Malware Overview – Computerphile

69 thoughts on “Malware Overview – Computerphile

  • In India we have not just our money but also our fingerprints and Iris scans online, ready to be stolen too…..😇

  • if you were to panic and quickly hard shutdown your computer, would it be possible to boot from another disk and recover the data without also accidentally copying the malware?

  • Everyone interested in this channel should check out this new (2017) podcast called Malicious Life. It's a show about the cyber security industry, hackers, etc. Usually covering one topic in one or few episodes.

  • Why are they running their own servers for C&C? There are lots of sites you can get free access to post content on. Use one of those and exfiltrate data with steganographic techniques in posted images.

  • Malware is a problem on the internet sure, but nowhere near as dangerous as the brainwashing propaganda, lies, and fake news more pervasive than ever today. Stealing someone's money or infecting their computer affects only the victim, but poisoning their mind can have much graver consequences.

  • Really nice. If someone wants to study more on malware what material do you suggest to study on? I've found pretty old material.. nothing recent

  • Dropbox isn't a backup solution. I've used spideroak and I also have my own immutable zfs snapshots. If you have to "do a backup" then its not a backup, its a fallible human manual copy. Backups must be automatic and incorruptible.

  • Awesome video I would like to see more advanced videos on this topic. I'm happy to see education on this subject and I think it is worthwhile to continue the conversation

  • Yes, just like DropBox alot of network backup services keep a history of changes, so if malware encrypts the current backup state, you can restore files from a date before the infection.

  • As far as I know Dropbox does offer (limited) versioning, so I guess it will be hard for any type of malware to mess with it in a destructive way.

  • Speaking on backups, I also keep a "cold storage" backup with an unpowered harddrive along side a NAS. The risk I think would be in restoring the data from a "cold backup", though I'd imagine booting to a live disk to do the restore, I think could solve this problem.

    I suspect that a more worrisome problem with backups is work/inconvenience involved with doing it. (How often could you expect a person to make a backup in any form?)

  • If command and control DNS / discovery is such a big problem, why haven't the malware authors turned to decentralized means like namecoin or attestation on a blockchain to coordinate command-and-control? It would be difficult or maybe impossible for security researchers to block that…

  • "…put in some parameters", eh? Putin some parameters. I got you. Now we know where it came from, without using any science.

  • So if I got ransomware on my machine I turn it off immediately. I take out the hard drive to get it backed up by someone else in another machine… But the ransomware is still on the hard disk. Won't the ransomware be either part of the backed up data or just boot right up again as soon as the hard drive has power?

  • I had to stop watching this video after 1:07 when I realized the last three paragraphs, he started to get excited at the ending of the last sentence and the accent got thicker and thicker until I had no idea what the last 5 or 6 syllables were and just completely had no idea what his point was.
    I'm sorry but you're on a campus. Make use of the speech/debate lab. I don't care if you're tenured! Do it!!

  • Thanks! Really liked this guy. Easily understandable and quick to the point. Interested in seeing more videos on this topic

  • Just to comment on the last part – Dropbox keeps the history of all changed files for up to 30 days (or longer with a paid account). That means that you would be able to restore your files if you notice that they have been encrypted in the past month.

  • Always, Always, Always have backups of your important data stored unconnected from your computer, NEVER, NEVER, NEVER pay the criminals that infect your computer. If you pay the ransom, then your only encouraging this criminal behavior to continue.

  • This is a VERY general over view and doesn't really properly explain how (As an example) not all that fall under the same category are even very similar. Botnets are a great example, sometimes yes, they are set up for financial gain but sometimes it's just to perform DDoS attacks or other things along those lines. I know it's a short YouTube video and it's difficult to explain everything in that time that is easy to understand, but it can make people think all viruses which are randomware are the same and so on.

    A bit more off topic though, you should have someone explain how anti-viruses won't protect you all the time as it drives me insane when people put 100% trust into things thinking "Oh, I have Generic Anti-Virus so I'm safe to download something called virus.exe". People typically encrypt viruses nowadays (Btw, very basic explanation here as there's usually more done to have less detection) by having the virus itself encrypted and binded with another exe called the stub that will unencrypt and run the virus after virus scans show it's safe to run. That's usually how many people still get infected today, even with anti-viruses installed.

  • When in doubt, run a program or web-browser through "Sandboxie" (not "a" sandbox, but the actual application called Sandboxie).

  • Unfortunately, he didn't mention the newest type of malware, which abuses the victim's CPU or even GPU to mine bitcoin.

  • I guess the ransomware looks for the file signature instead the extension. So it would not work changing the backup file extension to avoid the malware to detect it… So, keep your system up to date to avoid this kind of situation.

  • That's exactly it: if your backup software and service supports file versioning, unless the malware encrypts a file more times than the number of revisions your backup software/service maintains, you should be able to go back to a previous revision instead of paying to have your files decrypted. But as mentioned, being constantly connected is a risk.

  • The history you have on Dropbox can also be used on windows it's called Shadow Copy or Previous File History. BUT there are Malwares out there that are smart enough to also delete them. That is the reason why your day to day account should not have admin privileges. Only an admin can delete the shadow copies so it would be stopped and you could take your device to the desinfection then login to the admin account and use Previous File History to recover files. But do it in Robo Copy or Xcopy as long filename/paths could lead to problems that the files can't be recovered.

  • I really wish they would do an episode on the CC servers themselves. I've always wondered where these servers are physically on the internet. Obviously they aren't just run out of the hackers garage so where are they?

  • Deleting files is easy to catch and undo. But what if the malware instead overwrites the file with empty/dummy content? Will Dropbox allow you to get an older copy?

  • Are stolen bank details really worth hundreds of dollars? The fraudsters will still need to recruit a money mule so they can get money out through transactions that can't easily be tracked and reversed.

  • Hence your videos have a lot of talking in them, it would be nice to have subtitles made for the videos when they are released because its hard for me to understand the video.
    It would also make translating the videos to other languages easier.
    Hope you consider this 🙂

  • All my data is on a NAS with versioning enabled and the user I run under doesn't have permission to remove old versions. If I ever get hit by ransomware, I'll just roll all the files back to the pre-encryption state. Bring it on, bad guys!

  • Guys, anyone know of discord for pc having any malware on it? If so, what kind? It said something about the chat never closing even when I close my browser??

Leave a Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2019 Geted Tabs Online. All rights reserved.