Results 1 to 19 of 19

Thread: hacked

  1. #1
    Join Date
    Mar 2013
    Posts
    10
    Mentioned
    0 Post(s)
    Quoted
    5 Post(s)

    Default hacked

    I have had no problems at all till after using Catherby_fisherV0.4 [http://villavu.com/forum/showthread....02569&page=10]
    came back on and well i was at lumby with all my cash gone.

    I already logged in so i lost the screen for ip of last log in:/ anything i can do?

    I was also using in the passed days
    1)http://villavu.com/forum/showthread.php?t=100028
    2)http://villavu.com/forum/showthread.php?t=101676


    those were the other ones i used over the passed 5 days.

    all i remember was the ip started with 104. which does not tell a lot
    any way of finding the rest of the ip?

    EDIT: went to change email password just incase and found this
    http://i.imgur.com/bpGlXq4.png?1


    EDIT 2:https://mega.co.nz/#F!e0hBUajb!fgsdmmWSTBNNDcwKdVq2qA
    these are the scripts i have if anyone wants to go through them.

    Edit 3: I'm not blaming any script here i just listed what I have used. i took the risk with botting in the first place.
    Last edited by bmitch5150; 05-20-2013 at 10:22 PM.

  2. #2
    Join Date
    Jun 2007
    Location
    The land of the long white cloud.
    Posts
    3,702
    Mentioned
    261 Post(s)
    Quoted
    2006 Post(s)

    Default

    All 3 of those scripts are clean. You must have got infected from another source.

    Just incase it is someone from these forums, @Justin or @Hobbit can check the ip 109.75.167.42

  3. #3
    Join Date
    Jan 2012
    Posts
    27
    Mentioned
    0 Post(s)
    Quoted
    5 Post(s)

    Default

    The ip 109.75.167.42 is from the United Kingdom, but it looks dead.

  4. #4
    Join Date
    Mar 2013
    Posts
    10
    Mentioned
    0 Post(s)
    Quoted
    5 Post(s)

    Default

    Quote Originally Posted by kocke View Post
    The ip 109.75.167.42 is from the United Kingdom, but it looks dead.
    Yea, I am assuming they are smart enough to use a vpn.

    Quote Originally Posted by The Mayor View Post
    All 3 of those scripts are clean. You must have got infected from another source.

    Just incase it is someone from these forums, @Justin or @Hobbit can check the ip 109.75.167.42
    Thanks and could i put up the other scripts i used too see if any of those were it
    I only used one script from osbots im going to ask one of their moderators too

  5. #5
    Join Date
    Apr 2013
    Posts
    395
    Mentioned
    1 Post(s)
    Quoted
    177 Post(s)

    Default

    So many cases of people using Catherby fisher and got hacked, weird lol. Could you paste your Catherby fisher script here with Simba Tags?

  6. #6
    Join Date
    Mar 2013
    Posts
    10
    Mentioned
    0 Post(s)
    Quoted
    5 Post(s)

    Default

    Quote Originally Posted by Haxz View Post
    So many cases of people using Catherby fisher and got hacked, weird lol. Could you paste your Catherby fisher script here with Simba Tags?
    What do you mean by simba tags?

  7. #7
    Join Date
    Feb 2007
    Location
    Colorado, USA
    Posts
    3,716
    Mentioned
    51 Post(s)
    Quoted
    624 Post(s)

    Default

    yea it's some server in the UKs static IP.. so a vpn or proxy someone used.
    The only true authority stems from knowledge, not from position.

    You can contact me via matrix protocol: @grats:grats.win or you can email me at the same domain, any user/email address.

  8. #8
    Join Date
    Apr 2013
    Posts
    395
    Mentioned
    1 Post(s)
    Quoted
    177 Post(s)

    Default

    Quote Originally Posted by bmitch5150 View Post
    What do you mean by simba tags?
    Click "Go Advanced" on reply, paste your script, highlight the script and click the Simba icon above the reply message box.

  9. #9
    Join Date
    Feb 2007
    Location
    Colorado, USA
    Posts
    3,716
    Mentioned
    51 Post(s)
    Quoted
    624 Post(s)

    Default

    It's running lighttpd which is pretty damn rare, I have only seen people that like it, on this website.. and those that I know like it.. vs nginx, aren't people I would suspect to actually steal stuff
    other than that I haven't seen that web server used in many years
    The only true authority stems from knowledge, not from position.

    You can contact me via matrix protocol: @grats:grats.win or you can email me at the same domain, any user/email address.

  10. #10
    Join Date
    Mar 2013
    Posts
    10
    Mentioned
    0 Post(s)
    Quoted
    5 Post(s)

    Default

    Quote Originally Posted by Haxz View Post
    Click "Go Advanced" on reply, paste your script, highlight the script and click the Simba icon above the reply message box.
    ahh alright i see what you mean
    I just did this before i saw your post if this works. this is all the scripts i've had downloaded which 3 are osbots and rest is simba if this works
    forgot two scripts Edit.
    https://mega.co.nz/#F!e0hBUajb!fgsdmmWSTBNNDcwKdVq2qA

    IF you need me to do what you said i will, just had this already ready.
    Last edited by bmitch5150; 05-20-2013 at 10:14 PM.

