someone has received an email from blackd forums?

I smell Darkslap on this thread.

Tibia is a fucking game, an internet game. You really believe there are people who create undetectable viruses? For Tibia? what next? :D
@DarkstaR you can claim anything but without proof it's nothing. Send me some virus pls that I can't detect and its ok. But until then you just base your argumentation on unproofed claims

Quote:

---

Originally Posted by dinmamma

You have to run it as admin @firestone chetos
Otherwise it won't show anything.

---

yeah, chat with daniel peña, he told me that, it´s okay, just concerning to some tools and not all downloads, i checked all with esset antivirus and now it´s okay, after that 2 viruses that idk where i get it (tibiamaps.org??) but keep warning, maybe from some tibia fansite, tools or proxys downloads... i really don´t remember where i get that viruses, anyway it is rubbish now.

Quote:

---

Originally Posted by NeeP

Tibia is a fucking game, an internet game. You really believe there are people who create undetectable viruses? For Tibia? what next? :D
@DarkstaR you can claim anything but without proof it's nothing. Send me some virus pls that I can't detect and its ok. But until then you just base your argumentation on unproofed claims

---

Making viruses to Tibia or other games is safer than breakin into company to get some info. Any kid won't call police if he lose crown set, company will if they lose imporntant data...

Quote:

---

Originally Posted by dedi

Making viruses to Tibia or other games is safer than breakin into company to get some info. Any kid won't call police if he lose crown set, company will if they lose imporntant data...

---

Don't worry about him. He thinks he knows more about hacking concepts than the bot developer who gives talks at hacking conferences.

Quote:

---

Originally Posted by DarkstaR

Don't worry about him. He thinks he knows more about hacking concepts than the bot developer who gives talks at hacking conferences.

---

I never said I know more but I would love to know from you why u think hackers and virus creators who are able to make undetectable viruses are focussing on tibia. never seen an undetectable virus yet. so proove me wrong.

Quote:

---

Originally Posted by NeeP

I never said I know more but I would love to know from you why u think hackers and virus creators who are able to make undetectable viruses are focussing on tibia. never seen an undetectable virus yet. so proove me wrong.

---

Virus detection relies on 2 methods:

#1: Signature detection
#2: Predictive heuristics

Hacking Tibia relies on only 3 abilities:

#1: Run when tibia runs
#2: Read memory (not keylogging, like 99% of the community thinks)
#3: send network data


Now let's take a look at the detection methods and intersect them with Tibian viruses:

#1: Signature detection wont work. Virus companies only develop signatures for wide-spread viruses that have been analyzed by professional malware analysts. Every time Tibia updates, the virus will change, and therefore the signature will change, causing it to be FUD (fully undetectable) again. So, even if the AV companies did get a signature (unlikely), it would take months got it to get into their database, and the signature would be obsolete by that time.

#2: Heuristics wont work. The main point of heuristics is to detect packed executables, system rootkits, keyloggers, and software which tries to stay persistent. Since most Tibian viruses are in the form of bots or MCs, they can easily run when Tibia runs without a need for persistence. They can also modify Tibia to load them automatically, which can still be detectable in some cases, but is easy to hide and highly effective. Since all a Tibian virus does is read account and password from memory, and then send that over the network, they usually don't get detected by signatures or other simple heuristics, so packers and rootkits aren't needed. This is because many legitimate programs do similar things (hell, XenoBot reads memory and sends network data hundreds of times per hour), so detecting it without much more solid predictive points would cause many false positives in the real world.


Conclusion:

With just a little bit of care and misdirection, Tibia viruses can be made that wont be detected. It doesn't take some malware development god. I can do it in my sleep. And you made me waste 10 minutes explaining why, instead of just taking my word for it, you annoying little cunt.

Quote:

---

Originally Posted by DarkstaR

Virus detection relies on 2 methods:

#1: Signature detection
#2: Predictive heuristics

Hacking Tibia relies on only 3 abilities:

#1: Run when tibia runs
#2: Read memory (not keylogging, like 99% of the community thinks)
#3: send network data


Now let's take a look at the detection methods and intersect them with Tibian viruses:

#1: Signature detection wont work. Virus companies only develop signatures for wide-spread viruses that have been analyzed by professional malware analysts. Every time Tibia updates, the virus will change, and therefore the signature will change, causing it to be FUD (fully undetectable) again. So, even if the AV companies did get a signature (unlikely), it would take months got it to get into their database, and the signature would be obsolete by that time.

#2: Heuristics wont work. The main point of heuristics is to detect packed executables, system rootkits, keyloggers, and software which tries to stay persistent. Since most Tibian viruses are in the form of bots or MCs, they can easily run when Tibia runs without a need for persistence. They can also modify Tibia to load them automatically, which can still be detectable in some cases, but is easy to hide and highly effective. Since all a Tibian virus does is read account and password from memory, and then send that over the network, they usually don't get detected by signatures or other simple heuristics, so packers and rootkits aren't needed. This is because many legitimate programs do similar things (hell, XenoBot reads memory and sends network data hundreds of times per hour), so detecting it without much more solid predictive points would cause many false positives in the real world.


Conclusion:

With just a little bit of care and misdirection, Tibia viruses can be made that wont be detected. It doesn't take some malware development god. I can do it in my sleep. And you made me waste 10 minutes explaining why, instead of just taking my word for it, you annoying little cunt.

---

still, only because some ppl can do undetectable viruses, there's no reason to have no AV at all. It's like driving a car without any security measures cuz 60% of all crashes are deadly anyway, with or without security measures. Means, you still can filter out alot of detectable viruses. That's why there are AV on the market, even for free. If the general opinion on it would be like you said, it's useless anyway why would ppl then make those AV? Not all AV are paid so it's not the profit they are aiming for

Quote:

---

Originally Posted by NeeP

still, only because some ppl can do undetectable viruses, there's no reason to have no AV at all. It's like driving a car without any security measures cuz 60% of all crashes are deadly anyway, with or without security measures. Means, you still can filter out alot of detectable viruses. That's why there are AV on the market, even for free. If the general opinion on it would be like you said, it's useless anyway why would ppl then make those AV? Not all AV are paid so it's not the profit they are aiming for

---

I never said anything about that. I said two completely unrelated things:

#1: I don't use an AV
#2: Tibian viruses aren't detected by AV

There is no relation intended those two statements. So why the hell are you trying to find a reason to correct me? If you want to use an AV, fine, use one. But I don't. Because I have better methods of defense and common sense.

Quote:

---

Originally Posted by DarkstaR

I never said anything about that. I said two completely unrelated things:

#1: I don't use an AV
#2: Tibian viruses aren't detected by AV

There is no relation intended those two statements. So why the hell are you trying to find a reason to correct me? If you want to use an AV, fine, use one. But I don't. Because I have better methods of defense and common sense.

---

which methods of defense are better than AV?