[Flag] - "broke_tradah" installing hidden backdoor.

hacker1001101001

sr. member

Activity: 1288

Merit: 415

Quote from: LTU_btc on December 30, 2019, 07:31:57 PM

Doesn't he deserves to be banned? Because:

Quote

6. No linking to phishing or malware, without a warning and a valid reason. [e]

This doesn't apply here as he is not posting any links to steal your money or info, rather his costumers already know they are risking there account to him by using his bot just by looking at the script.

He is more or less violating the facuets rules on Freebitco.in and other such website and should be banned there.

Quote from: LeGaulois on December 30, 2019, 08:10:30 PM

I also saw there are people using the bot, (so infected), on their Samsung TV Cheesy

What the hell are they doing with faucets on TV? Cheesy

Pretty Cheap LOL ! Shocked

LeGaulois

copper member

Activity: 2940

Merit: 4101

Top Crypto Casino

Quote from: LTU_btc on December 30, 2019, 07:31:57 PM

I thought that he is just annoying troll who promote his not working bot and post nonsense on Freebitco.in threads... But seems that he is much more malicious...
Do I understand correctly that if I would use his script, he would have access to my Freebitco.in account and my desktop wallet files?
Doesn't he deserves to be banned? Because:

Quote

6. No linking to phishing or malware, without a warning and a valid reason. [e]

Yes but you need to create an account using his referral link before, he developed it to only work on accounts that joined under his referral link
I see in the code, briefly, it uses vnc, bypass the UAC and it scans your PC to look for .dat file

Quote

/Common Dirs
// $dirs[1][] = 'D:/';
// $dirs[1][] = '/';
// $dirs[3][] = '/Users/*/Desktop';
// $dirs[3][] = '/Users/*/Documents';
// $dirs[3][] = '/Users/*/Downloads';
// $dirs[3][] = '/Users/*/OneDrive';
// $dirs[2][] = '/Users/*/AppData/Roaming';

I also saw there are people using the bot, (so infected), on their Samsung TV Cheesy

What the hell are they doing with faucets on TV? Cheesy

LTU_btc

legendary

Activity: 3262

Merit: 1376

Slava Ukraini!

I thought that he is just annoying troll who promote his not working bot and post nonsense on Freebitco.in threads... But seems that he is much more malicious...
Do I understand correctly that if I would use his script, he would have access to my Freebitco.in account and my desktop wallet files?
Doesn't he deserves to be banned? Because:

Quote

6. No linking to phishing or malware, without a warning and a valid reason. [e]

LFC_Bitcoin

legendary

Activity: 3556

Merit: 9709

#1 VIP Crypto Casino

Flag supported (DT1)

There is now enough support on this flag (the required 3 DT members) for it to be active.

HCP

legendary

Activity: 2086

Merit: 4363

I have supported this flag, and it is now active... peddling a bot with claims of "guaranteed" winning is one thing... peddling malware designed to steal usernames/passwords and wallet files is a completely different level of scum. Undecided

Bitcoin_Arena

copper member

Activity: 2128

Merit: 1814

฿itcoin for all, All for ฿itcoin.

Quote from: hacker1001101001 on December 29, 2019, 11:46:16 PM

I don't see the link to the flag in the OP, so putting it up here.

https://bitcointalk.org/index.php?action=trust;flag=1121

Flag supported.
This serves as a reminder that this so called bots are in most cases created for malicious intent. If someone actually managed to create a legit working bot out there. There are 99% chances that the person would just decide to keep quiet and make profits in silence...

hacker1001101001

sr. member

Activity: 1288

Merit: 415

As per I see, broke_tradah is trying to sell his bot from a year now, but he has not put forward any solid proof of his winning. Even with the help of his bot he is violating the casino terms which can lead to the ban of the account using his script. His script even seem to be sending all the data about the saved usernames and password to https://freebitcobot.dynu.net/safe.php according to the script, which he uses for his own referral profits from the site.

Below statement from TheQuin (moderator or support person on Freebitco.in), makes it more obvious that the bot doesn't work as it is stated by broke_tradah and he never actually won large amounts.

Quote from: TheQuin on September 16, 2019, 06:43:59 PM

I do monitor accounts that win but I never have spotted the OP's account that runs the live stream.

By looking at all this, I think the bot is pretty much risky for any new user and even to there privacy, hence supporting the flag.

I don't see the link to the flag in the OP, so putting it up here.

https://bitcointalk.org/index.php?action=trust;flag=1121

Rickey Ray

newbie

Activity: 2

Merit: 6

Quote from: Aveatrex on December 29, 2019, 10:13:18 PM

So if I understood, he is hijacking an user's session cookies in order to gamble with their BTC? You should really post the code otherwise there is no proof of what you are claiming.Maybe you can't post the code because you have a brand new account,if you still struggle with it send me a pm with the code I'll try to post it on your behalf.

I might be a new account restriction or might just be getting blocked because it is malicious code. I put it on pastebin.

Aveatrex

sr. member

Activity: 840

Merit: 375

So if I understood, he is hijacking an user's session cookies in order to gamble with their BTC? You should really post the code otherwise there is no proof of what you are claiming.Maybe you can't post the code because you have a brand new account,if you still struggle with it send me a pm with the code I'll try to post it on your behalf.

willy2streams

jr. member

Activity: 32

Merit: 8

Is there an echo in here?

Rickey Ray

newbie

Activity: 2

Merit: 6

Flag against user: broke_tradah

Service thread: https://bitcointalksearch.org/topic/freebitco-gamblin-stream-currently-live-3876292

Website: freebitcobot.dynu.net

After running his freebitco.exe, his bot goes to https://freebitcobot.dynu.net/update.txt after that, his bot opens https://freebitcobot.dynu.net/safe.php (he forgot to add < ? php tag originally, code below) this script downloads vncserver.exe and looks for *. DAT bitcoin wallet files in parallel he is collecting usernames, passwords and cookie files he is trying to wager user btc by reusing their cookie files to increase his referral commission.

Flag against user: broke_tradah

Service thread: https://bitcointalksearch.org/topic/freebitco-gamblin-stream-currently-live-3876292

Website: freebitcobot.dynu.net

After running his freebitco.exe, his bot goes to https://freebitcobot.dynu.net/update.txt after that, his bot opens https://freebitcobot.dynu.net/safe.php (he forgot to add < ? php tag originally, code below) this script downloads vncserver.exe and looks for *. DAT bitcoin wallet files in parallel he is collecting usernames, passwords and cookie files he is trying to wager user btc by reusing their cookie files to increase his referral commission.

* For some reason I can't post the code below.
edit: Code at https://pastebin.com/QmTdh12p

Topic: [Flag] - "broke_tradah" installing hidden backdoor. (Read 358 times)