1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Did anyone else apply for the gaming company in UK

Discussion in 'BlackHat Lounge' started by ravid32, Aug 23, 2016.

  1. ravid32

    ravid32 Power Member

    Joined:
    Jul 28, 2012
    Messages:
    560
    Likes Received:
    89
    A few weeks ago someone created a thread saying they are hiring people to work on their game and test it. They said they were paying minimum of 12 pounds per hour. I applied and a week later got an email with the link to download the demo. When I try to install the file I got a notification from my maleware software and on my desktop say about 15 .lock file on there. Did quick google search and found out those file are called ransomeware. https://malwaretips.com/blogs/remove-locker-virus/

    Did anyone else also applied and got this problem or is it just me?
     
  2. reggie777

    reggie777 Registered Member

    Joined:
    Apr 8, 2016
    Messages:
    80
    Likes Received:
    10
    Location:
    United States
    Same issue,
    It's a scam. They're installing a virus and keylogger to get access to your sensitive info.
     
  3. Reaver

    Reaver Jr. VIP Jr. VIP

    Joined:
    Aug 6, 2015
    Messages:
    1,904
    Likes Received:
    5,458
    Gender:
    Female
    Guys, did you report the user to the mods? They'll be banned but you have to take the initiative.
     
  4. ravid32

    ravid32 Power Member

    Joined:
    Jul 28, 2012
    Messages:
    560
    Likes Received:
    89
    I can't find the thread.
     
  5. Dotte

    Dotte Junior Member

    Joined:
    Jul 25, 2016
    Messages:
    129
    Likes Received:
    10
    haha, I was about to click the link and then I was like nah...this is weird.

    I'm so smart. =D
     
  6. Dotte

    Dotte Junior Member

    Joined:
    Jul 25, 2016
    Messages:
    129
    Likes Received:
    10
    And you guys are dumb.
     
  7. Reaver

    Reaver Jr. VIP Jr. VIP

    Joined:
    Aug 6, 2015
    Messages:
    1,904
    Likes Received:
    5,458
    Gender:
    Female
    And yet you're hiring for someone to take your classes while you sit here trolling a forum and contributing jack shit to it.
     
  8. davids355

    davids355 Jr. VIP Jr. VIP

    Joined:
    Apr 25, 2011
    Messages:
    10,182
    Likes Received:
    7,830
    Home Page:
    I can't find the thread either. I thought it seemed suspicious though.

    Hopefully a mod can check to make sure they are banned.
     
  9. redarrow

    redarrow Elite Member

    Joined:
    Apr 1, 2013
    Messages:
    5,089
    Likes Received:
    1,159
    Agin they save everybody arse

    Malwarebytes
     
  10. kingdom

    kingdom Junior Member

    Joined:
    Sep 17, 2008
    Messages:
    176
    Likes Received:
    135
    I have the same problem. Any help on removing the malware is highly appreciated.
     
  11. elavmunretea

    elavmunretea Elite Member

    Joined:
    May 14, 2016
    Messages:
    1,581
    Likes Received:
    2,109
    Home Page:
    Paying for people to do your homework, probably the cleverest thing one can do
     
  12. Fragmaster

    Fragmaster Jr. VIP Jr. VIP

    Joined:
    Apr 3, 2016
    Messages:
    724
    Likes Received:
    1,013
    Gender:
    Male
    Ransomware? Some kids are watching Mr. Robot too much. Backup your computer at least once a week . I had similar problem once, but i was ready , all files securely stored.
     
  13. kingdom

    kingdom Junior Member

    Joined:
    Sep 17, 2008
    Messages:
    176
    Likes Received:
    135
    My internet connection was also lost due to the virus so i am unable to install the malware removel program what to do?
     
  14. Dotte

    Dotte Junior Member

    Joined:
    Jul 25, 2016
    Messages:
    129
    Likes Received:
    10
    Hahaha kid please. That's for my business, not my personal classes.

    Try harder next time.
     
