Proof Cobalt installs a Bitcoin miner

Quote:

Originally Posted by MoronaTiziaACaso I won't even comment this, but can you PLEASE tell me how can someone take seriously a provider that put into the cheat a " virus remover" ? Of something that is also probably spredead by you? When you are also using kdmapper 1:1 , public code, loader wasn't evenn packed, you are the definition of a scummy provider At this point you are pure comedy, I don't even care about you, and your horrible cheat, everyone has saw that you are doing sus things, have a nice continuation in spreading malwares, and selling terribly pasted cheats! With this is all

How stupid are you? You statically analyse the loader for strings and jump to assumptions that it's malicious because it says the word "discord". If you actually knew what u were doing and reversed it properly ( instead of acting like you know what ur doing and looking at string references like you're a professional reverse engineer ). You'd know that all of those strings are for a cleaner that removes a spesific token logger that appears to have been spread by ACD users and other cheat developers in order to undermine cobalt. This token logger was bound to the official loader which can be done with ANY executable file, protected or not (Which you'd also know if you actually had any sort of attention span and stopped rotting ur brain on hvh for more then 5 mins). As fff previously stated he doesn't pack his loader as it causes antivirus detections and I'm assuming he also wants to keep a level of transparency with his customers. Not packing it allows people to view the loader code (other then important functions which were virtualized for protection) and strings so they can see that the loader doesn't do anything malicious.

My conclusion.

You have no clue what you're doing at all. You seem like you've just figured out how to view string references and now you think you're a cracking, reverse engineering god.

You still haven't proved that "DRM" has ANYTHING to do with cobalt. Why not use ur magic string references to show that cobalt downloads that? Because so far no one has proven that it has anything to do with cobalt.

I've used cobalt for nearly 2 months now and I have had 0 issues and I don't have DRM or the index.js. So where is all the proof?
All I've seen is inconclusive bullshit. The 1st image with the antivirus detecting DRM with the cobalt loader open. How does that prove it came from cobalt??
All of the strings you showed, have all been explained and source code shown by FFF. And you can even check them in IDA like he said, and you'll see that it is for cleaning the virus that other providers and users spread.

Now that you've realised you have no evidence and all ur points have been disproven you just resort to insulting and sperging... Too much hvh my friend. It's rotting ur brain.

Learn how to actually reverse engineer and check ur facts before you come spewing missinformation newcomer. Just because you figured out how to check strings of an UNPACKED program, doesn't make you a god, and it doesn't make you correct. Context matters.

13512 btw...

Quote:

Originally Posted by MoronaTiziaACaso And with this , and the other video, and all the claim , we can say BYE BYE to cobalt scamlutions [Only registered and activated users can see links. Click Here To Register...] Watch my latest video, my G :) you are running a comedy at this point , and after showing everyone that you are spreading directly the malware, showing my HOSTS file, cleaning WININET cache , cookies, and also using a CLEAN VIRTUAL MACHINE with another USER AGENT and browser, I think you should just stfu atleast paster, and spreading malware, you can't do worse xD

Incredible how you can literally 2 times now claim something that you haven't even proven. As said before in another post. You don't know what you are doing, and how to properly provide proof to your claims.

Before you claim something again, try to actually provide enough. Im sure everyone here "defending" Cobalt will personally apologies if the proof is sufficient to the claims.

To summarize:

1. There have been spread an infected Cobalt loader "Client.exe".
2. It have been suspected that it have spread through out the Cobalt discord and DM.
3. It have been proven it's a miner/grapper.
4. It has been proven that it's connected to ACD discord.
5. It has not been proven it wasn't spread though Cobalt's website. (Your claim, without sufficient proof.)
6. It has been proven that not everyone using the Cobalt loader "Client.exe" have been infected.
7. Is has been proven that Cobalt's loader "Client.exe" is unprotected and can be modified by anyone.

I don't see enough evidence to say that Cobalt have been spreading Malware to their customers.
I find it more likely that some have spread it to decrease their growing Customer numbers, and put them in bad light. There is a reason why everyone is innocent until proven wrong.

Quote:

Originally Posted by MoronaTiziaACaso I won't even comment this, but can you PLEASE tell me how can someone take seriously a provider that put into the cheat a " virus remover" ? Of something that is also probably spredead by you? When you are also using kdmapper 1:1 , public code, loader wasn't evenn packed, you are the definition of a scummy provider At this point you are pure comedy, I don't even care about you, and your horrible cheat, everyone has saw that you are doing sus things, have a nice continuation in spreading malwares, and selling terribly pasted cheats! With this is all

What, You haven't acknowledged what I said? you're just calling my cheat shit. You're not even trying to prove its a "RAT" anymore.

