YouTube allows fake ads from MrBeast impersonators that are stealing people’s money… Not a clickbait.

Hey all.

This is pissing me off. YouTube – the biggest video sharing service on the internet helps scammers steal money from people. I am not joking. Let me explain.

I was watching YouTube content on my phone (I usually don’t because of the amount of ads) and I’ve noticed this AD on YouTube:

First thing that caught my attention was the cartoony Jimmy, next was the MrBeast logo left to the video title and channel name. I thought Jimmy is up to his usual shenanigans but then I looked closer.

Everyone that visits this page in the pinned comment of the video will get $1000… Woah ok…

So first of all You can see that the channel is NOT the official MrBeast YouTube channel, that might be OK Jimmy has few channels. Maybe this one is new…? Domain name? Ok ok… Maybe its nothing… But then you click the “Claim Reward” button and You are asked for $2.99 in order to receive a $1000 “PayPal Voucher”.

Does this reminds You of something? Nigerian prince that is fleeing the country and wants to share $20,000,000.00 with You and all You need to do to get your cut is to send him $150 to cover his banking fees? Yeah… In my time it was called a “Nigerian scam” later renamed to advanced-fee scam.

Do NOT fall for this. This is not Jimmy / MrBeast and he is not associated with those people. Jimmy wouldn’t ask you for money. He really does not need Your $2.99. If You want to give Jimmy money – go and buy his merch or the chocolate bars etc. Watch his videos. Subscribe to his channels, like comment and share his videos etc. but do NOT fall for this. Jimmy will never see Your money and You will never see the $1000 that the scammers are promising You…

Now let me say this and be very clear about it. This whole scam operation has NOTHING to do with Jimmy except for one thing – some dirtbag is using his reputation to scam people. This is important I will explain why in a sec… This post is not pointed at MrBeast. Jimmy did absolutely nothing wrong. I am an admirer of MrBeast. He does a lot of good. I love his content. He is a great guy. Go and check out videos on his MrBeastPhilanthropy channel. Guy is practically a saint by today’s standards. He is building orphanages, he is helping communities that suffered from disasters, he is building homes for homeless families and gives away school supplies to children etc. Jimmy is fantastic. Not just my opinion. This guy has hundreds of millions of followers on multiple platforms and between several YouTube channels. He is a BEAST. He is also well known for giving away large sums of money to strangers.

Now this ad on YouTube is pissing me off for many reasons:

– Someone is using Jimmy’s good name and reputation to steal money from people. MrBeast is amazing. I know I am repeating myself but this message needs to sink in ok? Scammers use that to steal money from kids, naive, tired and / or uneducated people. This IS BAD. Why? I’ve seen situations where my favourite creators were explaining in the videos addressed to their followers “Guys – this telegram account that is promising you a pot of gold – that’s not us! This is NOT our account. We did not replied to your comment. Please stop contacting us about Your reward!”. And this is JUST a stupid comment from a malicious user on YouTube. Now imagine seeing a YouTube approved, PAID ad that promises You a $1000… This is much bigger than a simple YouTube comment. People will fall for this. Look at the number of likes under the pinned comment. 608 people liked it!… The channel had about 350 subscribers. Who will they blame when they won’t get their promised $1000? MrBeast… because he promised and did not delivered and they believed him because he is MrBeast! This is a problem!

– YouTube by allowing this sort of ads (THERE IS MORE THAN ONE CHANNEL OUT THERE ACTIVELY DOING THIS!) on their platform is actively HELPING scammers exploit MrBeast brand for their malicious purposes. Are they doing it knowingly? I don’t know. I doubt that but still. IS NOBODY CHECKING THOSE ADS BEFORE THEY ARE AIRED??? Is everything automated to the point where You pay them money and they will air whatever you want? Are they that desperate for income? Is it possible that soon we will see ads from Linus Tech Tips giving away free screwdrivers? Or maybe Endless Adventure will offer You a night in their vintage Clementine for $5? Or maybe Joey the King of Diy will give you a tour behind his shed so that You can see his wood? You know the aquascaping supplies… Matt from Off The Ranch / Demolition Ranch will offer You his favourite glock for 2 beers and a chewing gum? Sam The Cooking Guy will offer You a schnitzel for $2.99? Dan from Tring Shoe Repair will fix your boots for £3? PepperGeek will send You a magic pepper seeds for only $2.99? Who is next? PewDiePie? Markiplier?

Recently I’ve watched a video from Demolition Ranch where Matt explains that he is re-uploading a video because YouTube MODERATORS removed it because it contained scenes where he was attaching a silencer to a gun. THIS is not allowed on YouTube. Not the fact that the gun with the silencer is present in the video. This is ok. Its the deed of attaching the silencer to a gun that’s not… How dumb is this?

