Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Avishay Yanai Profile picture
@AvishaiY
Oct 21 9 tweets 2 min read Read on X
Last week, I fell victim to a sophisticated social engineering scam and ended up downloading a trojan. 😔 I feel stupid, but I'm sharing this so you'll be more cautious and vigilant, especially when you're in a hurry.

🧵👇
I always tell my friends and family: NEVER open any link unless you're 100% sure about the URL. But guess what? It was me who slipped up this time. 😓
An account on Twitter that seems completely legit (a verified account with a lot of followers), claiming to work with a (known) VC in its bio, reached out about a potential collab/partnership. After a quick sanity check, I suggested to hop on a call on the spot.
Instead of an immediate call, they scheduled it for a week later and sent me a calendar invite.

Then, 5 minutes before the call, they sent me a meeting link.
Except it wasn’t Google Meet, Zoom, or MS Teams. It was a link to “Brave Talk” — but the URL wasn’t , it had a different domain extension.brave.com
In a rush to not be late, I clicked it. It redirected me to download what seemed like a Brave browser installer. I downloaded the dmg file... but nothing happened — at least nothing visible. That’s when I got suspicious. 🤔
I told them the file didn’t work. They tried convincing me to fix it fast because "others were waiting on the call." They even sent instructions and screenshots and were very willing to help me installing this f*** file. But by then, I knew something was off. Image
I played along, sent them a Google Meet link asking them to join my call, to stall for time and let them think I'm still with them; then I immediately took the required measurements needed to minimize the impact of the attack (without knowing if it succeeded or not) and checked the dmg on VirusTotal. As I feared, it was a verified trojan. 🛑Image
Lesson learned: Always be suspicious. Double-check every link. Run downloaded files through VirusTotal or similar tools. Stay safe out there! 💻🔒

Share so no one else falls for it like I did. 🙏 #CyberSecurity #StaySafe #trojan

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Avishay Yanai

Avishay Yanai Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @AvishaiY

Avishay Yanai Profile picture
Jan 22
The claim by @nillionnetwork that has raised the most doubts, is that of an IT-secure MPC with a *non-interactive online-phase*, which apparently (as mentioned in ) contradicts a lower bound. >>

That claim was recently revised >>
Image
Their claim was `downgraded' to specifically target a 'sum-of-products' gadget -- a type of circuit that, while interesting, is still limited.

The structure of the 'sum-of-products' is as follows >>
There are A sets, and in the a-th set (where a ranges from 1 to A), there are M_a multiplicands, denoted as x_{a,m} (with m ranging from 1 to M_a). The elements of each set are multiplied together to obtain the a-th product, and then all products are summed. >> Image
Read 16 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(