Quote:

Originally Posted by lort1234 Incredible how you can literally 2 times now claim something that you haven't even proven. As said before in another post. You don't know what you are doing, and how to properly provide proof to your claims. Before you claim something again, try to actually provide enough. Im sure everyone here "defending" Cobalt will personally apologies if the proof is sufficient to the claims. To summarize: 1. There have been spread an infected Cobalt loader "Client.exe". 2. It have been suspected that it have spread through out the Cobalt discord and DM. 3. It have been proven it's a miner/grapper. 4. It has been proven that it's connected to ACD discord. 5. It has not been proven it wasn't spread though Cobalt's website. (Your claim, without sufficient proof.) 6. It has been proven that not everyone using the Cobalt loader "Client.exe" have been infected. 7. Is has been proven that Cobalt's loader "Client.exe" is unprotected and can be modified by anyone. I don't see enough evidence to say that Cobalt have been spreading Malware to their customers. I find it more likely that some have spread it to decrease their growing Customer numbers, and put them in bad light. There is a reason why everyone is innocent until proven wrong.

Just to clarify I've only downloaded Cobalt Loader from their website and I ran into this issue of the miner...

what shit move from thm

Quote:

Originally Posted by TwistedLobby Just to clarify I've only downloaded Cobalt Loader from their website and I ran into this issue of the miner...

I find that hard to believe since i have done the same and didn’t get infected with a miner. As i stated, no one have been able to prove this properly.

As i wrote before, i think someone (most likely a conpetitor) have spread a infected Cobalt loader Client.exe on Discord. And because of this the only thing people are able to see, is that it was Cobalt that spread it, either because they see this as a good opportunity to ruin their business and make their own Company grow because of this. Or they can’t seem to understand that there is no proof of Cobalt spreading the infected loader.

There is too many unknown sources of “proof” and too many things that makes unlikely that it’s Cobalt that’s have been spreading the infected loader.

As wrote before, only a very low amount of people have had the miner on their pc because of the infected loader. If anyone look in Cobalts discord, and read about the people that have had the miner on their pc, most of them have said they downloaded the Cobalt loader from their discord.

I have been in their discord for some months now, it until this miner was found people regually shared “Client.exe” in the Discord, even non staff did this. And that is a mistake from Cobalts side, that they allowed this.

Cobalt have been accused of having a miner in their loader for months, do you really think they would have a unprotected loader with a miner/grapper in it when they have been accused of this? And do you really think they would ruin their own highly growing business that makes they Money each month for a small amount of infected customers.

I think these accusations are wrong and have only been made to harm Cobalt and they reputation, since there is no actual proof that shows a Cobalt loader Client.exe have been infected with a miner/grapper.

People just start to more into these things before they start accusing Cobalt for something that’s this harmful for a business.

Prove you accusations the right way with no doubts of the proof, and i will gladly take everything i have wrote back and apologize to everyone that was right. But before that’s the case, stop the accusations, since you are in the wrong.

Quote:

Originally Posted by TwistedLobby Just to clarify I've only downloaded Cobalt Loader from their website and I ran into this issue of the miner...

Yeah we know. These same 3 or so guys on here trying to prove cobalt’s innocence are wasting their time. Cobalt got caught, everyone already knows. The damage is done.

Quote:

Originally Posted by C0MMODUS Yeah we know. These same 3 or so guys on here trying to prove cobalt’s innocence are wasting their time. Cobalt got caught, everyone already knows. The damage is done.

It’s easy to say something but hard to prove it.

Quote:

Originally Posted by C0MMODUS Yeah we know. These same 3 or so guys on here trying to prove cobalt’s innocence are wasting their time. Cobalt got caught, everyone already knows. The damage is done.

It's just funny at this point they keep trying. Only place I have ever downloaded their loader is from their website and they're saying oh no someone was spreading it through dms etc. If they could explain to me how I got infected especially if I downloaded it straight from their website...

Also, to add on they removed the announcement of this so called Accusation. It'd be better if they accept defeat and be transparent with their customers.

Quote:

Originally Posted by TwistedLobby It's just funny at this point they keep trying. Only place I have ever downloaded their loader is from their website and they're saying oh no someone was spreading it through dms etc. If they could explain to me how I got infected especially if I downloaded it straight from their website... Also, to add on they removed the announcement of this so called Accusation. It'd be better if they accept defeat and be transparent with their customers.

