Duke4.net Forums: UNDENIABLE EVIDENCE THAT MELTDOWN IS MALWARE - Duke4.net Forums

Jump to content

  • 2 Pages +
  • 1
  • 2
  • You cannot start a new topic
  • You cannot reply to this topic

UNDENIABLE EVIDENCE THAT MELTDOWN IS MALWARE  "NEVER AGAIN, NEVER FORGET"

User is offline   Radar 

#1

The purpose of this thread is to publicly document that the netplayer client known as Meltdown, available for download from duke3donline.com, is a malicious program capable of bsoding your machine at the whim of its creator, Poda.

Do not use this program. Do not download it. Do not install it. Do not support it in any way.

It's time we expose this hacker once and for all.



This post has been edited by Fox: 10 February 2020 - 05:04 PM
Reason for edit: Text formatting

24

User is offline   OpenMaw 

  • Judge Mental

#2

Wow. This guy is a piece of shit.

What do we as a community do about this?
1

User is offline   Sangman 

#3

Other than not using it probably not much. Tbh it needing admin access to start up seemed suspect to me already?

Nice sleuthing though

This post has been edited by Sangman: 10 February 2020 - 08:12 AM

2

User is offline   Player Lin 

#4

Looks like someone can just send shit to crash the whole system via the program?

That's REALLY nasty... :rolleyes:


EDIT: Here is the report of Virustotal for Meltdown.exe, only 4/70.

https://www.virustot...d1bf3/detection

This post has been edited by Player Lin: 10 February 2020 - 08:38 AM

2

User is offline   Major Tom 

#5

View PostPlayer Lin, on 10 February 2020 - 08:12 AM, said:



Clearly, they need to update their definitions....
2

User is offline   Lazy Dog 

#6

This needs to be stickied.
3

User is offline   Kyanos 

#7

I've witnessed podas fuckery while playing on Meltdown. It's my own damn fault for installing an obvious hack tool.

When will 3DR & Voidpoint finally get that client server running. Still holding off playing Ion Maiden till the game is finished in development.

This post has been edited by Photonic: 10 February 2020 - 09:56 AM

3

#8

Try running Wireshark in the host machine while doing this and check the incoming packets for anything suspicious.


Edit: Though if it requires admin privileges then it's not really surprising that it can do this to your machine, doesn't even need to use any OS exploits, a simple backdoor is enough.

This post has been edited by Doom64hunter: 10 February 2020 - 10:04 AM

1

User is offline   Player Lin 

#9

View PostMajor Tom, on 10 February 2020 - 09:32 AM, said:

Clearly, they need to update their definitions....


Try sending meltdown.exe and the link of movie to those anti-virus companies would be good idea I guess...? :rolleyes:
1

User is offline   WolfmanFP 

#10

View PostPhotonic, on 10 February 2020 - 09:54 AM, said:

When will 3DR & Voidpoint finally get that client server running. Still holding off playing Ion Maiden till the game is finished in development.

As far as I know, Striker and 75 are currently working on the netcode in their free time. Many parts of the code need to be refactored, so it could take for a while.

This post has been edited by WolfmanFP: 10 February 2020 - 10:22 AM

1

#11

View PostCommando Nukem, on 10 February 2020 - 07:49 AM, said:

Wow. This guy is a piece of shit.

What do we as a community do about this?


Pay a courtesy visit to his house with some cool home-run bat as gift.

You can also end the enjoyable meeting by "BSODING" his brain system "placing" his PC on his head.
1

User is offline   Tekedon 

#12

I used to have meltdown back in the day xD Never installing it again....
1

User is offline   TerminX 

  • el fundador

  #13

I'll sticky this for now.
3

User is offline   Outtagum 

#14

View PostCommando Nukem, on 10 February 2020 - 07:49 AM, said:

Wow. This guy is a piece of shit.

What do we as a community do about this?



3

User is offline   Lazy Dog 

#15

View PostOuttagum, on 10 February 2020 - 04:52 PM, said:





3

User is offline   OpenMaw 

  • Judge Mental

#16

I was thinking more legal action or boycotts, public awareness, not so much a felony.
1

User is offline   Radar 

#17

View PostCommando Nukem, on 12 February 2020 - 06:36 AM, said:

I was thinking more legal action or boycotts, public awareness, not so much a felony.


I highly doubt any legal action can be taken. Law enforcement looks at this stuff the same way they look at most petty crime, which is to turn a blind eye. They have bigger fish to fry.

If Meltdown is hosted on a paid server, there is a chance this can be reported and the server taken down, albeit temporarily until it is just hosted somewhere else.

Considering how open Poda is about his personal identity, I highly doubt he's worried about any repercussions. His name is Matthew Porter and he lives in Panama City, Florida. He even includes a nice photo of himself with Meltdown. No, this is not a dox. This is all info he makes public.

Spoiler

0

#18

I always thought he was from Brazil, not sure why, perhaps just the design of the UI or something.