  15. johnny1221

    johnny1221 Regular Member

    Joined:
    Jan 26, 2015
    Messages:
    260
    Likes Received:
    47
    Im glad I didnt download it. The email was a huge red flag when they told me to send an email to an email address at mail2tor.com
     
  16. Dotte

    Dotte Junior Member

    Joined:
    Jul 25, 2016
    Messages:
    129
    Likes Received:
    10
    Yep. Not only this, but the job offer was too good to be to be true. After I responded to him, I went silent to see if he would insist - when he did I knew it was BS. No one has to beg to find employees to test a video game.

    This was the fuckers last message to me. *facepalm*o_O

    ">Hello again.

    We had issues with the last 2 uploads it seems we had been infected with a
    malware with a message to email [email protected]
    to get files unlocked.
    we have fixed the issues now and this is fully working and tested
    You will need to turn off windows defender and add the file as an
    exception in your AV or turn it off
    this new update will install over the last one and remove any issues.
    i would try web installer first as its more stable at the moment

    this is the new link :

    download: https://mega.nz/#!fJcyjRgK
    decryption key : !ALEOnoLr5dW7RHaD8aOrG5uPJyPGvuv03mX8Vi9EGtw

    Password to the rar file is : gaming



    Please have a small review about the demo and what should be added or
    removed and what you would like to see
    implemented into the game for wednesday, we should also have a rough
    design for the site which we still need mods for.
    Please report any bugs..big or tiny and don't give out your login info...
    you will need this in the future


    Your temporary login details are :

    Username : your email address
    Password : gaming

    please click login when you load the demo and change your details
    you can only change your username once

    BabylonGaming"
     
  17. Dotte

    Dotte Junior Member

    Joined:
    Jul 25, 2016
    Messages:
    129
    Likes Received:
    10
    Strike 1: He was too eager.

    Strike 2. He was banned from mediafire for breaking TOS (what else could this be but malware?)

    Strike 3: The Tor email

    Strike 4: That ridiculous last message.

    Other than that, is was a very well done scam. These guys will make a lot of money off this one.
     
  18. Alex456

    Alex456 Regular Member

    Joined:
    Jan 8, 2016
    Messages:
    322
    Likes Received:
    97
    Occupation:
    Bacon eater
    Location:
    Behind the corner
    Home Page:
    Must have missed it a couple of weeks ago. Good thing I did not sign up, from what I`ve read here in this thread.
     
  19. Nima

    Nima Newbie

    Joined:
    Aug 25, 2016
    Messages:
    0
    Likes Received:
    0
    Gender:
    Male
    Gosh do I feel dumb...

    On the other hand, their scheme was very clever. They contacted me on Upwork.
    They went by Babylon Gaming LTD., the person that made the post went by "Steven Thompson"

    If you do a google search for [email protected] you could find the post through the search engine results, but the posts themselves are all gone.

    They had a Facebook page with +100 likes, which went down just a few days later.

    I actually have most of my files .locked now.

    The "demo" they wanted us to play was actually a ransomware called stampado. It's recent, and has already been cracked. So maybe you can still restore your files.
    It was selling on the dark web for $39 for a lifetime license.

    There's actually a decryption tool already created for this ransomware=> https://decrypter.emsisoft.com/stampado
    The tool works if you have the ID and Contact email of the person who hacked you.

    Unfortunately for me, the popup that showed up didn't even display a real e-mail address. So I haven't been able to get my files unlocked using the decryption tool.
    If anyone else has a screenshot of this ransomware message from these people, I'd want to know what showed as the contact e-mail.

    As far as I know this is the only discussion board on the internet about this specific incident.

    Update: This ransomware will infect your recovery files, even if they're backed up in another drive, as long as the drive is connected to your computer.

    I was able to recover my locked files by using Shadow Explorer. A sigh of relief at last.
     

    Attached Files:

    Last edited: Aug 26, 2016
  20. Reaver

    Reaver Jr. VIP Jr. VIP

    Joined:
    Aug 6, 2015
    Messages:
    1,904
    Likes Received:
    5,458
    Gender:
    Female
    It looks like you can use Spyhunter or Malwarebytes to get rid of it. I don't think you need an email address in either case. I could be wrong though.

    Here's what I found:

    http://www.free-uninstall.org/how-to-remove-stampado-ransomware-decrypt-locked-files/

    http://www.enigmasoftware.com/stampadoransomware-removal/

    I hope this helps.