Just before posting this I’ve watched a Techlinked (one of the LMG channels) video where James is talking about more ways that YouTube is demonetising its creators…

GREAT! So YouTube IS monitoring and moderating content… Just not the ads aired on their platform? Come ON! This STINKS!

How does this gets past the YouTube’s advertising people? This is an obvious disgusting scam! Is everything automated to the point where NOBODY watches those ads before they are aired? No moderation whatsoever? WHY? If they had some sort of moderation system that verifies the ad content – this wouldn’t happen. It would be as simple as “Uhhh MrBeast is advertising a giveaway.. How nice. But let me check out that link real quick! Roh roh… This is sketchy! Hello MrBeast? Jimmy are you trying to run an ad on YouTube? No? Ok thanks! Lets keep scammers money they paid for the ad and never air it! Profit! Uhm and maybe alert the authorities with the scammer’s details! Another one bites the dust! Job well done!

I might get hammered for posting this by the people behind this scummy enterprise. My site may get attacked and hacked. My server is backed up so… yeah. I may get doxxed. I am sticking my neck out here but the fact is that I won’t just sit here and take it. This is a disgusting practice. YouTube by airing this scummy content is dragging MrBeast’s name through mud and helps scammers steal money from people. Not cool. Attaching silencers is not ok BUT scummy ads are fine… GREAT job! NOT!

I hope that Jimmy gets in touch with his YouTube rep and puts an end to it.

I tried contacting Jimmy via his business e-mail. I got no reply so far.

I tried contacting Google / YouTube press department with a request for a comment. I got no reply so far.

I tried starting a discussion threads on reddit

https://www.reddit.com/r/youtube/comments/108mlse/youtube_allows_scammers_to_steal_peoples_money_by/

https://www.reddit.com/r/MrBeast/comments/108ii3q/youtube_allow_scammers_to_steal_peoples_money_by/

But both threads ended up being removed by the moderators… I know of at least one more person that tried to raise awareness about this and his thread was also removed.

https://www.reddit.com/r/MrBeast/comments/1097z7z/fake_mrbeast_event_giving_1000_hurry_up/

I am really glad we have such a strong moderation on reddit… Maybe YouTube could hire them to moderate the ad vids…

I don’t have a Twitter or Facebook account where I could try and contact creators and try raising awareness about this hence this post on my crummy little site where more than likely nobody will ever read this… but at least I tried.

If You stuck with me this far – thanks for reading. My message to You is simple. Spread the word, stay vigilant, don’t get scammed, don’t blame YouTube creators if You did fall for this and have a great day.

Kindest regards.

Andrzej

Protect your Nginx powered ClassicPress / WordPress login page against brute-force password attacks using fail2ban on Debian based Linux

Heyo!

So I looked into my blog stats and noticed something interesting…

There are some very curious people out there… Some of them visited my page thousands of times. I wonder what they were looking at…

Oh…? Why would my He-bro friend looking at my wp-login.php page? Interesting…

The fact is that there are bots / malicious actors out there trying to brute-force your login and password. Why? Because they can. Because they want to. Because reasons.

Anyway. I use strong passwords but I don’t want to tempt the faith so… HOW do I stop those password brute-forcing attempts? What to do? How to live?!

There’s this piece of code called fail2ban and it will do exactly what it says. It will ban anyone that fails to log into your system.

So how do I get it and how to set it up?

Well here is how.

You open a terminal window on your https server and you gain root.

su -

Then you install fail2ban (and midnight commander):

apt install -y fail2ban mc

Next thing is to configure this bugger…

Let’s start with jail.local file

mcedit /etc/fail2ban/jail.local

And paste this into the file (Shift + Insert) and edit the file accordingly:


[DEFAULT]
ignoreip = 127.0.0.1/8
mta = mail
# Replace YourGmailRelay@gmail.com with Your Gmail Relay Email
sender = YourGmailRelay@gmail.com
sendername = Fail2ban
banaction = iptables-allports
# Replace YourGmailRelay@gmail.com with Your Gmail Relay Email
# Set up 2FA and APP Password on your Gmail relay and replace
# YourGmailRelayAppPassword with your APP Password for GMail
# Replace the TheEmailYouWantToReceiveInfoTo@YourDomain.You with your Email address
# where you want your fail2ban reports to be delivered
action = %(action_mw)s[from=YourGmailRelay@gmail.com, password=YourGmailRelayAppPassword, destination=TheEmailYouWantToReceiveInfoTo@YourDomain.You, sendername=Fail2Ban]
# IF I catch this mofo 3 times
maxretry = 3
# During 36000 seconds (10 hours)
findtime = 36000
# I'll ban his ass for 36000 seconds (10 hours)

bantime = 36000

[sshd]
# Change this to true if you want to protect your ssh logins with fail2ban too
enabled = false


[wordpress-wplogin]
enabled = true
filter = wordpress-wplogin
# IF you're not using nginx or the log is located somewhere else - edit the line below
logpath = /var/log/nginx/*_access.log
port = http,https


Save the file (F2) close the file (F10).

