To people who got their keys stolen and / or DLed hacks

[rekrul 91]

I was a bit torn on whether to post this or not. On one side, I'm helping out people who are trying to cheat but on the other side, I'm strongly discouraging it. I took a cop out and decided to let the moderators decide.

So I've been following the "hacker scene" for some time, the open one that is. There's no public BattlEye bypass available out there. BE bypasses exists of course, but with very limited distribution since BE detects the public ones within days. BE scans memory and does random pattern searches which is throwing most bypassers to ground. That means that every single one of those youtube "free" hacks and most public forums that doesn't state you need a working BE bypasser is a key-stealer. I've also analyzed these hacks, using Anubis and although it won't show you their true nature since there's no Arma or key installed on Anubis' system (and I don't want the hassle of removing it from my own PC), more and more of these hacks are leaving stuff behind. That means that even though you delete the file, it has already left its "child" behind which will continue to read your CD-key entry.

That means that once you've ran it, it will leave something behind. If you register a new key, it will be sent to the hacker as well. An important note here is that none of the anti-virus programs I have tested with report the file(s) as dangerous or harmful. That's because the file doesn't spread itself which all viruses do, but bear in mind that I haven't tested with its offspring on my PC and then scan with AV so it might pick up something then but I highly doubt it since it isn't set to copy itself elsewhere.

tl;dr: All public hacks are cd-key stealers. Key-stealers now leave files behind to continuously report back new cd-keys if you buy new ones. Anti-Virus won't detect it.

[Pikachu (DayZ) 9]

Interesting.

Hopefully shows the general users or the would-be entry level hackers that it's not worth downloading a google'd hack. Just going to end up with $30 (+$30, +$30, etc.. until they figure it out) bucks of worthless code.

[rekrul 91]

I should also add that youtube videos that offer "FPS fix" or "Performance booster", etc does the same thing.

[nickcaff 0]

so ita hacher that does it and evrerytime you buy a new one they steal it again and its a vurus so its gonna fuck with all ya shit ? interseting

i gave pickachu my beans what the hell is that supposed to mean ?

Edited March 26, 2013 by nickcaff1

[rekrul 91]

Your post didn't make a lot of sense, but anti-virus programs will NOT flag it as the stealer is not set to copy itself/spread which is (part of) what anti-virus programs check for. And yes, my analysis shows that it leaves a process running (that restarts when rebooted) that probably steals your key. Please note that this is just a conclusion I reached with out confirming it as I didn't want the hassle of removing the processes it leaves behind.