Jump to content
Raiinzzz

Duradel Is not a true rsps!

Recommended Posts

I'm really sorry if I'm posting this in the wrong section i was trying to figure out how to report the server, so the admins could handle it, The rsps server called Duradel https://www.runelocus.com/top-rsps-list/details-44574-Duradel/ Please please please! If you goto his website, and dont have a anti-virus software DONT GO!  Because MY bitdefender (Anti-virus) software detected the website as a whole was so bad that it told me to go back to safety, but i ignored it cause normally .jar files are concluded to be (Potentially unwanted applications) But i ignored it and downloaded it, and it started up as if it was a client but no game ever actually started, so i went about my way and closed it, all of the sudden my computer is being taken over, and he's trying to goto paypal.com, I immediately started closing out of what he was doing but he kept doing it, so i shutdown my computer as fast as i could, started it back up and turned off my network, so he couldn't connect i then started up my antivirus and it didn't detect anything, so i removed what i could off of knowledge of how he could take remote access over my computer, and i blocked the networks and removed a couple of files that was editing my system files, and it seemed to work but to take extra precaution i downloaded Malwarebytes and this is what it found that my anti-virus missed, it check's your startup(which he had it on, so if you started up your pc he could just reconnect) it checks ur registry and a 3 more things, i forgot here's what it found https://pastebin.com/tdmZdzhw, so if this happens to you just disconnect from the internet and remove them your self! or download what ever you want to remove it! If you dont believe me download the client.jar your self! BUT BEWARE!!!!! he will take over you computer and open up paypal.com or what ever it is he does. He will have remote access over your computer, if you do decide to test this, just be sure to disconnect from the internet run ur anti-virus and download malwarebytes run both of them let it clean them and then restart your pc. 

 

Again! I'm really sorry if i posted this in the wrong section! if someone know's how to contact and an admin to get rid of this site he's advertising would be great!

Share this post


Link to post
Share on other sites

Sounds like that's what you'd call a RAT virus, or Remote Access/Administration Tool. More advanced ones like to call themselves FUD RATS, which would stand for fully undetectable remote access/administration tool. Normally, these viruses are rather tough to find, unless they are poorly designed. I'm glad you got it resolved in a timely manner, and I'm sorry this happened to you. Luckily, it seems you caught it in time.

Thanks for the warning :) Hopefully it'll serve others.

Share this post


Link to post
Share on other sites

hmm, I'll download this on to my virtual machine and take the jar file a part if that's where you got it from? Though never known a Java file to do so unless it downloaded an external application.

Edit: Can't even connect to website now lol, no warnings or anything.

Edit 2: Okay, so they have another site, found the JAR file and found this in it:

36vQaEMhSa_8Dl-OdIrKAw.png

 

VirusTotal confirms this;

https://www.virustotal.com/#/file/745e69f17d801283d5fb5beac64a9f64b02433956d15f3e2c9e5e9e78ce0531a/detection

Edited by Daedalus

Share this post


Link to post
Share on other sites
14 hours ago, Gemu said:

Sounds like that's what you'd call a RAT virus, or Remote Access/Administration Tool. More advanced ones like to call themselves FUD RATS, which would stand for fully undetectable remote access/administration tool. Normally, these viruses are rather tough to find, unless they are poorly designed. I'm glad you got it resolved in a timely manner, and I'm sorry this happened to you. Luckily, it seems you caught it in time.

Thanks for the warning :) Hopefully it'll serve others.

Yeah i downloaded a virtual machine and downloaded a rat program and ratted my self on the machine to know what to do if something like that happens again i know how to get there ip address using CMD and typing netstat -a it'll list all the connections in and out of computer, so if he doesn't anything i can track him down later. And i know what he's capable of if i'm ever in that situation. And i know how to cut of complete access to my computer from him without shutting down my pc now, cause i know how the program works. But yes on this specific subject of "Rats" i hope this serves others to avoid the download cause luckily i dont use paypal on my pc only on my phone, but other people could there's no telling how many people he got with this and stole there money!

 

2 hours ago, Daedalus said:

hmm, I'll download this on to my virtual machine and take the jar file a part if that's where you got it from? Though never known a Java file to do so unless it downloaded an external application.