Everyone has known Meltdown is dodgy for years, but they kept using it. I don't see anything changing, it's just the way people are.
1

User is offline   Jimmy 

  • 1776 World Wide

#19

>Floridaman
3

User is offline   Phredreeke 

#20

What if we send him PoC's stash of penises?
2

User is offline   Radar 

#21

https://i.imgur.com/pIF9vXl.jpg
0

User is offline   Fauch 

#22

I usually check with malwarebytes before executing something new. So it would have detected nothing
0

#23

This can never be relied upon because RATs have legitimate uses, so any given program that implements such features may also appear completely legitimate to the software, especially if the user opts to run it with Admin rights.
2

#24

While I doubt that any real legal action can be taken against him, I would expect someone who's had damage to his computer could sue the guy in small claims court. I think such a lawsuit would likely be a symbolic one rather one for any monetary recovery, unless he bricked someone's computer.
2

#25

I'm little bit new to the duke forums.

Here my experience from Meltdown. Yeah I remember back in 2011 one of my Duke Nukem 3D Buddy's from my Xbox 360 days. He show me this program Meltdown for the PC plays all build engine games of course. And his other friend grim told me told it's safe to download it let it pass the firewall. It's was new to me back then I was like okay I tried it play with some people and then forgot I had it afterwards. That was back in the vista/7 days for sure. Few years from that time too my 1 tb hard drive died on my old 2010 PC maybe this program what messed it up not for sure but it can be a possibly.

Now in this time frame so many years without playing it wanted to get back into it. I was setting up my own discord group to get some people to play even join in on revamped old school game servers like Duke 3D and so on. Meltdown came first in my mind because of the build games it supports. I was looking for the site I couldn't find it at first. Then after I visit it I had that bad feeling. So I searched my old name Duke Nukem 784 previously known for. And didn't find it in there. I was like hmm..I made sure it was the site surely it was. I knew I needed to login to the program to use it. So I tried downloading it without any warning knowing it was a virus. My Avast software lucky seen straight away and find a file in database said it was virus. I was relieved it save my PC before to was added the hard drive. That would been bad I ran that program then give me the BOS or spyware you know that not too good.

After that I didn't what to use it just because protected warning. Then by faith see this post I find it by search online how to make duke 3d maps and find stuff for it then I found this article on here. After seeing this post I can't believe it. Glad I have my answer. In the future it best not to use Meltdown at all. Always let your anti virus software help you out keeps your computer safe from this stuff even you are looking for something old that one way to know it good is or not. I always like playing duke 3d on my Windows 98 PC just for fun. Even on this one too.

But yeah.. Sorry if this post had lot of words. Positively just making positive point of my story if the subject I get vary detailed sometime mostly miss things type too. Hopefully it pieces this together true side of the program lot faster. if not I tried best to help. Positively - ZLG :rolleyes:
1

User is offline   Radar 

#26

View PostJimmy, on 12 February 2020 - 09:36 AM, said:

>Floridaman


DUDE THIS IS PERFECT. I'M USING THIS.


0

User is offline   ReaperMan 

#27

Well this is just all really fucked up. But Meltdown did always seem a bit shady. I swear there was something like years ago with the Yang client guy and Meltdown client dude getting into a big scuffle about something seriuos but I cant remember what it was.
2

User is offline   OpenMaw 

  • Judge Mental

#28

View PostReaperMan, on 03 March 2020 - 10:54 PM, said:

Well this is just all really fucked up. But Meltdown did always seem a bit shady. I swear there was something like years ago with the Yang client guy and Meltdown client dude getting into a big scuffle about something seriuos but I cant remember what it was.


If I remember right it was something to do with stolen code. Someone was accused of stealing code from someone.
1

User is offline   Radar 

#29

I dunno, afaik there were 2 different scuffles he could be referring to. Meltrojan is based on the Yang source code, so it is GPL violating. Yang subsequently went closed source after this (which IMO was an incredibly short-sighted decision that damaged the client's viability way more than anything Poda did). There was another scuffle later on when Poda DDoSed Yang for whatever reason. It was a program called GAYANG that was shared with other users in the Meltdown chat lobby. Somebody recently sent this program to me again. Dang, all these memories flooding back. Here is the readme:

GAYANG
by Mennen

Description:

	When YANG faggots get out of line, cool them off with GAYANG.  

Usage:  

	Simply double-click GAYANG.exe.

Command-line Options:  

	-server <ip>:  changes the server that supplies the list of games.  By default, it's set to yangserver.com.

		ex:  GAYANG -server newyangserver.com

	-list:  instead of gathering IPs from a server, you can manually enter them into "list.txt".
			This text file should have one IP and port on each line, such as

		1.2.3.4 8501
		5.6.7.8 8501

		ex:  GAYANG -list

		or, use run.bat.


According to Replica, the program was also used to target the IP addresses of specific players as well.

This post has been edited by Radar 100 Watts: 05 March 2020 - 08:02 PM

2

#30

Glad im not using that shit no more fuck that shit.
1

Share this topic:


  • 2 Pages +
  • 1
  • 2
  • You cannot start a new topic
  • You cannot reply to this topic


All copyrights and trademarks not owned by Voidpoint, LLC are the sole property of their respective owners. Play Ion Fury! ;) © Voidpoint, LLC

Enter your sign in name and password


Sign in options