Next edit wordpress-wplogin.conf file:

mcedit /etc/fail2ban/filter.d/wordpress-wplogin.conf

Paste this into the file (Shift + Insert):

[Definition]
failregex = ^<HOST> .* "(GET|POST) /+wp-login.php
            ^<HOST> .* "(GET|POST) /+xmlrpc.php

Save the file (F2) close the file (F10).

Next run those two commands:

Replace the TheEmailYouWantToReceiveInfoTo@YourDomain.You with your Email address where you want your fail2ban reports to be delivered

sed -i 's/root@localhost/TheEmailYouWantToReceiveInfoTo@YourDomain.You/g' /etc/fail2ban/jail.conf

Replace YourGmailRelay@gmail.com with Your Gmail Relay Email

sed -i 's/root@<fq-hostname>/YourGmailRelay@gmail.com/g' /etc/fail2ban/jail.conf

Next enable and restart fail2ban

systemctl enable fail2ban && systemctl restart fail2ban

and now check if it’s running:

systemctl status fail2ban

Active: active (running) since Sat 2022-10-29 22:12:35 IST; 1s ago

How to check what jails is fail2ban running?

fail2ban-client status

Status
|- Number of jail: 1
`- Jail list: wordpress-wplogin

How to check status of a specific jail?

fail2ban-client status wordpress-wplogin

Status for the jail: wordpress-wplogin
|- Filter
| |- Currently failed: 0
| |- Total failed: 0
| `- File list: /var/log/nginx/some_ssl_access.log
`- Actions
|- Currently banned: 0
|- Total banned: 0
`- Banned IP list:

How to unban specific IP from a specific jail?

fail2ban-client set JAILNAME unbanip IPADDRESS

fail2ban-client set wordpress-wplogin unbanip 356.567.789.890

That’s all folks…

Cheers.

Andrzej

Edit: I have asked SloniuPL if he is using or will be using Fail2Ban. He said “No and No” and when asked why he said “I am using wordfence and jetpack, free versions”. IF you don’t want to use fail2ban – there’s an alternative however fail2ban in my opinion gives you more options as it will protect more than just you ClassicPress / WordPress.

Set up GMail SMTP relay script

Hi, this script will install and configure a mail server on your Debian based Linux using GMail SMTP as a relay server.

Steps:

– Create a GMail account.
– Set up 2 factor authentication on GMail account
– Set up and write down an App Password for GMail account
– Download the script:

wget -c https://files.andrzejl.eu/gmail_relay.sh 

– Use GMail details to replace some data in the script below in your fav text editor
– Use GMail App Password to replace some data in the script below in your fav text editor
– Use the e-mail that’s suppose to receive the e-mails to replace some data in the script below in your fav text editor

mcedit ./gmail_relay.sh

OR

nano ./gmail_relay.sh

OR

vi ./gmail_relay.sh

– Save the script
– Make sure gmail_relay.sh is executable

chmod +x ./gmail_relay.sh

– Run the script as root twice

sudo ./gmail_relay.sh
sudo ./gmail_relay.sh

Here’s the code you’re downloading:


