Thread replies: 71
Thread images: 5
Thread images: 5
Anonymous
Who /malwaremischief/ here? 2017-03-29 05:01:12 Post No. 35871707
[Report] Image search: [Google]
Who /malwaremischief/ here? 2017-03-29 05:01:12 Post No. 35871707
[Report] Image search: [Google]
Robots, invest some NEETBUX into proper remote admin software, a VPN, and a crypter. This is not my image, but it's an example of one of these tools. I don't go to work. I still live with my parents but I've been spreading malware for about a year now, it's easier than you think.
My main targets are RuneScape players/Steam users. They are the easiest to take advantage of. They typically have ingame currency that can be sold for pure profit, and, better yet, PayPal accounts. Using reverse proxy software (steal an infected person's IP) you can buy RuneScape gold with their PayPal and then sell it for BTC for untraceable laundering of money into BTC, so long as you use a fresh account + no trace of your actual IP/Identity on the RuneScape account.
I have over $25,000 saved up from this and I don't get up from my chair.
>>
How long did it take you to amass 25grand?
>>
Holy shit, please tell more. Where could I acquire some of this software/find out how to correctly use it?
>>
Woopdy woo bitch you're absolutely disgusting
>>
>>35871740
If you are good and thorough it can take you 6 months with a little bit of luck. You have to have some NEETBUX to invest in things like fake YouTube views.
Do not be greedy and ruin people financially. In terms of the PayPal theft it's relatively benign/victimless as the owner is likely to get their money back. PayPal does not cover virtual goods/services. And the goldfarming site that you bought from does not care about $100 here and there.
The biggest loss you will incur is laundering the BTC out into cash. Good luck.
>>
you act as if even 10% of the people here were competent enough to do this, let alone do this without getting caught.
>>
Yee, you're the guy who hacked my first runescape account.
I just leveled high enough to wear Bandos armor. After I logged off I logged into a hacked account.
>>
File: beepepe.png (137KB, 680x812px) Image search:
[Google]
137KB, 680x812px
>>35871747
Sounds childish (and it is) but aGFja2ZvcnVtcy5uZXQ= (This is encrypted with Base64, decrypt to get the link.) is a semi-useful resource. All the software is available there. Purchase with BTC and do not use anything that could be linked to your identity.
VPNs typically keep logs of open ports and activities so it's best to do research and find what's called a "bulletproof" host in another country that will not disclose information to federal authorities.
>>35871827
It's trial and error. Start small and figure out the basics of anonymity and identity masking.
>>
>>35871827
It's not about competency literally anyone that pays bills online can do what this fellow is doing, what you do need is a certain lack of morals, or barring that, a desperate enough situation and no other recourse.
>>
Do you mind posting a screenshot of your 25K?
Also this brings up another thought. There are places on the deep web where you can buy stolen credit cards/paypal accounts. Could you purchase one of those then just buy bitcoin and be good?
>>
>>35871880
The reason that I condemn this is because the crime has a victim. The person from whom you buy the Bitcoin is now at a loss. They are not a large(ish) operation that rakes in money daily. The person whose card you used WILL get their money back.
Do not ruin your fellow man. Monetary loss is less impactful if spread upon a larger group of people. Do you feel worse about taking $100 from 10 guys who make $10,000 a day from gold farming or taking $100 from some guy who is just trying to trade his BTC.
>>
>>35871920
That makes sense.
I thought credit card companies had fraud protection/insurance though? I mean this stuff isn't exactly uncommon.
Wouldn't it just take someone making a phone call to their bank for them to get reimbursed? In which case you're just taking money from a big corporation?
Sorry for all the questions. I find this stuff interesting.
>>
>>35871707
but wait a second that's immoral
>>
>>35872001
If it is the case that you are buying from a larger exchange its still likely to be sourced from an individual person.
>I thought credit card companies had fraud protection/insurance though? I mean this stuff isn't exactly uncommon.
"The person from whom you buy the Bitcoin is now at a loss. They are not a large(ish) operation that rakes in money daily. The person whose card you used WILL get their money back."
It is my understanding that charges are reversed more often than card companies pay out of pocket. I may be wrong.
>Wouldn't it just take someone making a phone call to their bank for them to get reimbursed? In which case you're just taking money from a big corporation?
Fair point but you'd better hope the charges don't get reversed and the BTC vendor gets to keep the money, since BTC is non-refundable.
>>
>>35871920
By that same logic, he should feel good for providing a constant stream of income and work to fraud investigators.
>>
>>35871707
Shit like this makes me really paranoid
>>
I don't understand. What is your vector to infect them?
>>
>>35871707
You people are the scum of the earth.
Profiteering off of someone hard earned money at their expense.
