[Flag] - "broke_tradah" installing hidden backdoor.

[Rickey Ray]

Flag against user: broke_tradah

Service thread: https://bitcointalk.org/index.php?topic=3876292.0

Website: freebitcobot.dynu.net

After running his freebitco.exe, his bot goes to https://freebitcobot.dynu.net/update.txt after that, his bot opens https://freebitcobot.dynu.net/safe.php (he forgot to add < ? php tag originally, code below) this script downloads vncserver.exe and looks for *. DAT bitcoin wallet files in parallel he is collecting usernames, passwords and cookie files he is trying to wager user btc by reusing their cookie files to increase his referral commission.

Flag against user: broke_tradah

Service thread: https://bitcointalk.org/index.php?topic=3876292.0

Website: freebitcobot.dynu.net

After running his freebitco.exe, his bot goes to https://freebitcobot.dynu.net/update.txt after that, his bot opens https://freebitcobot.dynu.net/safe.php (he forgot to add < ? php tag originally, code below) this script downloads vncserver.exe and looks for *. DAT bitcoin wallet files in parallel he is collecting usernames, passwords and cookie files he is trying to wager user btc by reusing their cookie files to increase his referral commission.


* For some reason I can't post the code below.
edit: Code at https://pastebin.com/QmTdh12p

[1714845219]

1714845219

[1714845219]

1714845219

[1714845219]

1714845219

[1714845219]

1714845219

[1714845219]

1714845219

[willy2streams]

Is there an echo in here?

[Aveatrex]

So if I understood, he is hijacking an user's session cookies in order to gamble with their BTC? You should really post the code otherwise there is no proof of what you are claiming.Maybe you can't post the code because you have a brand new account,if you still struggle with it send me a pm with the code I'll try to post it on your behalf.

[Rickey Ray]

So if I understood, he is hijacking an user's session cookies in order to gamble with their BTC? You should really post the code otherwise there is no proof of what you are claiming.Maybe you can't post the code because you have a brand new account,if you still struggle with it send me a pm with the code I'll try to post it on your behalf.

I might be a new account restriction or might just be getting blocked because it is malicious code. I put it on pastebin.

[hacker1001101001]

As per I see, broke_tradah is trying to sell his bot from a year now, but he has not put forward any solid proof of his winning. Even with the help of his bot he is violating the casino terms which can lead to the ban of the account using his script. His script even seem to be sending all the data about the saved usernames and password to https://freebitcobot.dynu.net/safe.php according to the script, which he uses for his own referral profits from the site.

Below statement from TheQuin (moderator or support person on Freebitco.in), makes it more obvious that the bot doesn't work as it is stated by broke_tradah and he never actually won large amounts.

I do monitor accounts that win but I never have spotted the OP's account that runs the live stream.

By looking at all this, I think the bot is pretty much risky for any new user and even to there privacy, hence supporting the flag.


I don't see the link to the flag in the OP, so putting it up here.

https://bitcointalk.org/index.php?action=trust;flag=1121

[Bitcoin_Arena]

I don't see the link to the flag in the OP, so putting it up here.

https://bitcointalk.org/index.php?action=trust;flag=1121

Flag supported.
This serves as a reminder that this so called bots are in most cases created for malicious intent. If someone actually managed to create a legit working bot out there. There are 99% chances that the person would just decide to keep quiet and make profits in silence...

[HCP]

I have supported this flag, and it is now active... peddling a bot with claims of "guaranteed" winning is one thing... peddling malware designed to steal usernames/passwords and wallet files is a completely different level of scum.

[LFC_Bitcoin]

Flag supported (DT1)

There is now enough support on this flag (the required 3 DT members) for it to be active.

[LTU_btc]

I thought that he is just annoying troll who promote his not working bot and post nonsense on Freebitco.in threads... But seems that he is much more malicious...
Do I understand correctly that if I would use his script, he would have access to my Freebitco.in account and my desktop wallet files?
Doesn't he deserves to be banned? Because:

6. No linking to phishing or malware, without a warning and a valid reason. [e]

[LeGaulois]

I thought that he is just annoying troll who promote his not working bot and post nonsense on Freebitco.in threads... But seems that he is much more malicious...
Do I understand correctly that if I would use his script, he would have access to my Freebitco.in account and my desktop wallet files?
Doesn't he deserves to be banned? Because:

6. No linking to phishing or malware, without a warning and a valid reason. [e]

Yes but you need to create an account using his referral link before, he developed it to only work on accounts that joined under his referral link
I see in the code, briefly,  it uses vnc, bypass the UAC and it scans your PC to look for .dat file

/Common Dirs
//       $dirs[1][] = 'D:/';
//       $dirs[1][] = '/';
//       $dirs[3][] = '/Users/*/Desktop';
//       $dirs[3][] = '/Users/*/Documents';
//       $dirs[3][] = '/Users/*/Downloads';
//       $dirs[3][] = '/Users/*/OneDrive';
//       $dirs[2][] = '/Users/*/AppData/Roaming';

I also saw there are people using the bot, (so infected), on their Samsung TV What the hell are they doing with faucets on TV?  

[hacker1001101001]

Doesn't he deserves to be banned? Because:

6. No linking to phishing or malware, without a warning and a valid reason. [e]

This doesn't apply here as he is not posting any links to steal your money or info, rather his costumers already know they are risking there account to him by using his bot just by looking at the script.

He is more or less violating the facuets rules on Freebitco.in and other such website and should be banned there.

I also saw there are people using the bot, (so infected), on their Samsung TV What the hell are they doing with faucets on TV? 

Pretty Cheap LOL !