out for and these tricks may sound very simple and they are but we all need very simple and they are but we all need very simple and they are but we all need to use them all of the time number one to use them all of the time number one to use them all of the time number one check the domain check for any spelling check the domain check for any spelling check the domain check for any spelling mistakes in the domain name of a website mistakes in the domain name of a website mistakes in the domain name of a website where you are about to download files where you are about to download files where you are about to download files always better yet don't click on Google always better yet don't click on Google always better yet don't click on Google ads if you're intending to download a ads if you're intending to download a ads if you're intending to download a program do so after finding the direct program do so after finding the direct program do so after finding the direct link to the provider on Google not a 
[11:24]
link to the provider on Google not a link to the provider on Google not a sponsored post even if Google has sponsored post even if Google has sponsored post even if Google has largely cleared up the known campaigns largely cleared up the known campaigns largely cleared up the known campaigns utilizing this method right now there utilizing this method right now there utilizing this method right now there are more there will be more and they are more there will be more and they are more there will be more and they will be just as dangerous if not worse will be just as dangerous if not worse will be just as dangerous if not worse in the future number two if you somehow in the future number two if you somehow in the future number two if you somehow do find yourself trusting a website and do find yourself trusting a website and do find yourself trusting a website and choosing to download a file from them choosing to download a file from them choosing to download a file from them remember that the larger the file the remember that the larger the file the remember that the larger the file the less likely it is your antivirus program less likely it is your antivirus program less likely it is your antivirus program will properly scan it malware is will properly scan it malware is will properly scan it malware is inflated with thousands and thousands of inflated with thousands and thousands of inflated with thousands and thousands of useless zeros in the code you can strip useless zeros in the code you can strip useless zeros in the code you can strip it out but that's a more advanced it out but that's a more advanced it out but that's a more advanced process to increase file size as a process to increase file size as a process to increase file size as a method of circumventing default checks 
[11:55]
method of circumventing default checks method of circumventing default checks so if you're downloading a 700 Meg File so if you're downloading a 700 Meg File so if you're downloading a 700 Meg File versus a 45 Meg file often times versus a 45 Meg file often times versus a 45 Meg file often times antivirus default scans won't even be antivirus default scans won't even be antivirus default scans won't even be conducted on the larger files meaning conducted on the larger files meaning conducted on the larger files meaning that threat actors can use that to their that threat actors can use that to their that threat actors can use that to their advantage sneaking code into your system advantage sneaking code into your system advantage sneaking code into your system if you trust it don't let them do that if you trust it don't let them do that if you trust it don't let them do that number three never download anything number three never download anything number three never download anything from a thirdparty file sharing host from a thirdparty file sharing host from a thirdparty file sharing host after clicking on a Google ad if I go to after clicking on a Google ad if I go to after clicking on a Google ad if I go to OBS pro.com right now I can download the OBS pro.com right now I can download the OBS pro.com right now I can download the installer I want uninfected and it comes installer I want uninfected and it comes installer I want uninfected and it comes direct from the web page if that page direct from the web page if that page direct from the web page if that page for some reason tried to make me 
[12:26]
for some reason tried to make me for some reason tried to make me download the file from Dropbox for download the file from Dropbox for download the file from Dropbox for example yeah never ever do that it might example yeah never ever do that it might example yeah never ever do that it might contain a valid copy of the program you contain a valid copy of the program you contain a valid copy of the program you want in there in addition to the malware want in there in addition to the malware want in there in addition to the malware but it also probably contains life but it also probably contains life but it also probably contains life altering Steelers number four use ad altering Steelers number four use ad altering Steelers number four use ad blockers that may seem unrelated but blockers that may seem unrelated but blockers that may seem unrelated but these attack vectors prey on trust in these attack vectors prey on trust in these attack vectors prey on trust in this case the trust we have in Google this case the trust we have in Google this case the trust we have in Google maybe it's not real trust and maybe most maybe it's not real trust and maybe most maybe it's not real trust and maybe most people actually don't trust Google but people actually don't trust Google but people actually don't trust Google but plenty of people will let their guard plenty of people will let their guard plenty of people will let their guard down when looking at an official down when looking at an official down when looking at an official sponsored listing becoming more likely sponsored listing becoming more likely sponsored listing becoming more likely to trust it simply because it's at the 
[12:57]
to trust it simply because it's at the to trust it simply because it's at the top of their search engine and if Google top of their search engine and if Google top of their search engine and if Google put it there it must be real various ad put it there it must be real various ad put it there it must be real various ad blockers will actually remove most of blockers will actually remove most of blockers will actually remove most of these sponsored posts I don't know which these sponsored posts I don't know which these sponsored posts I don't know which ones and it's kind of a battle between ones and it's kind of a battle between ones and it's kind of a battle between websites like Google and ad blocking websites like Google and ad blocking websites like Google and ad blocking software where Google wants you to see software where Google wants you to see software where Google wants you to see the ads the ad blockers want to block the ads the ad blockers want to block the ads the ad blockers want to block the ads so it's kind of a a back and the ads so it's kind of a a back and the ads so it's kind of a a back and forth they're jockeying for position forth they're jockeying for position forth they're jockeying for position sometimes one will win the other will sometimes one will win the other will sometimes one will win the other will win I mean it's a long track record of win I mean it's a long track record of win I mean it's a long track record of this so yeah have an ad blocker and if this so yeah have an ad blocker and if this so yeah have an ad blocker and if it happens to be one that blocks the it happens to be one that blocks the it happens to be one that blocks the sponsored posts that's great it leaves sponsored posts that's great it leaves sponsored posts that's great it leaves you with the actual websites beneath 
