My run in with some scammers

Singuken

Diabloii.Net Member
My run in with some scammers

There were some ppl in a game with the word dupe in it so me being the IT security person couldn't resist going in. They finally share a url which claims to have a dupe util for d2.

Being safe I booted my laptop up into a live linux distro and visit the site and find not much content and a link to a dupe.exe

I check it for viruses then look at the properties of the exe and find its from a util called autoit and is meant for automating tasks. I installed the autoit app to decompile this exe and begin looking at the code. It checks for the d2 exe to be running and prompts for your resolution. It then switches into the game and begins to empty out your equipped items and then shuts down d2 and turns off your pc.

Just for fun to see if it worked I fired up a single player game and watched it go to work.

I have already sent the url and the 2 battle.net accounts to blizzard and the results of my findings to them.

I'm just curious on what others thoughts are and have people really fallen for scams like this?
 

Superhal

Diabloii.Net Member
what's funny is that if a person is scammed, they can't rest until they get somebody else to fall for the same scam so they don't feel like the stupidest person in the world.
 

Twoflower

Banned
and sorry to say this but blizzard won t give a damn about your email any more

and yes, there are alot of these scams around. a LOT. never ever check any url you get ingame while it is running, that s what i do

on the other hand, you deserve that something like this happens to you if you go there whit the idea to dupe, imho :p
 

Anticrombie

Diabloii.Net Member
I actually have that file on my computer. Someone gave me the URL, and i downloaded it. I made a new account to try it out on, and sure enough, it started trying to drop my stuff (new account, no items) so i had to turn off my computer manually.
 
I loved hounding these guys. None of their programs would ever work on a Mac, so I'd spend half an hour in their games irritating them and asking them why it won't work until they finally get fed up and leave. :lol:
 

Gorny

Banned
DrunkCajun said:
I loved hounding these guys. None of their programs would ever work on a Mac, so I'd spend half an hour in their games irritating them and asking them why it won't work until they finally get fed up and leave. :lol:

Damn MAC user!

I hear the next WoW pach in not mac compatible.

Poor Prov. Poor Bach.

ROFL!
 

AluminumKnight

Diabloii.Net Member
I have a friend that tried to download maphack and had that exact thing happen to him, all his equipment flew off and his computer shut down. I laughed at him.
 

Singuken

Diabloii.Net Member
twoflower said:
and sorry to say this but blizzard won t give a damn about your email any more

and yes, there are alot of these scams around. a LOT. never ever check any url you get ingame while it is running, that s what i do

on the other hand, you deserve that something like this happens to you if you go there whit the idea to dupe, imho :p
I don't expect to hear anything out of them but being in the profession I'm in I felt it appropriate to find out the truth behind their scam and report it to the best of my knowledge. Sorry it comes naturally being the Information Security Officer for a financial institution. I don't think this person was expecting someone who knew what they were doing to be in the game and got mad when I wouldn't leave after I told them I wasnt going to go and run it right then.
 

Dawnmaster

Diabloii.Net Member
Anticrombie said:
I actually have that file on my computer. Someone gave me the URL, and i downloaded it. I made a new account to try it out on, and sure enough, it started trying to drop my stuff (new account, no items) so i had to turn off my computer manually.
Hm, you're not familiar with Trojans it seems to me? What if that program installed a key-logger or account-password-noter?

Sure, you test it out, you don't notice anything bad on the dummy account. You then delete the program (only virusses are pretty hard to get rid of, some even manage to block your virus scan programs) and when you start diablo on your real account.... BAM the Trojan hid somewhere and steals your password.

It's safer not to download anything at all, never!
 

Singuken

Diabloii.Net Member
Dawnmaster said:
Hm, you're not familiar with Trojans it seems to me? What if that program installed a key-logger or account-password-noter?

Sure, you test it out, you don't notice anything bad on the dummy account. You then delete the program (only virusses are pretty hard to get rid of, some even manage to block your virus scan programs) and when you start diablo on your real account.... BAM the Trojan hid somewhere and steals your password.

It's safer not to download anything at all, never!
This was why I tested it out first on a linux pc since I doubt they wrote anything that would work on it not to mention it was a live cd linux distro so D2 wasnt even installed but I did use wine to examine what it did.
 
Top