{"id":16185,"date":"2021-09-07T10:35:53","date_gmt":"2021-09-07T09:35:53","guid":{"rendered":"https:\/\/ekiwi-blog.de\/?p=16185"},"modified":"2021-09-07T19:12:58","modified_gmt":"2021-09-07T18:12:58","slug":"blackmagic-youtube-scam","status":"publish","type":"post","link":"https:\/\/ekiwi-blog.de\/en\/16185\/blackmagic-youtube-scam\/","title":{"rendered":"BlackMagic Youtube Scam"},"content":{"rendered":"<p>After Krita.io scam, there seems to be another scam attempt. This time, the software BlackMagic is involved.<\/p>\n<p><!--more--><\/p>\n<p>As always, these emails are not from the company BlackMagic, so there is no need to contact them. As in the last scam attempt, you first receive an email about an offer. It seems to be addressed to Youtubers and other social network content producers, offering money for integrating some video content into the other video.<\/p>\n<p><iframe loading=\"lazy\" width=\"560\" height=\"315\" src=\"https:\/\/www.youtube.com\/embed\/ZU4UKehyaNI\" title=\"YouTube video player\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture\" allowfullscreen><\/iframe><\/p>\n<blockquote><p>\nBlackMagic Design Company<\/p>\n<p>Good afternoon, our team is pleased to invite you to a long-term cooperation with our product DaVinci Resolve 17, we will be happy to fulfill all your requirements and provide all the necessary materials for advertising.<\/p>\n<p>Studios deal with a huge number of different applications and systems, so they need the most flexible solution for post-production. DaVinci Resolve allows you to use any type of storage-from directly connected disks to NAS nodes and SAN networks.<\/p>\n<p>We have a large audience all over the world and therefore the feedback from your audience will only be positive!<\/p>\n<p>Our team is waiting for your response!\n<\/p><\/blockquote>\n<p>There is no download link in the first email.  You will have to respond to the email first. After about a day I got the response, so this does not seem to be an automatic mail.<\/p>\n<blockquote><p>\nLink to download the advertising version of the program: https:\/\/www.dropbox.com\/s\/\u2026<\/p>\n<p>Password to enter the archive: 1223<\/p>\n<p>Serial key for accessing the advertising version: UTS-2096-0235<\/p>\n<p>After downloading the advertising version of the program, please send us a message to set a fixed tariff for advertising integration and specify the terms of advertising implementation.\n<\/p><\/blockquote>\n<p>The emails content are some instructions for downloading the software. The download link is a Dropbox link. There is also a password for the archive. The password encrypts the ZIP file, so antivirus software in most cases are unable to scan the content.<\/p>\n<p>As you can see, the download size is about 5 MB of data. Not much.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2021\/09\/dav_1.png\" alt=\"\" width=\"428\" height=\"347\" class=\"aligncenter size-full wp-image-16186\" srcset=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2021\/09\/dav_1.png 428w, https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2021\/09\/dav_1-300x243.png 300w, https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2021\/09\/dav_1-100x80.png 100w, https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2021\/09\/dav_1-80x64.png 80w\" sizes=\"auto, (max-width: 428px) 100vw, 428px\" \/><\/p>\n<p>However, if we open the ZIP file, which I do not recommend doing that on a Windows machine, there are two files with about 324 MB of size. There is docx.exe file and another executable. Not bad for an original 5 MB ZIP file.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2021\/09\/dav_2.png\" alt=\"\" width=\"510\" height=\"232\" class=\"aligncenter size-full wp-image-16188\" srcset=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2021\/09\/dav_2.png 510w, https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2021\/09\/dav_2-300x136.png 300w\" sizes=\"auto, (max-width: 510px) 100vw, 510px\" \/><\/p>\n<p>The file size is often blown up to prevent online scanning. But VirusTotal.com can check the files. Both files can be scanned, and the results are alarming. 17 virus scanners flag these files for malware.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2021\/09\/dav_3.png\" alt=\"\" width=\"744\" height=\"659\" class=\"aligncenter size-full wp-image-16190\" srcset=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2021\/09\/dav_3.png 744w, https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2021\/09\/dav_3-300x266.png 300w\" sizes=\"auto, (max-width: 744px) 100vw, 744px\" \/><\/p>\n<p>So what happens is, when you start one of these files your computer will most likely be infected. In any case, best is to just ignore these mails, do not respond and do not click on any links.<\/p>","protected":false},"excerpt":{"rendered":"<p>After Krita.io scam, there seems to be another scam attempt. This time, the software BlackMagic is involved.<\/p>\n","protected":false},"author":1,"featured_media":15712,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1552],"tags":[1590,1591],"class_list":["post-16185","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-internet-en","tag-scam","tag-virus-en"],"_links":{"self":[{"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/posts\/16185","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/comments?post=16185"}],"version-history":[{"count":0,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/posts\/16185\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/media\/15712"}],"wp:attachment":[{"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/media?parent=16185"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/categories?post=16185"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/tags?post=16185"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}