[Radar]

The purpose of this thread is to publicly document that the netplayer client known as Meltdown, available for download from duke3donline.com, is a malicious program capable of bsoding your machine at the whim of its creator, Poda.

Do not use this program. Do not download it. Do not install it. Do not support it in any way.

It's time we expose this hacker once and for all.

[OpenMaw]

Wow. This guy is a piece of shit.

What do we as a community do about this?

[Sangman]

Other than not using it probably not much. Tbh it needing admin access to start up seemed suspect to me already?

Nice sleuthing though

[Player Lin]

Looks like someone can just send shit to crash the whole system via the program?

That's REALLY nasty...


EDIT: Here is the report of Virustotal for Meltdown.exe, only 4/70.

https://www.virustot...d1bf3/detection

[MajorTom 2417]

Player Lin, on 10 February 2020 - 08:12 AM, said:

https://www.virustot...d1bf3/detection

Clearly, they need to update their definitions....

[DisgustedGrunt]

This needs to be stickied.

[Kyanos]

I've witnessed podas fuckery while playing on Meltdown. It's my own damn fault for installing an obvious hack tool.

When will 3DR & Voidpoint finally get that client server running. Still holding off playing Ion Maiden till the game is finished in development.

[Doom64hunter]

Try running Wireshark in the host machine while doing this and check the incoming packets for anything suspicious.


Edit: Though if it requires admin privileges then it's not really surprising that it can do this to your machine, doesn't even need to use any OS exploits, a simple backdoor is enough.

[Player Lin]

Major Tom, on 10 February 2020 - 09:32 AM, said:

Clearly, they need to update their definitions....

Try sending meltdown.exe and the link of movie to those anti-virus companies would be good idea I guess...?

[WolfmanFP]

Photonic, on 10 February 2020 - 09:54 AM, said:

When will 3DR & Voidpoint finally get that client server running. Still holding off playing Ion Maiden till the game is finished in development.

As far as I know, Striker and 75 are currently working on the netcode in their free time. Many parts of the code need to be refactored, so it could take for a while.

[The Battlelord]

Commando Nukem, on 10 February 2020 - 07:49 AM, said:

Wow. This guy is a piece of shit.

What do we as a community do about this?

Pay a courtesy visit to his house with some cool home-run bat as gift.

You can also end the enjoyable meeting by "BSODING" his brain system "placing" his PC on his head.

[Tekedon]

I used to have meltdown back in the day xD Never installing it again....

[TerminX]

I'll sticky this for now.

[Outtagum]

Commando Nukem, on 10 February 2020 - 07:49 AM, said:

Wow. This guy is a piece of shit.

What do we as a community do about this?

[DisgustedGrunt]

Outtagum, on 10 February 2020 - 04:52 PM, said:

[OpenMaw]

I was thinking more legal action or boycotts, public awareness, not so much a felony.

[Radar]

Commando Nukem, on 12 February 2020 - 06:36 AM, said:

I was thinking more legal action or boycotts, public awareness, not so much a felony.

I highly doubt any legal action can be taken. Law enforcement looks at this stuff the same way they look at most petty crime, which is to turn a blind eye. They have bigger fish to fry.

If Meltdown is hosted on a paid server, there is a chance this can be reported and the server taken down, albeit temporarily until it is just hosted somewhere else.

Considering how open Poda is about his personal identity, I highly doubt he's worried about any repercussions. His name is Matthew Porter and he lives in Panama City, Florida. He even includes a nice photo of himself with Meltdown. No, this is not a dox. This is all info he makes public.

Spoiler

[High Treason]

I always thought he was from Brazil, not sure why, perhaps just the design of the UI or something.

Everyone has known Meltdown is dodgy for years, but they kept using it. I don't see anything changing, it's just the way people are.

[Jimmy]

>Floridaman

[Phredreeke]

What if we send him PoC's stash of penises?

[Radar]

[Fauch]

I usually check with malwarebytes before executing something new. So it would have detected nothing

[High Treason]

This can never be relied upon because RATs have legitimate uses, so any given program that implements such features may also appear completely legitimate to the software, especially if the user opts to run it with Admin rights.

