I Seriously Almost Just Got Hacked…

Sponsored: Protect yourself from malware, scams and fraud with Bitdefender Total Security! Check it out Here: https://www.bitdefender.com/media/html/consumer/new/scam-protection-opt/?cid=inf%7Cc%7CytTJ%7C23Q3

I never thought it would happen to me but it did, I got tricked 😳. I was working on a project in Visual Studio, which has the ability to download additional packages you can use from a repository called NuGet. And since I was within Visual Studio, I had my guard down, and didn't realize I downloaded a fake malicious package.  And the thing that saved me was some extreme security policies I had set up with a Windows feature called AppLocker, which blocks all executables and scripts by default, only allowing those with specific rules to do so. The malicious PowerShell script did indeed try to run, but it was not allowed because of AppLocker. So in the video I go over the details of what happened, how you can protect yourself without having to go full-paranoid like me, as well as taking a closer look at the malware.

VirusTotal Links:
• https://www.virustotal.com/gui/file/deef3c113339983e7015eca3e955c98f2cc2a3f40941bdd9870890222067c294https://www.virustotal.com/gui/file/aa3462b05c8fe0d8521bc192715449e61780d523f097b5306e1d007daf93872c

▼ Time Stamps: ▼
0:00 - Are you serious? 🤔
0:45 - What's the story?
4:07 - What is Windows AppLocker?
5:03 - Examples: My Rules
6:24 - Testing the Virus on a Real Computer
9:29 - Extremely Good Thing
10:53 - Explicit AppLocker Deny Rules
11:33 - Types of Rules
12:20 - Isn't it a Pain?
13:07 - Better Alternative: Smart App Control
15:00 - 2 Major Caveats to Smart App Control
15:56 - More About the Malware
16:42 - What Does That Malware Actually Do?
17:24 - More of the Behavior

▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
Merch ⇨ https://teespring.com/stores/thiojoehttp://Instagram.com/ThioJoehttp://Twitter.com/ThioJoehttp://Facebook.com/ThioJoeTV
My Gear & Equipment ⇨ https://kit.co/ThioJoe
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬

Leave a Reply

Your email address will not be published. Required fields are marked *