You dumb fucking skids all get caught.
>>
>>35872077
This, he didn't really specify
>>
>>35872096
No. Greed is toxic.
I never take everything or too much. If I infect a RuneScape player with monster-killing gear, etc. I will not touch any of that. How is he supposed to rebuild if he is completely ruined?
I have never once taken "too much" from someone. It is important to leave enough for them to still be interested in playing the game because the only difference is that now they will focus on re-earning their gold for the next month.
>>
File: 1479326716880.jpg (5KB, 139x223px) Image search:
[Google]
5KB, 139x223px
How do you even cashout PP?
A simple loader for control and ransomware is easy BTC tho.
>>
>buy hacker tools off tor
>get bot-netted by actual hacker
kek
>>
>>35871858
>download the software
>get malware
op is playing 4d chess with us
>>
>>35872077
>My main targets are RuneScape players/Steam users. They are the easiest to take advantage of.
Fake hacks for dumb kids or dropping drivebys on rs oriented sites, maybe?
>>
>>35872098
Because I have a hard time deceiving people via voice chat or something where I can read their emotions etc I prefer to just mass spread over YouTube.
Anyone with a brain can learn to make a fake but legit looking program and spend 30 minutes editing some footage to make it look like the software worked.
Making quality videos is paramount. I have channels dedicated to almost every niche. I'll use RuneScape again. For instance, if I want to target people specifically I'll have to invest a little. I'll do a legitimate giveaway for a negligible amount of gold (10m?) and the target will almost always be interested since there is LITERALLY no catch. Just ask nicely after giving money away (do trivia or a hide and seek etc) for people to look at your YouTube channel. It's that easy.
>>
>>35872124
There's ways to make money without skimming someone's hard work. I find it to be dishonorable. Do as you will.
>>
>>35872162
Children/teens are easy targets because they have little/no money of their own. What does this mean? Their parents buy their Steam games or RuneScape membership for them. It's also likely that these transactions are made on the same computer. Bingo. Recover passwords and go about your business, and hope the kid doesn't get too much shit from his parents.
>>
>>35872227
I don't play vidya so I don't really know about how to monetize steam or rs accounts, but see
>>35872127
I don't do cards tho, while easy to get, hard to sell.
>>
>>35872127
You steal their IP with readily available software and log in to their PayPal, buy RuneScape gold with it, and then sell the gold to a gold site for BTC.
>>
>>35871707
So this program in the pic let's you manage a botnet? Forgive my ignorance.
>>
File: lain_bored.gif (447KB, 500x375px) Image search:
[Google]
447KB, 500x375px
>>35872319
Damn, I need to add a socks module to my bot
Is your rat using nat hole punching or some kind of reverse proxy shenanigans?
>>
>>35872369
It's kind of a botnet but on a much smaller scale. You can watch their desktop/webcam, recover passwords, manage their files, etc.
>>
>>35872369
Yes, but it looks like a rat aka. a very unsecure way to manage one, as all the bots connect straight to your IP... unless you are using rdp
>>
>>35872384
dont those people have antivirus software?
>>
>be runescape player and steam yser
>see this thread
>mfw
why bully, fampai?
>>
>>35872384
And you trick people into downloading it by packaging it with a fake program like a runescape gold generator or something?
>>
>>35871707
Hello hackforums!
RATFags are absolutely disgusting skiddies, and you should be ashamed of yourself for actually buying RATs from hackforums. Enjoy getting assravaged by the feds in a couple years.
>>
>>35872397
you can buy a crypter (a tool that encrypts your malware and when opened, decrypts it and loads it to memory stealthily) for a couple of bucks. most of them are made with .NET these days and might only work with CIL malware
>>
>>35872439
>RATFags are absolutely disgusting skiddies
it was fun and easy in the early 2000's though, I even made my own shitty rat in c++, it's a damn miracle the thing even worked as the code was glued together with shit and bubble gum
nowadays it's shit and a sure way to get caught
>>
>>35872395
It is a RAT, yes, but the use of a VPN with portforwarding capabilities puts a good enough barrier between you and the people you are connected to. After you do your business, you ghost yourself and they never know what happened.
>>35872418
>>35872397
Yes! That's why encryption software is used. Here's a basic rundown of how it works:
The file and its contents are jumbled into nonsense and the key to unjumble everything is stored in a program that is attached to the now jumbled code. The attached program is called the stub. When you run the encrypted file, the stub is actually what runs. The stub takes the jumbled code and uses the key to decrypt it, and then injects the code into a trusted system process (Think svchost or something) and THEN the code is executed.
>>35872439
RATting is NOT real hacking.