[Morpheus Kitami]

While I doubt that any real legal action can be taken against him, I would expect someone who's had damage to his computer could sue the guy in small claims court. I think such a lawsuit would likely be a symbolic one rather one for any monetary recovery, unless he bricked someone's computer.

[ZLegendaryGamer]

I'm little bit new to the duke forums.

Here my experience from Meltdown. Yeah I remember back in 2011 one of my Duke Nukem 3D Buddy's from my Xbox 360 days. He show me this program Meltdown for the PC plays all build engine games of course. And his other friend grim told me told it's safe to download it let it pass the firewall. It's was new to me back then I was like okay I tried it play with some people and then forgot I had it afterwards. That was back in the vista/7 days for sure. Few years from that time too my 1 tb hard drive died on my old 2010 PC maybe this program what messed it up not for sure but it can be a possibly.

Now in this time frame so many years without playing it wanted to get back into it. I was setting up my own discord group to get some people to play even join in on revamped old school game servers like Duke 3D and so on. Meltdown came first in my mind because of the build games it supports. I was looking for the site I couldn't find it at first. Then after I visit it I had that bad feeling. So I searched my old name Duke Nukem 784 previously known for. And didn't find it in there. I was like hmm..I made sure it was the site surely it was. I knew I needed to login to the program to use it. So I tried downloading it without any warning knowing it was a virus. My Avast software lucky seen straight away and find a file in database said it was virus. I was relieved it save my PC before to was added the hard drive. That would been bad I ran that program then give me the BOS or spyware you know that not too good.

After that I didn't what to use it just because protected warning. Then by faith see this post I find it by search online how to make duke 3d maps and find stuff for it then I found this article on here. After seeing this post I can't believe it. Glad I have my answer. In the future it best not to use Meltdown at all. Always let your anti virus software help you out keeps your computer safe from this stuff even you are looking for something old that one way to know it good is or not. I always like playing duke 3d on my Windows 98 PC just for fun. Even on this one too.

But yeah.. Sorry if this post had lot of words. Positively just making positive point of my story if the subject I get vary detailed sometime mostly miss things type too. Hopefully it pieces this together true side of the program lot faster. if not I tried best to help. Positively - ZLG

[Radar]

Jimmy, on 12 February 2020 - 09:36 AM, said:

>Floridaman

DUDE THIS IS PERFECT. I'M USING THIS.

[ReaperMan]

Well this is just all really fucked up. But Meltdown did always seem a bit shady. I swear there was something like years ago with the Yang client guy and Meltdown client dude getting into a big scuffle about something seriuos but I cant remember what it was.

[OpenMaw]

ReaperMan, on 03 March 2020 - 10:54 PM, said:

Well this is just all really fucked up. But Meltdown did always seem a bit shady. I swear there was something like years ago with the Yang client guy and Meltdown client dude getting into a big scuffle about something seriuos but I cant remember what it was.

If I remember right it was something to do with stolen code. Someone was accused of stealing code from someone.

[Radar]

I dunno, afaik there were 2 different scuffles he could be referring to. Meltrojan is based on the Yang source code, so it is GPL violating. Yang subsequently went closed source after this (which IMO was an incredibly short-sighted decision that damaged the client's viability way more than anything Poda did). There was another scuffle later on when Poda DDoSed Yang for whatever reason. It was a program called GAYANG that was shared with other users in the Meltdown chat lobby. Somebody recently sent this program to me again. Dang, all these memories flooding back. Here is the readme:

GAYANG
by Mennen

Description:

	When YANG faggots get out of line, cool them off with GAYANG.  

Usage:  

	Simply double-click GAYANG.exe.

Command-line Options:  

	-server <ip>:  changes the server that supplies the list of games.  By default, it's set to yangserver.com.

		ex:  GAYANG -server newyangserver.com

	-list:  instead of gathering IPs from a server, you can manually enter them into "list.txt".
			This text file should have one IP and port on each line, such as

		1.2.3.4 8501
		5.6.7.8 8501

		ex:  GAYANG -list

		or, use run.bat.

According to Replica, the program was also used to target the IP addresses of specific players as well.

[Steve 64]

Glad im not using that shit no more fuck that shit.