  11. #11
    Join Date
    Apr 2013
    Posts
    395
    Mentioned
    1 Post(s)
    Quoted
    177 Post(s)

    Default

    Quote Originally Posted by bmitch5150 View Post
    ahh alright i see what you mean
    I just did this before i saw your post if this works. this is all the scripts i've had downloaded which 3 are osbots and rest is simba if this works
    https://mega.co.nz/#F!e0hBUajb!fgsdmmWSTBNNDcwKdVq2qA
    mistak
    IF you need me to do what you said i will, just had this already ready.
    Can't scan through the scripts for you, don't have Simba installed on this laptop

    But since the "hacker" is somewhat an expert in doing these stuff, I doubt he will do any mistake that eave traces to him.

  12. #12
    Join Date
    Mar 2013
    Posts
    10
    Mentioned
    0 Post(s)
    Quoted
    5 Post(s)

    Default

    Quote Originally Posted by Haxz View Post
    Can't scan through the scripts for you, don't have Simba installed on this laptop

    But since the "hacker" is somewhat an expert in doing these stuff, I doubt he will do any mistake that eave traces to him.
    very true, it was only 1500k so it didn't hurt that bad but it still sucks. i wish i knew which script it was so i could delete it.

  13. #13
    Join Date
    Feb 2013
    Posts
    303
    Mentioned
    4 Post(s)
    Quoted
    124 Post(s)

    Default

    Quote Originally Posted by bmitch5150 View Post
    very true, it was only 1500k so it didn't hurt that bad but it still sucks. i wish i knew which script it was so i could delete it.
    Well at least you Lost Chump change instead of a bank worth 500m

  14. #14
    Join Date
    Mar 2007
    Posts
    5,125
    Mentioned
    275 Post(s)
    Quoted
    901 Post(s)

    Default

    Quote Originally Posted by The Mayor View Post
    All 3 of those scripts are clean. You must have got infected from another source.

    Just incase it is someone from these forums, @Justin or @Hobbit can check the ip 109.75.167.42


    Sorry dude

    Forum account issues? Please send me a PM

  15. #15
    Join Date
    Feb 2007
    Location
    Colorado, USA
    Posts
    3,716
    Mentioned
    51 Post(s)
    Quoted
    624 Post(s)

    Default

    Quote Originally Posted by Haxz View Post
    Can't scan through the scripts for you, don't have Simba installed on this laptop

    But since the "hacker" is somewhat an expert in doing these stuff, I doubt he will do any mistake that eave traces to him.
    .simba files are clear text, textedit on mac.. notepad on windows.. gedit/vi/nano on linux all should open them fine (FYI)
    The only true authority stems from knowledge, not from position.

    You can contact me via matrix protocol: @grats:grats.win or you can email me at the same domain, any user/email address.

  16. #16
    Join Date
    Apr 2013
    Posts
    395
    Mentioned
    1 Post(s)
    Quoted
    177 Post(s)

    Default

    Quote Originally Posted by grats View Post
    .simba files are clear text, textedit on mac.. notepad on windows.. gedit/vi/nano on linux all should open them fine (FYI)
    Never knew that. Thanks for the info.

    Btw, script is clean. And I realize the catherby fisher script is so well written lol.

  17. #17
    Join Date
    Mar 2008
    Posts
    426
    Mentioned
    1 Post(s)
    Quoted
    116 Post(s)

    Default

    Quote Originally Posted by bmitch5150 View Post
    Yea, I am assuming they are smart enough to use a vpn.


    Thanks and could i put up the other scripts i used too see if any of those were it
    I only used one script from osbots im going to ask one of their moderators too
    Countless years of using countless scripts from here (including cath fish) and never got hacked..(over 150m on main bot)
    Honestly man.. This place seems to safe to me.. After 5 years hack free n botting hard.

    That one script you used from osbot prob got your details... n at some point the person decided to log onto your acc n take your bank.. perhaps a while after getting your details.. I dunno, not sure how scammers work.

  18. #18
    Join Date
    Feb 2012
    Posts
    249
    Mentioned
    0 Post(s)
    Quoted
    40 Post(s)

    Default

    Maybe it was the partyhat duplicator I sent you yesterday

    I seriously doubt that it came from Simba mate, been using (almost) all the scripts & never had a strange IP appearing. Too bad thou, these days there are many ways to get keylogged..
    'We ride together, we die together. Badboys for life.'

  19. #19
    Join Date
    Jan 2012
    Posts
    27
    Mentioned
    0 Post(s)
    Quoted
    5 Post(s)

    Default

    I always use the extension security, just to stay safe.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •