Malware detected on W-thunder

williamle · 07/06/2023, 05:34

#

Chesseron · 07/06/2023, 05:58

vouch++

yellow_brick · 07/06/2023, 07:51

Ha, ha! You see now! Moderators covered PatriotUSA (renamed to kind of circle there something about winner now) and not listen the community. They deleted my posts with "no verified purchase" and other completely foolish far-fetched pretexts. And of course, they did not delete any of those of positive obviously paid and WITHOUT VERIFIED PURCHASE/TRADE reviews. That written from fresh accounts almost at the same dates.

There was BIG community reaction to "Winner Circle" (ex. PatriotUSA) actions since he has been exposed in bad things like rats in his software and selling non-original, cracked and leaked software as original. And they didn't do anything. They don't care. They weren’t even interested in the fact that on their site there is a deception and distribution of paid software with hidden bundled malware.

I am more than sure that the moderators or even the administration of this site are in touch with these rat providers that infect your pcs and leak ur personal data via their paid software.

They did everything to make them infect your pcs and get your personal data. So I'm not sure this post will mean anything because we all will be banned I guess. And OF COURSE don't forget to delete this thread and post to cover malware spread.

woman_beater69 · 07/06/2023, 09:51

so, your just posted a bunch of text with a screenshots that clearly says "potential risk" and tryna scare away potential customers? mehh, nice try, what can i say. there's literally no evidence besides your network console "potential risk" results. have you ever tried playing with it with another software? guess what, the results most likely will be almost similiar. it' literally can be like cheese security communicating with server, aka heartbeat. trying to **** off a patriot, are you?

williamle · 07/06/2023, 10:16

Quote:

Originally Posted by woman_beater69

so, your just posted a bunch of text with a screenshots that clearly says "potential risk" and tryna scare away potential customers? mehh, nice try, what can i say. there's literally no evidence besides your network console "potential risk" results. have you ever tried playing with it with another software? guess what, the results most likely will be almost similiar. it' literally can be like cheese security communicating with server, aka heartbeat. trying to **** off a patriot, are you?

I never see heart beat signal trigger a malware, let alone a heart beat signal that weight whole 2.38KB consider a char UTF-8 only cost like 4byte! if u say the heart beat is check by checking sanity of william shakespeare then idk what to say!
also why encode heat beat signal in base64?? and then why you try to invoke shell ?
why would you make host become CnC ?

and also why trigger heart beat while user not using cheat?

heartbeat can be straight up TCP/UDP data call back to server! and only cost like 100 byte at most!

also why trigger heartbeat when user not using cheat ?

FranzESG · 07/06/2023, 10:22

This User called "Patriot USA" was a former Admin of "Absolut-Solutions" he had a 50/50 company with the other Admin named "Absolute". like 3-4weeks ago he backsteped Absolute and tryed to get all the money they made from "Absolute solution" which is one of the best tools i ever used. After his try to get all the money he killed the whole database and left Absolute behind, and took all the code Absolute made with him, as u can read from above hes not a dev.

for my opinion thats enought to call someone a scammer. deal with causion.

williamle · 07/06/2023, 10:23

Quote:

Originally Posted by woman_beater69

so, your just posted a bunch of text with a screenshots that clearly says "potential risk" and tryna scare away potential customers? mehh, nice try, what can i say. there's literally no evidence besides your network console "potential risk" results. have you ever tried playing with it with another software? guess what, the results most likely will be almost similiar. it' literally can be like cheese security communicating with server, aka heartbeat. trying to **** off a patriot, are you?

if the cheat load trigger a malware, it would be detect on incoming traffic, but this clearly the case of cheat fully inject and become CnC
and also like i state, the trigger is well delayed after inject while wireshark and firewall picking up the signal at almost same time!

it just not add up! i was hope this is false alarm but it consistent

FranzESG · 07/06/2023, 10:24

check that evidence pls.

Masterswagger · 07/06/2023, 10:28

Quote:

Originally Posted by woman_beater69

so, your just posted a bunch of text with a screenshots that clearly says "potential risk" and tryna scare away potential customers? mehh, nice try, what can i say. there's literally no evidence besides your network console "potential risk" results. have you ever tried playing with it with another software? guess what, the results most likely will be almost similiar. it' literally can be like cheese security communicating with server, aka heartbeat. trying to **** off a patriot, are you?

Why is your first post ever a dickriding one? "Trying to **** off a patriot", bahahah

The way you typed your text too... sheesh, homie never seen someone this butthurt and defensive of a fraudulent guy.

Rats get smoked, homies get loved

u medac · 07/06/2023, 10:38

Quote:

Originally Posted by FranzESG

This User called "Patriot USA" was a former Admin of "Absolut-Solutions" he had a 50/50 company with the other Admin named "Absolute". like 3-4weeks ago he backsteped Absolute and tryed to get all the money they made from "Absolute solution" which is one of the best tools i ever used. After his try to get all the money he killed the whole database and left Absolute behind, and took all the code Absolute made with him, as u can read from above hes not a dev.

for my opinion thats enought to call someone a scammer. deal with causion.

This is not even a business about absolute,it’s the fact winner circle-mason is proven to be a rat.
I will carefully reinstall my windows and never touch winner/mason ever again.

yellow_brick · 07/06/2023, 22:17

Quote:

Originally Posted by woman_beater69

so, your just posted a bunch of text with a screenshots that clearly says "potential risk" and tryna scare away potential customers? mehh, nice try, what can i say. there's literally no evidence besides your network console "potential risk" results. have you ever tried playing with it with another software? guess what, the results most likely will be almost similiar. it' literally can be like cheese security communicating with server, aka heartbeat. trying to **** off a patriot, are you?

Look at that clown. Login from ur main account PatriotUSA or tell us what you get for registering fresh account and write that post? Too obvious.

Omegaberg · 07/06/2023, 22:40

I dont know if this proof is solid or what not but the guy is sketching, winner's circle, patriot and chad dude I bet its the same guy. from that standpoint that making multiple accounts here is already sketchy now this? I don't wanna blame or flame the guy but in my opinion I would not risk my own customers getting this kind product if it has issues like this. Thanks for the post. I suggest you report the guy though if worst comes to worst.

hughjanus · 07/07/2023, 00:22

This shouldn't be a trading thread - rather a post on the corresponding TBM thread or a ticket in the

. Refer to

1.1

#closed