Yet again this is hearsay. Where is your proof that for the entirety of your time using cobalt you ONLY downloaded it from the website? Where is your proof that you even had the miner or that the miner came from cobalt? Anyone can come on this forum and go "OOO OOGAA BOOGA COBALT RAT" Without any proof. This is why society is inocent until proven guilty. You are standing on flawed logic. I have still yet to see any evidence that is even slightly concrete other then people repeating themselves.

Every single bit of "proof" has been shown to be wrong and even source code has been posted to back it up. No one should have to PROVE their inocents. That isn't how the world works.

And the ALL discord announcements are removed after 24h... It is to prevent the server from getting terminated. They've done it since the discord got termed.

Everyone from now on that sits here saying this shit without any proof has no leg to stand on. They are clearly here just from other competitors and have never actually used the cheat. They are here to spread false information and ruin an amazing business. Me and the other 99% of cobalt users have never had any issues with cobalt.

Fff was even nice enough to add a token logger REMOVER to the loader to prevent people from being token logged and you try to use that as an excuse to say his cheat is malware? Dude get real.

As this hasn't been posted here yet, Here's the explanation:

Quote:

Hello everyone. I feel awful that I have to make this announcement today, recently, we have found that Squish (who handles our servers and our overall site security) would regularly upload injected loaders to our servers while I was sleeping, and then replace them when I was online or awake. I apologize for trusting the wrong person, This person has helped me in the past multiple times and I believed that I knew him and could trust him. Squish was not related to cobalt development in anyway and was simply meant to be handling DDoS protection and hosting. From this point forward, I have revoked his passwords and credentials to all of Cobalt's servers. The site was not breached nor did he exploit the site. **After being found out, Squish is now trying to extort me out of $10k and threatening to do more damage:** He has also tried to turn my support members against me by sending them pictures of DMs out of context. We are currently actively working with a new web developer, This should fix a bunch of the issues people were facing as Squish wasn't doing much. The new website will feature a brand new design and many more functionalities :) **I would also like to sincerely apologize to ACDiamond for accusing them of ratting my customers. I did not do this to sabotage them, as I believed they were the actual culprits, Squish found the "evidence" and convinced me of it as you can see from the following image ( The invite link was the ACDiamond server, but it has expired. ):** **NOTE:** If you would like to make sure you're safe, reinstall discord, and change your discord password and you should be fine, The infected version was not very sophisticated. **NOTE:** We have changed servers, and now you are perfectly safe running from the official website :thumbsup: || @everyone ||

[Only registered and activated users can see links. Click Here To Register...]

Conclusion : Never trust furries

FFF/Cobalt, that's bullshit. So your website/DDOS guy downloaded the loader from directory, somehow added malware to it despite it's protection, then uploaded it again, always timing it with when you sleep?

& before this, the story was that there was no malware on your site at all, only Discord.

& before that, the story was that there was malware on your site but ACD hacked your site & added malware to your loader.

You're so full of shit & I cannot believe that your users are still lining up for your malware distribution.

[Only registered and activated users can see links. Click Here To Register...]

Quote:

Originally Posted by lort1234 To summarize: 1. There have been spread an infected Cobalt loader "Client.exe". 2. It have been suspected that it have spread through out the Cobalt discord and DM.

Hey, it wasn't spread on Discord, it came from his official website.

Source: Cobalt's owner fff:

[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]

Take a look at this

[Only registered and activated users can see links. Click Here To Register...]

Quote:

Originally Posted by zebleer FFF/Cobalt, that's bullshit. So your website/DDOS guy downloaded the loader from directory, somehow added malware to it despite it's protection, then uploaded it again, always timing it with when you sleep? & before this, the story was that there was no malware on your site at all, only Discord. & before that, the story was that there was malware on your site but ACD hacked your site & added malware to your loader. You're so full of shit & I cannot believe that your users are still lining up for your malware distribution. [Only registered and activated users can see links. Click Here To Register...] Hey, it wasn't spread on Discord, it came from his official website. Source: Cobalt's owner fff: [Only registered and activated users can see links. Click Here To Register...] [Only registered and activated users can see links. Click Here To Register...] [Only registered and activated users can see links. Click Here To Register...] [Only registered and activated users can see links. Click Here To Register...]

You where right i was wrong. It was spread through their website.