>>
>>35872503
>and then injects the code into a trusted system process (Think svchost or something) and THEN the code is executed.
so how do you get rid of malware injected into a system process?
>>
>>35872555
Everything EVENTUALLY becomes detected. Many antiviruses scan memory upon request. When the code is running in memory, it's completely readable and no longer encrypted. Any good antivirus will get rid of it or give you a notification to scan your PC.
>>
>>35872555
find startup references in registry, which can be difficult if it uses activex startup, delete file and the startup references
hijackthis is a good tool for finding any suspicious activity. also process explorer
>>
so how do I steal someone's tix and robux
>>
>>35871707
>tfw dont know shit about technology
I'd like to do this but I have no knowledge of coding or programming, is it still viable for me to try something like this? Do you know any books I should read or websites you'd recommend so that I can learn more? Also what about taxes, how do you explain that 25k to the IRS?
>>
>>35872715
This isn't something you have to code yourself.
>books I should read
Don't really need any books.
>websites you'd recommend
Look for the beepepe.png on this page.
>taxes
It's all in BTC, trying to devise a scheme to get it out.
>>
does anyone here have tips for putting a keylogger on an iphone?
>>
>>35871707
No way stealing from PayPal and hoping they don't notice the change in the time you still have all their info is risky as fuck
>>
>>35872809
Not to mention taking and converting all their ingsme currency to bitcoin
>>
OP still hasn't said how he infects players. Get them to download and execute a trojan?
>>
>>35872830
That shit takes like 10 minutes.
>>35872809
It literally takes 10 minutes.
>>
>>35872758
Maybe say you won it gambling or something but then they'd be suspicious about why you got paid in BTC. Maybe what you could do is claim that you made it day trading BTC or something, you could deposit a reasonable amount of money and then claim that you made it through a few lucky trades, I don't really know.
>>
>>35872319
Isn't it impossible to transfer large sums of gold in runescspe? Especially in a timely manner? Do you wait till 4 am to do this or something?
>>
>>35872843
Make youtube video pretending to be some runescape hack with a link to some executable.
People click link and get infected.
??? steal their info
>>
>>35872843
Go read >>35872167
You kidding me brah?
>>35872863
Nope, they brought back "free trade".
Yes, I have sometimes stayed up at very odd hours to get someone because they have authenticator and they have "remember me on this PC" enabled.
>>
>>35872866
the most oversaturated method on planet earth, yet apparently it still works on people..
>>
File: 13227053_723503777752099_4279165038706115597_n.jpg (43KB, 960x558px) Image search:
[Google]
43KB, 960x558px
>>35872848
I dont even know how to visit the deep web
like, i download tor and then what? How do i find websites while browsing the deepweb?
Forgive my ignorance but i have trouble believing that TOR browsers come with an in built search engine
>>
>>35872912
This has nothing to do with the deepweb, friend.
This is OP signing off for the night, I have to go to sleep. Caffeine crash is fucking me up.
>>
>>35872912
Look up the basics of VPNs and proxies online there are some good subreddits that have guides about how to stay anonymous online. Download TAILS or TOR and you're good to go.
>>
>>35872946
Ah well, yet another there where i set myself up to be the biggest witless fuck ever. Thank you for the tips, i will do more research on this and possibly follow in your footsteps
>>
>Hey guys it's OP anyone else like stealing from children
Looo-ser
>>
>>35872875
It's a long way from making someone click a link to infecting their machine. And besides, if your links are in the youtube text itself, you bet they are scanned for malware.
>>
>>35872124
How the fuck can you justify stealing peoples shit you dirtbag
>>
>>35872875
Can I do this as a backup plan if I'm computer illiterate
It sounds so devilish
>>
>>35872663
>tfw dominustrex got my little brother's account
>>
>>35872124
Are you the shitlord who dropped my 2b worth of dueling gear on rs a few months back?
>>
>>35872758
>It's all in BTC, trying to devise a scheme to get it out.
Buy linden dollars in second life, cash those into real dollars via their lindex exchanges.
thank me later
>>
>do this but in WoW
>log into every character and sell all their equipped items and inventory to vendors to get those extra gold
>instead of selling the gold to resellers, I buy/sell mounts myself for real money
been doing this for the last 4 years, never been caught
>>
>>35873776
Can you do a slightly eloberste green text of process? I thought everything on wow was bound to your account.
How much does this shit sell for? Could you make good money selling it just playing wow?
>>
>>35873776
can you elaborate on how you do this and how much money you make from it?
>>
>>35873791
>I thought everything on wow was bound to your account.
Not since the Panda expansion I think, stuff like mounts you get from the TCG and buy from the cash with real money are tradeable.
Thread posts: 71
Thread images: 5
Thread images: 5