MALICIOUS CONFIG FINDER [Hitlogger, Infection] - Webhooks, Telegram Bots and Droppers

[2.125]

Greetings, dear friends,
I recently encountered a situation where a user sent me some configs, and upon detection, I found one to be infected, leading to their subsequent ban. Given the noticeable increase in the number of infected configs, I have taken the initiative to share a tool that meticulously scans configurations for Discord webhooks, Telegram bots, and droppers.


What is a hit logger?
A hit logger is a component within the config that transmits your valuable hits to someone else.

What is a dropper?
A dropper is a mechanism that downloads malware, usually spyware, to your computer and initiates its execution.

DISCORD WEBHOOKS
It is very common to find these in configs, as they are by far the most popular type of hit logger. When this tool identifies a webhook, it adds it to a list. Once the tool completes the check, you will be given the option to save these, and subsequently, you can choose to delete all the found webhooks.

TELEGRAM BOTS
These are also common in configs, and unfortunately, you cannot delete them. After the tool finishes checking, you will be given the option to save these links.

DROPPER
Although not as common, droppers are gradually gaining popularity. When a dropper is found in a configuration, "CONTAINS DROPPER!" will be appended next to the config name.

Features:

• Identifies webhooks, Telegram bots, and droppers.
  
• Deletes webhooks.
  
• Saves the webhook and Telegram bot URLs.
  

How to use: Simply open the executable in the same directory as the configs; it will scan all configurations with the loli, anom, and svb extensions.

Download: https://www.upload.ee/files/16267864/Hit...r.exe.html

VirusTotal Link: https://www.virustotal.com/gui/file/6b1e...b9fe2d6992

At any given moment, the nature of malware can evolve based on the attacker's requirements. To enhance your security, consider taking the following steps:

1. Enhance your account security by enabling Two-Factor Authentication. This measure will safeguard your account even if your login credentials are compromised.
   
2. Avoid accessing Cracked on virtual machines or remote desktops where potentially malicious files are often run. This precaution helps protect your system from potential threats.
   
3. Consider using the Malicious Config Finder to further fortify your security measures.
   

Last but not least, report malicious configs.

Wishing you safety and security, ensuring your data remains protected. With love.

[409]

Your [align] is fucked

[2.125]

Youris fucked

good now :D

[24]

Greetings, dear friends,
I recently encountered a situation where a user sent me some configs, and upon detection, I found one to be infected, leading to their subsequent ban. Given the noticeable increase in the number of infected configs, I have taken the initiative to share a tool that meticulously scans configurations for Discord webhooks, Telegram bots, and droppers.


What is a hit logger?
A hit logger is a component within the config that transmits your valuable hits to someone else.

What is a dropper?
A dropper is a mechanism that downloads malware, usually spyware, to your computer and initiates its execution.

DISCORD WEBHOOKS
It is very common to find these in configs, as they are by far the most popular type of hit logger. When this tool identifies a webhook, it adds it to a list. Once the tool completes the check, you will be given the option to save these, and subsequently, you can choose to delete all the found webhooks.

TELEGRAM BOTS
These are also common in configs, and unfortunately, you cannot delete them. After the tool finishes checking, you will be given the option to save these links.

DROPPER
Although not as common, droppers are gradually gaining popularity. When a dropper is found in a configuration, "CONTAINS DROPPER!" will be appended next to the config name.

Features:

• Identifies webhooks, Telegram bots, and droppers.
  
• Deletes webhooks.
  
• Saves the webhook and Telegram bot URLs.
  

How to use: Simply open the executable in the same directory as the configs; it will scan all configurations with the loli, anom, and svb extensions.

Download: https://www.upload.ee/files/16267864/Hit...r.exe.html

VirusTotal Link: https://www.virustotal.com/gui/file/6b1e...b9fe2d6992

At any given moment, the nature of malware can evolve based on the attacker's requirements. To enhance your security, consider taking the following steps:

1. Enhance your account security by enabling Two-Factor Authentication. This measure will safeguard your account even if your login credentials are compromised.
   
2. Avoid accessing Cracked on virtual machines or remote desktops where potentially malicious files are often run. This precaution helps protect your system from potential threats.
   
3. Consider using the Malicious Config Finder to further fortify your security measures.
   

Last but not least, report malicious configs.

Wishing you safety and security, ensuring your data remains protected. With love.

This is actully dope af, thank you man. Also i would like to add i have seen configs where some are even encoded such as basex64 and then decoded to run malicious code.

[2.125]

This is a bump

[2.125]

This is a bump