LTT, TechLinked, TechQuickie were hacked

lockhrt999

Not a Fan.
Skilled

TLDR, A malware disguised in sponsorship email stole chrome session cookies.

I have been writing about this serious flaw in Windows security for some time now (maybe mac os has this flaw too, I dunno). I have written about it several times on TE itself. There's gotta be an inbuilt mechanism to stop any random program reading the data that it's not supposed to.

Your data including passwords saved in chrome can be read by any of the 1000s of programs running on your computer. It's as simple as that.

If you ever had shared a random folder from C drive then your passwords can be read through network too.

Microsoft and google believe in security based on honor.

If you ever had a virus on your computer and if you save passwords in chrome then your passwords have already been stolen.

Stealing passwords or session cookies is the same thing as they are found in the same place. There's a way to block this kind of attack that I know of and use. We can protect Google folder using windows security > ransomware protection > controlled folder access. Google folder is inside your app data folder.

Linus should have called out Microsoft too for this too mammoth of a flaw. I know Windows is legacy and poop. But at some point MS has to start building a truly next gen of OS. It gotta open some Doors.
 
I was online on YouTube when the Tesla stream had just started. It was in my subscriptions page. I looked into the channel as I was sure I never subscribed to Tesla's YouTube channel. It looked like the legit channel. Every video there was about a product or something related to Tesla, and I think I saw videos dated back, like 2 weeks ago, 1 month ago, etc. Still confused about this.
 
I've also heard that apps on android/iOS can read your clipboard. so if you're copy-pasting your passwords from a password manager, there are apps out there that can read that info.
 
Last edited:
I've also heard that apps on android can read your clipboard. so if you're copy-pasting your passwords from a password manager, there are apps out there that can read that info.
I don't know if this is a common feature, but I use Resurrection Remix OS in my Android. There is an option to have a toast popup whenever the clipboard is accessed, which usually seems to happen, at least with the apps I use, whenever I hold the cursor to select or looking to cut/copy/paste; except for browsers, where the clipboard is accessed looking for links, whenever I tap on the address bar.
 
I've also heard that apps on android/iOS can read your clipboard. so if you're copy-pasting your passwords from a password manager, there are apps out there that can read that info.
Clipboard and app notifications (think OTP SMS) could be read by any app on your android phone last time I checked. The Read SMS permission is to be able to access them at any time, directly from the database. Just think of how many apps offer to fill in OTP while making payments, but never ask to Read SMS.

A good password manager should have it's own keyboard to avoid copy-pasting.


Stealing passwords or session cookies is the same thing as they are found in the same place. There's a way to block this kind of attack that I know of and use. We can protect Google folder using windows security > ransomware protection > controlled folder access. Google folder is inside your app data folder.

Linus should have called out Microsoft too for this too mammoth of a flaw. I know Windows is legacy and poop. But at some point MS has to start building a truly next gen of OS. It gotta open some Doors.
Cookies can also be stolen from any device on your network, don't even need a malware on your PC. Accessing browser files is just one way to do it - they chose to run that file after all. Wonder how a pdf could perform those actions. Was it actually file.pdf.exe and they had disabled Show Extensions?

However Google allowing channel name changes without 2FA/relogin confirmation is ridiculous.
 
I've also heard that apps on android/iOS can read your clipboard. so if you're copy-pasting your passwords from a password manager, there are apps out there that can read that info.
That's biggest flaw no. #2. I have written on this as well.


As long as these exploits aren't exploited on massive scale nothing's going to change. It's an honorary security system.

Cookies can also be stolen from any device on your network, don't even need a malware on your PC.
I have no idea in what way you think it's possible but I know this is to be true. I have written about it on a different forum. If we have a shared folder on C drive then everything on that drive become accessible on the network, including Windows and Users directory. I had a shared folder on C drive on all of the computers in my house for several years and one day I discovered this. Microsoft's response was, 'it's as per design.'.
 
It's an honorary security system.
No honour amongst thieves... Clipboard should only be pasteable, not readable by background apps. That's the only solution I can think of.

I have no idea in what way you think it's possible but I know this is to be true
Just run a basic packet sniffer. You can see the cookie text. Copy that to your browser and "you're in". I used to pentest my own network and was shocked to see how much info someone can sniff out of the air.

If we have a shared folder on C drive then everything on that drive become accessible on the network, including Windows and Users directory. I had a shared folder on C drive on all of the computers in my house for several years and one day I discovered this. Microsoft's response was, 'it's as per design.'.
Did you share C drive as a whole or just C:/some_folder?
 
I'm no security expert, but I think session tokens should have some kind of signature to ensure they can't be copied over to another computer and used. I believe UPI and banking apps do something of that sort on phones.
 
ust run a basic packet sniffer. You can see the cookie text. Copy that to your browser and "you're in". I used to pentest my own network and was shocked to see how much info someone can sniff out of the air.
That''ll only work for the websites that don't use HTTPS/SSL. But most of the websites these days use HTTPS. To sniff encrypted packets, user will have to install forged trusted certificate in the operating system.
Did you share C drive as a whole or just C:/some_folder?
Yup. C:/some_folder.
 
I'm no security expert, but I think session tokens should have some kind of signature to ensure they can't be copied over to another computer and used. I believe UPI and banking apps do something of that sort on phones.
I am not sure if browsers on Windows do that, but android apps certainly can access a lot of hardware info. UPI apps even need your SIM no. to match. They will log out if you open them without the authenticated SIM inserted.

That''ll only work for the websites that don't use HTTPS/SSL. But most of the websites these days use HTTPS. To sniff encrypted packets, user will have to install forged trusted certificate in the operating system.
There's HTTPS & DNS spoofing for that, but I digress
Yup. C:/some_folder.
Damn. Will look into this.
 
This clearly shows that LTT is not techy at all... I always cringed when they posted videos about their petabyte storage builds and lost their storage server once losing data. Everyone knows these type of pdf exploits happen a lot (especially on windows) and atleast they should have been using linux/mac for marketing team instead of windows. Also, who gives full access to the channel for everyone...?
 
Back
Top