Categories > Exploiting > Complaints >
Yoink Exposed For Ratting And STILL On The Site??
Posted
So basically, yoink has always been a rat that grabs your information, yet the mods and the owner of WRD STILL promotes it on the website, what the hell is this, remove it.
Replied
bruh mods dont have any control :/
also it clearly says donkey didnt do it
And this is the second report about this from the same guy
little sus but just going to wait it out till I get more info and not jump to conclusions :/
#MEWANTGLOBALCHAT
Cancel
Post
Reputation Goal: 69
#NoMoreMods
#MEWANTGLOBALCHAT
Replied
Lag Switch is a rat not Yoink itself.
https://gyazo.com/2e2a7b06b8364de2f175aed62d724bb7
Cancel
Post
Replied
Read It, Donkey lied about it he tried to say he got ratted then said he got ratted 4 days ago and it has been happening for months.
Cancel
Post
Added
By you downloading the file, if you click and open the yoink file your information is now logged because the lag switch is reading the file and sharing files.
Cancel
Post
Added
Also, Still? Everyone's data is still logged even if he removed the lag switch?
Cancel
Post
Replied
@Coz
I've used yoink and never launched the lag switch, My computer is fine even after scanning I found nothing named "SVCHOST" even after scanning with Malwarebytes
Cancel
Post
Replied
I test exploits on VM's before i use them, It's how I found a dude attempting to rat people with his "exploit" released on forums
Cancel
Post
Replied
That thread includes no proof at all to say it is a rat, let alone malicious. It only shows odd behavior, but there doesn't seem be any damage.
I've taken down Yoink last night because of all the rage over it, so now it is up for investigation. If there is any problem, I'll see to it that corrections are made.
Cancel
Post
Replied
You say there's no proof?
He showed a video of a rat when he opened yoink and donkey admitting that there is a rat in Yoink but denying that it was him.
Cancel
Post
Replied
Man look, lagswitch.exe copies itself into a different directory and adds attributes that makes it hidden (attrib +h+r+a+s appearently). Also who the fk would call his lag switch "explorer.exe" and "svchost.exe"?. This guy does because they are also system process names, pepole won't notice them easily. I'm going to provide you real proof if i somehow deobfuscate this crap. it seems heavily obfuscated
Cancel
Post
Replied
pls tell me once its deobfuscate
because a video only showing some shady process doesn't mean its a rat
#MEWANTGLOBALCHAT
Cancel
Post
Reputation Goal: 69
#NoMoreMods
#MEWANTGLOBALCHAT
Replied
I've been doing malware stuff for a long time and trust me, these actions are something more than just "suspicious". It disables UAC control when it's ran as admin. Disabling UAC is something that only malwares do in order to auto-elavate them. Also why does it pretend to be a system process in task manager?. Why does it write Auto-startup keys to registry that makes it start with computer everytime?.
Cancel
Post
Users viewing this thread:
( Members: 0, Guests: 0, Total: 0 )
Cancel
Post