# Script written by AndrzejL and downloaded from https://andrzejl.eu/files/gmail_relay.sh
# Please do not remove or edit the first three lines. https://blog.andrzejl.eu/2022/10/25/set-up-gmail-smtp-relay-script/
# Please do not use this script for anything illegal. I cannot stop you but I hope you will respect my request.
# Replace all instances of e-mail_address_of_the_relay@gmail.com with actual gmail relay email address
# Make sure you have 2 factor authentication enabled on gmail
# Make sure you have a app password setup on gmail
# Replace all instances of YOURGMAILAPPPASSWORD with gmail app password
# Replace all instances of YourDifferent@Email.address with your recipient e-mail address
# Run this script twice and you're golden.
# IF asked - chose NO CONFIGURATION during the setup
# Check Your receipient e-mail after the script is ran
apt-get --reinstall -y install libsasl2-modules postfix bsd-mailx dialog &&
cp /usr/share/postfix/main.cf.debian /etc/postfix/main.cf &&
date > /etc/postfix/main.cf &&
echo 'alias_maps = hash:/etc/aliases' > /etc/postfix/main.cf &&
echo 'alias_database = hash:/etc/aliases' >> /etc/postfix/main.cf &&
echo 'mynetworks = 127.0.0.0/8' >> /etc/postfix/main.cf &&
echo 'inet_interfaces = loopback-only' >> /etc/postfix/main.cf &&
echo 'inet_protocols = ipv4' >> /etc/postfix/main.cf &&
echo 'recipient_delimiter = +' >> /etc/postfix/main.cf &&
echo 'compatibility_level = 2' >> /etc/postfix/main.cf &&
echo 'relayhost = [smtp.gmail.com]:587' >> /etc/postfix/main.cf &&
echo 'smtp_use_tls = yes' >> /etc/postfix/main.cf &&
echo 'smtp_sasl_auth_enable = yes' >> /etc/postfix/main.cf &&
echo 'smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd' >> /etc/postfix/main.cf &&
echo 'smtp_tls_CApath = /etc/ssl/certs' >> /etc/postfix/main.cf &&
echo 'smtp_sasl_security_options = noanonymous, noplaintext' >> /etc/postfix/main.cf &&
echo 'smtp_sasl_tls_security_options = noanonymous' >> /etc/postfix/main.cf &&
echo 'sender_canonical_classes = envelope_sender,header_sender' >> /etc/postfix/main.cf &&
echo 'sender_canonical_maps = regexp:/etc/postfix/sender_canonical_maps' >> /etc/postfix/main.cf &&
echo 'smtp_header_checks = regexp:/etc/postfix/header_check' >> /etc/postfix/main.cf &&
echo '[smtp.gmail.com]:587 e-mail_address_of_the_relay@gmail.com:YOURGMAILAPPPASSWORD' > /etc/postfix/sasl_passwd &&
echo '/.+/ e-mail_address_of_the_relay@gmail.com' > /etc/postfix/sender_canonical_maps &&
echo '/From:.*/ REPLACE From: e-mail_address_of_the_relay@gmail.com' > /etc/postfix/header_check &&
/usr/sbin/postmap /etc/postfix/sasl_passwd &&
/usr/sbin/postmap /etc/postfix/sender_canonical_maps &&
/usr/sbin/postmap /etc/postfix/header_check &&
/usr/sbin/postalias /etc/aliases &&
postfix reload &&
systemctl restart postfix &&
echo $HOSTNAME | mail -s "test email" YourDifferent@Email.address -a "FROM:e-mail_address_of_the_relay@gmail.com" &&
echo "Test message" | mail -s "test email" YourDifferent@Email.address -a "FROM:e-mail_address_of_the_relay@gmail.com" &&
echo MAILTO="YourDifferent@Email.address" &&
echo $HOSTNAME


Cheers.

Andrzej

Piwigo photo gallery + VideoJS = Error: File too large

I’ve installed and configured VideoJS plugin on my self-hosted Piwigo gallery and when I tried to upload a video I got an error:

Error: File too large

To fix this issue I’ve edited the file

[your_piwigo_install]/admin/themes/default/template/photos_add_direct.tpl

and change the line:

max_file_size : '1000mb',

by adding few extra zeros

max_file_size : '10000000mb',

That fixed my issue. YMMV depending on your php.ini file config etc.

Kind regards.

Andrzej

Installation of Google Chrome on any apt / *.deb based distro.

Task is very simple:

Open terminal and type in commands:

wget -c https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

This will download the latest Google Chrome deb file which You will install it using this command:

sudo apt install -y ./google-chrome-stable_current_amd64.deb

From now on you can update your system the way you normally would. Chrome adds a repository to your apt sources.list which will keep your browser updated.

Cheers.

Andrzej

Valheim BepinEX InSlimVML BuildShare Mods Installation 11.07.2022

Hello

I am not great at making videos but I was annoyed by the fact that I could not find a video that would give me a 100% working solution. Also the mods config file location was a PITA to find. Necessity forced me to create this monstrosity you’re watching / about to watch ;-).

Links below. Including a link to “Open Source Bug” video explaining how to open RAR file in 7z File Manage. He did a great job, no need for me to reinvent the wheel.

If you found this video useful consider buying me a cup of java?

https://www.paypal.com/paypalme/AndrzejLski

Once you have installed everything like instructed in the video those will be the paths to your main folders:

In Steam Library, right click on Valheim and choose Manage – Browse local files

Once inside the Valheim main game folder you have have:

BepinEX mods folder located in:

\BepInEx\plugins

BepinEX mods configs folder located in:

\BepInEx\config

InSlim mods folder located in:

\InSlimVML\Mods

Vbuild storage folder located in:

\BuildShare\Builds

Cheers.