Edit: Can't even connect to website now lol, no warnings or anything.

Edit 2: Okay, so they have another site, found the JAR file and found this in it:

36vQaEMhSa_8Dl-OdIrKAw.png

 

VirusTotal confirms this;

https://www.virustotal.com/#/file/745e69f17d801283d5fb5beac64a9f64b02433956d15f3e2c9e5e9e78ce0531a/detection

Yeah afterwards like i was telling Gemu I downloaded a virtual machine myself and setup a windows 7 inside the sandbox, and tried ratting my self, and had success. Also i know how to get his ip address, and im constantly now running a vpn, now that's on 24/7 cause i have other people on this network that do serious payments on there machines, and it's good because it protects against Tracking,Malware, and ads, but the main reason i use it is because you can't trace it back to our ip address i was told if the hacker really wanted to he could go into your network (Assuming he's hacker savvy) and goto your other machine devices and take and get what he want's from there as he please's.

Share this post


Link to post
Share on other sites
36 minutes ago, Raiinzzz said:

and it's good because it protects against Tracking,Malware, and ads

A VPN does not protect you against malware or ads, unless someone is additionally running an adblocker (and thus monitors your traffic).

Good to see you're trying to protect yourself though!

Share this post


Link to post
Share on other sites
8 hours ago, Arix said:

A VPN does not protect you against malware or ads, unless someone is additionally running an adblocker (and thus monitors your traffic).

Good to see you're trying to protect yourself though!

well with this one you can it's a fairly new vpn! Here's some proof! it's just disabled for speed, also i have other Programs that prevent the malware/ransomeware..etc..etc so i dont need it enabled except for the VPN aspect of it. https://gyazo.com/29ee95ba14631d9cef24da7eef289420 <--- vpn with Malware/ads/tracking prevention. 

Also another thing i have Adblock, And Ghostery enabled on my google chrome! :) 

So it is possible :) now to do so with a VPN! In the past i would have agreed with you, but technology is always advancing and it'll never stay what it once was. it doesn't detect malware on your machine tho it only detects the website as Malware if that makes sense. so it's not like Malwarebytes or Zemana AntiLogger Etc...etc.. it's just (Internet Browsing Malware prevention) if that makes sense.

Share this post


Link to post
Share on other sites
6 hours ago, Raiinzzz said:

well with this one you can it's a fairly new vpn! Here's some proof! it's just disabled for speed, also i have other Programs that prevent the malware/ransomeware..etc..etc so i dont need it enabled except for the VPN aspect of it. https://gyazo.com/29ee95ba14631d9cef24da7eef289420 <--- vpn with Malware/ads/tracking prevention. 

Also another thing i have Adblock, And Ghostery enabled on my google chrome! :) 

So it is possible :) now to do so with a VPN! In the past i would have agreed with you, but technology is always advancing and it'll never stay what it once was. it doesn't detect malware on your machine tho it only detects the website as Malware if that makes sense. so it's not like Malwarebytes or Zemana AntiLogger Etc...etc.. it's just (Internet Browsing Malware prevention) if that makes sense.

Seems to me like the program you installed ALSO prevents malware and such, in addition to providing a VPN :)

Personally I just use GData. It has protected me fairly well :D 

Share this post


Link to post
Share on other sites
10 hours ago, Arix said:

Seems to me like the program you installed ALSO prevents malware and such, in addition to providing a VPN :)

Personally I just use GData. It has protected me fairly well :D 

Nice! I'll have to check out GData! :)

Share this post


Link to post
Share on other sites

After reviewing the evidence provided above, I have disabled the server for malware abuse.

Thank you for your tip-off and your warning to make RuneLocus a safer top RSPS list.

Share this post


Link to post
Share on other sites
16 hours ago, Cart said:

After reviewing the evidence provided above, I have disabled the server for malware abuse.

Thank you for your tip-off and your warning to make RuneLocus a safer top RSPS list.

No Problem! Apparently, he tried to login on my email! But my email blocked him out cause it was a new ip in a new country. He lives in brasil. And I renewed all my passwords! Glad to make rsps a safer place :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×