Results 1 to 3 of 3
  1. #1
    3JIOU_KOTE's Avatar
    Join Date
    Nov 2011
    Gender
    male
    Posts
    101
    Reputation
    10
    Thanks
    552
    My Mood
    Brooding

    How to not get pwned by malicious apps, or basic infosec for dummies

    Hello everyone, as you may noticed there is some sort of malicious campaign running against mpgh users for about a week or so, so i decided to post some basic tips on how to spot malicious applications and also protect yourself from them.



    1) Malware distributors don't use attachments to spread their miners/downloaders/trojans/etc.
    Since each and every attachment is checked and tested by mpgh staff, so if you see external link that offers you to download something - it is probably infected and you should not blindly download/launch it on your main pc.
    Seriously though, external download links are prohibited by forum rules for a good reason.
    - No outside links or links to downloads/attachments, use the upload system instead. (Permanent Ban)
    - No distribution of cheating/hacking material besides in thread as an approved attachment. No distributing via pm, messenger service (via MPGH). (Permanent Ban)
    Also they usually don't provide any detailed info or screenshots of their program, or they use some sort of copypasted crap that is easy to spot on.


    2) Virustotal.com is your friend, but don't trust it too much.
    Although it may give you false positive results(usually detection names like generic/hacktool are false positive) it can give you some insight on what this file might do to your pc(so if you see something like miner/trojan you can get the idea that this thing may be malicious).
    But there is also a problem - files can be encrypted to bypass static virus checkers like virustotal/novirusthanks, thus making it appear safe to use, while it actually retaining it's malicious payload.
    To comprehend this issue i recommend you to use online sandboxes that will launch executables inside virtual enviroment and report any suspicious activity, here's couple of them:
    https://www.hybrid-analysis.com/
    https://any.run/
    https://cuckoo.cert.ee/


    3) Antiviruses/sandboxes may partially protect you, but they can be bypassed.
    Install virtual machine(virtualbox/vmware) to launch suspicious files, and NEVER launch them on your main pc.
    If executable uses something like themida/vmprotect to detect virtual machine - google how to bypass it's checks, BUT NEVER UNDER ANY CIRCUMSTANCES LAUNCH IT ON YOUR MAIN PC, EVEN IF YOU HAVE ANTIVIRUS/SANDBOX INSTALLED!
    Last edited by 3JIOU_KOTE; 08-27-2019 at 08:08 AM.

  2. The Following User Says Thank You to 3JIOU_KOTE For This Useful Post:

    SmokingOut (2 Weeks Ago)

  3. #2
    birdsarentreal's Avatar
    Join Date
    Jun 2019
    Gender
    male
    Posts
    5
    Reputation
    10
    Thanks
    0
    Thank you for the solid advice for everyone here, it pays to take 5 minutes to keep your machine safe from hackers

  4. #3
    Lonzo Ball's Avatar
    Join Date
    Jun 2018
    Gender
    male
    Location
    Los Angeles, CA
    Posts
    58
    Reputation
    40
    Thanks
    15
    My Mood
    Psychedelic
    Thanks sir, this is helpful

Similar Threads

  1. HELP IMPORTANT! how to not get jhacks detected
    By taker65432 in forum CrossFire Hacks & Cheats
    Replies: 9
    Last Post: 04-19-2009, 11:09 PM
  2. [TUT]How to not get banned!
    By Noxit in forum Operation 7 General
    Replies: 25
    Last Post: 02-09-2009, 01:53 PM
  3. How to not get ANY hacks detected!
    By Rico760 in forum Combat Arms Hacks & Cheats
    Replies: 7
    Last Post: 09-02-2008, 12:09 AM
  4. How To Not Get Banned(Tut)
    By rwkeith in forum Combat Arms Hacks & Cheats
    Replies: 26
    Last Post: 08-16-2008, 09:19 PM
  5. HOW TO NOt GET BANNED
    By icemaster377 in forum WarRock - International Hacks
    Replies: 34
    Last Post: 02-23-2008, 10:19 PM