AndrzejL

Links:

7z download link:
https://www.7-zip.org/
Use 7zip to open RAR file | DOWNLOAD LINK
https://youtu.be/G5MVjaaPXuU?t=63
BepinEX:
https://valheim.thunderstore.io/package/denikson/BepInExPack_Valheim/
InSlimVML:
https://www.nexusmods.com/valheim/mods/21
Buildshare Mod Download:
https://www.nexusmods.com/valheim/mods/5/
Comunity Builds Library:
https://www.nexusmods.com/valheim/mods/categories/10/

SOLVED! The frustration is real… Acer One 10 S1002 64 bit Atom CPU but 32 EFI bootloader plus ElementaryOS Linux 6.x equals EFI shell after installation.

I own Acer S1002 “laptop”. Its one of those 2 in 1 tableto-laptop devices running on Atom CPU. It will only install Windows in 32 bit version because it has a dumb**s 32 bit EFI bootloader.

When installing ElementaryOS 5.1 everything (almost) is peachy. It installs it boots – few minor issues.

When installing ElementaryOS 6 it installs but after a reboot I get an EFI shell.

Upon closer look the EFI partition on 5 contains:

BOOTIA32.EFI

ubuntu (folder)

grub.efi

grubia32.efi

While ElementaryOS 6 only shows 64 bit files.

I tried copying files listed above to the EFI partition of the ElementaryOS 6 installation – that did not fix anything.

Machine’s bios does not allow to disable UEFI / enable legacy boot.

Chrooting into installation and installing refind does not help…

Tell me Gandalf, what I must do now?

Please do not leave me with Windows 10 32 bits as my only option 🙂

Kind regards.

Andrzej

Updated 18 June 2022

Solution below. Warning, beyond here there be dragons.

Ok I am sorted… I will show you how but do so at your own risk. You need to know at least basics and I am not taking any responsibility if you fubar…

First what I did was I’ve installed ElementaryOS 6 BUT I chose a custom partition setup

1st 512 mb partition ext4 /boot
2nd 512 mb partition efi /boot/efi
3rd 4 gb swap
4th rest of space ext4 /

I chose not to encrypt the drive. After install I rebooted.

I rebooted into ElementaryOS 6 LiveUSB.

Next I’ve connected to wifi and then followed a prompt and went into the “Demo” mode. You can connect to wifi after going into Demo mode too.

Then I’ve opened a terminal and ran:

sudo su

mount /dev/mmcblk2p4 /mnt

(mmcblk2p4 is my / this could be mmcblk1p4 – check fdisk -l)

mount -t proc none /mnt/proc/

mount -o bind /dev /mnt/dev/

mount -o bind /sys /mnt/sys/

mount -o bind /run /mnt/run/

mount /dev/mmcblk2p1 /mnt/boot/

(mmcblk2p1 is my /boot this could be mmcblk1p1 – check fdisk -l)

mount /dev/mmcblk2p2 /mnt/boot/efi/

(mmcblk2p2 is my /boot/efi this could be mmcblk1p2 – check fdisk -l)

chroot /mnt

apt update && apt upgrade && apt dist-upgrade && apt full-upgrade && apt autoremove --purge

(ignore messages about not being able to write the log)

apt install efibootmgr grub-common grub-efi-ia32 grub-efi-ia32-bin grub-pc-bin grub2-common mokutil secureboot-db && apt autoremove --purge

(You will be asked to type in a phrase to continue the installation)

Type it in exactly as you see it and confirm with enter.

grub-install /dev/mmcblk2

(this could be mmcblk1 – check it with fdisk -l)

update-grub

exit

reboot

After reboot I was finally able to boot 🙂

Kind regards.

Andrzej

Disable “Early Access Build” message in ElementaryOS 6 Beta

So I’ve installed Elementary 6 Beta for testing purposes. Cool.

On every single boot I was greeted with this…

I wanted to get rid of it so I’ve decided to track what application was starting this pop-up.

To figure it out I’ve installed xdotool

sudo apt install xdotool

and then ran this command and clicked on the “Welcome message” box to focus it:

sleep 5 && cat "/proc/$(xdotool getwindowpid "$(xdotool getwindowfocus)")/comm"

Turns out that the culprit was:

So I started killing off all the io.elementary.* processes that were running with my user permissions and the window was gone after I’ve killed:

io.elementary.onboarding

So I ran:

sudo apt purge io.elementary.onboarding

And after a reboot the message was no longer appearing.

Have a great day.

Andrzej