[13:28]
you with the actual websites beneath you with the actual websites beneath them which are far less risky right now them which are far less risky right now them which are far less risky right now and yeah maybe me as a Creator gets less and yeah maybe me as a Creator gets less and yeah maybe me as a Creator gets less revenue from people adopting more revenue from people adopting more revenue from people adopting more aggressive ad blockers but that is aggressive ad blockers but that is aggressive ad blockers but that is peanuts compared to the destruction of peanuts compared to the destruction of peanuts compared to the destruction of their digital lives because they clicked their digital lives because they clicked their digital lives because they clicked a disguised product advertised through a disguised product advertised through a disguised product advertised through Google AdWords the reality is cloaking Google AdWords the reality is cloaking Google AdWords the reality is cloaking the process by which a website can be the process by which a website can be the process by which a website can be advertised on Google's platform but then advertised on Google's platform but then advertised on Google's platform but then redirect to malicious payloads or cloned redirect to malicious payloads or cloned redirect to malicious payloads or cloned websites or pages is extremely extremely websites or pages is extremely extremely websites or pages is extremely extremely common the technique is even used for common the technique is even used for common the technique is even used for domains like Facebook or used on or domains like Facebook or used on or domains like Facebook or used on or against domains like Facebook YouTube 
[14:00]
against domains like Facebook YouTube against domains like Facebook YouTube Amazon and more and yes it's a violation Amazon and more and yes it's a violation Amazon and more and yes it's a violation of YouTube's advertising policies or of YouTube's advertising policies or of YouTube's advertising policies or Google's advertising policies but they Google's advertising policies but they Google's advertising policies but they don't catch everything they don't don't catch everything they don't don't catch everything they don't necessarily catch it quickly and necessarily catch it quickly and necessarily catch it quickly and understanding that the sponsored ads understanding that the sponsored ads understanding that the sponsored ads that you see are far more likely to be that you see are far more likely to be that you see are far more likely to be dangerous than anything else on the dangerous than anything else on the dangerous than anything else on the search page beneath it is important for search page beneath it is important for search page beneath it is important for all of us to keep in mind right now no all of us to keep in mind right now no all of us to keep in mind right now no one knows how many people have actually one knows how many people have actually one knows how many people have actually been hit by this so far no one knows how been hit by this so far no one knows how been hit by this so far no one knows how many it will be before the issue gets many it will be before the issue gets many it will be before the issue gets fully solved if it ever gets fully fully solved if it ever gets fully fully solved if it ever gets fully solved though the number of people hit solved though the number of people hit solved though the number of people hit so far is probably very very high and a 
[14:30]
so far is probably very very high and a so far is probably very very high and a lot of the specific known campaigns have lot of the specific known campaigns have lot of the specific known campaigns have been disabled which is great but there been disabled which is great but there been disabled which is great but there will always be more and when a system will always be more and when a system will always be more and when a system like that is under siege with like that is under siege with like that is under siege with devastating consequences for users devastating consequences for users devastating consequences for users sometimes it's best to stop engaging sometimes it's best to stop engaging sometimes it's best to stop engaging completely for a while and see how completely for a while and see how completely for a while and see how things go me personally I will never be things go me personally I will never be things go me personally I will never be clicking a sponsored Google search ad clicking a sponsored Google search ad clicking a sponsored Google search ad ever again not now not even when they ever again not now not even when they ever again not now not even when they say the problem is fixed because the say the problem is fixed because the say the problem is fixed because the amount of risk you and I are accepting amount of risk you and I are accepting amount of risk you and I are accepting by doing so is completely unjustifiable by doing so is completely unjustifiable by doing so is completely unjustifiable in the end being aware of what we do in the end being aware of what we do in the end being aware of what we do online what we click on and where it online what we click on and where it online what we click on and where it takes us is obviously critical right I 
[15:02]
takes us is obviously critical right I takes us is obviously critical right I mean this is not new information I'm not mean this is not new information I'm not mean this is not new information I'm not saying anything revolutionary in the saying anything revolutionary in the saying anything revolutionary in the slightest but with a platform like slightest but with a platform like slightest but with a platform like Google awareness becomes even more Google awareness becomes even more Google awareness becomes even more important because there are people out important because there are people out important because there are people out there that trust what they see when it there that trust what they see when it there that trust what they see when it comes from certain companies making them comes from certain companies making them comes from certain companies making them even more vulnerable when threat actors even more vulnerable when threat actors even more vulnerable when threat actors prey on the trust that they have with prey on the trust that they have with prey on the trust that they have with that particular brand which can that particular brand which can that particular brand which can hopefully be avoided through proper hopefully be avoided through proper hopefully be avoided through proper awareness that's it if you want to awareness that's it if you want to awareness that's it if you want to support please check out the links down support please check out the links down support please check out the links down below primarily locals in patreon that's below primarily locals in patreon that's below primarily locals in patreon that's the best way to support the channel if the best way to support the channel if the best way to support the channel if you feel like it financially merchandise you feel like it financially merchandise you feel like it financially merchandise social media the video sponsor of course 
[15:32]
social media the video sponsor of course social media the video sponsor of course etc etc also some platform Alternatives etc etc also some platform Alternatives etc etc also some platform Alternatives where you can watch my videos like where you can watch my videos like where you can watch my videos like Odyssey and Rumble but yeah I'll cut it Odyssey and Rumble but yeah I'll cut it Odyssey and Rumble but yeah I'll cut it there and stop rambling as always thank there and stop rambling as always thank there and stop rambling as always thank you all for watching and have a nice you all for watching and have a nice you all for watching and have a nice night night night [Music] [Music]