211250
D Ø W N L O R E
@d0wnlore.eth #211250
Crypto Defender & Degen ⚔️ Security Research at Protspec
488 Follower 99 Following
Watch out for new malware scams in your DCs that want you to download Brave Talk or another fake meeting app.
If you don't already have a meeting app installed on your device, don't install one because some rando wants you to.
If you don't already have a meeting app installed on your device, don't install one because some rando wants you to.
🙏 Thanks to everyone that donated to Protspec during GG21!
But I can't stress enough how important grants and donations are for me to incentivize my work in anti-phishing and infostealer alerts.
This will likely not continue without continuous support.
You can still donate whenever through Gitcoin or the addresses in my bio.
https://explorer.gitcoin.co/#/projects/0xd4ba3516e2933a3ef765ac26637930c7881458b1cca8d4767b07027c5f010e50
But I can't stress enough how important grants and donations are for me to incentivize my work in anti-phishing and infostealer alerts.
This will likely not continue without continuous support.
You can still donate whenever through Gitcoin or the addresses in my bio.
https://explorer.gitcoin.co/#/projects/0xd4ba3516e2933a3ef765ac26637930c7881458b1cca8d4767b07027c5f010e50
🧠 The community is doing a good job of reporting and shutting down malware scams accounts targeting FC users!
So figured I'd just post some actionable tips + a call to action for you to support my work going forward:
- Do not download anything, especially executable or image files like EXE, DMG or PKG, from sources you just found out about through a DC/DM or even post
- Do not download and open PDFs on your local machine from random people. Upload them to an online document viewer like Google Drive and view through there, to minimize possible damage if it's malicious (would have to be a browser 0-day to be effective, which these low-level scammers unlikely have access to)
- If you feel you have to download an app, ask frens for second and even third opinions on it
- Always keep your devices up-to-date on security updates
And if I ever helped or saved your assets since I started posting on FC, I could use more contributions to my @gitcoin grant 🙏 https://explorer.gitcoin.co/#/round/10/44/54
So figured I'd just post some actionable tips + a call to action for you to support my work going forward:
- Do not download anything, especially executable or image files like EXE, DMG or PKG, from sources you just found out about through a DC/DM or even post
- Do not download and open PDFs on your local machine from random people. Upload them to an online document viewer like Google Drive and view through there, to minimize possible damage if it's malicious (would have to be a browser 0-day to be effective, which these low-level scammers unlikely have access to)
- If you feel you have to download an app, ask frens for second and even third opinions on it
- Always keep your devices up-to-date on security updates
And if I ever helped or saved your assets since I started posting on FC, I could use more contributions to my @gitcoin grant 🙏 https://explorer.gitcoin.co/#/round/10/44/54
🚨 If you haven't donated to my #GG21 grant for @Protspec_com, you only have a few days left!
Help me continue with my free research into phishing/scams targeting you and other frens in crypto + my updates in /police 🙏
https://explorer.gitcoin.co/#/round/10/44/54
Help me continue with my free research into phishing/scams targeting you and other frens in crypto + my updates in /police 🙏
https://explorer.gitcoin.co/#/round/10/44/54
🚨 EZ way to tell a malware scam is if they gloat about their UK corp registration 😂
Avoid Magical Bound 👇
magical_bound on X
magicalbound on LinkTree
magicalbound[.]org
Avoid Magical Bound 👇
magical_bound on X
magicalbound on LinkTree
magicalbound[.]org
👋 I’m in the GG21 Asia Round with Protspec, helping protect FC and X users from scams and malware.
If you’ve used my public good anti-phishing browser extension, Bulwark, or want to help me continue my free research into scammers targeting those in Farcaster, X and beyond, please consider donating!
If you’ve used my public good anti-phishing browser extension, Bulwark, or want to help me continue my free research into scammers targeting those in Farcaster, X and beyond, please consider donating!
I’m in the GG21 Asia Round with Protspec!
If you’ve used my public good anti-phishing browser extension, Bulwark, or want to help me continue my free research into scammers targeting those in Farcaster, X and beyond, please consider donating!
https://explorer.gitcoin.co/#/round/10/44/54
If you’ve used my public good anti-phishing browser extension, Bulwark, or want to help me continue my free research into scammers targeting those in Farcaster, X and beyond, please consider donating!
https://explorer.gitcoin.co/#/round/10/44/54
I’m in the GG21 Asia Round with Protspec!
If you want help bring more trust and security to our ecosystem against scammers, please consider contributing to my continued work and research! This is a QF round so every contributions gets amplified.
https://explorer.gitcoin.co/#/round/10/44/54
If you want help bring more trust and security to our ecosystem against scammers, please consider contributing to my continued work and research! This is a QF round so every contributions gets amplified.
https://explorer.gitcoin.co/#/round/10/44/54
Let’s shed a spotlight on one of the malware scams likely floating in your DCs…
Dexis
They have no FC account but have a gold checkmark presence on X (@ DexisApp) and of course have agents shilling their malware across both platforms.
If you are technically-adept you can take a look at what their malware does here https://tria.ge/240731-gbqf8atbpc
Dexis
They have no FC account but have a gold checkmark presence on X (@ DexisApp) and of course have agents shilling their malware across both platforms.
If you are technically-adept you can take a look at what their malware does here https://tria.ge/240731-gbqf8atbpc
🫵 You should rely more on yourself, and not virus/malware scanners, when it comes to avoiding infostealer malware that randos in your DMs and inbox.
Why? Because these gangs do a very good job of obfuscating their payloads within the apps they shill and the one or two scanners you have installed may not pick it up.
Again, don’t download any software some rando shilled you in a DM just to start a meeting or give you a game testing opportunity. You will get rekt. But to elaborate further…
- Only use chat/meeting software you have installed on your devices, or very well-known ones
- Block/report anyone that shills you “AI-powered” chat software because they need translation help
- On macOS, watch out for any installers that ask you to “Right click and select Open” to install them, this is a bypass for Apple’s Gatekeeper check
- Refer to the quoted list of examples of malware floating around that you should avoid
Why? Because these gangs do a very good job of obfuscating their payloads within the apps they shill and the one or two scanners you have installed may not pick it up.
Again, don’t download any software some rando shilled you in a DM just to start a meeting or give you a game testing opportunity. You will get rekt. But to elaborate further…
- Only use chat/meeting software you have installed on your devices, or very well-known ones
- Block/report anyone that shills you “AI-powered” chat software because they need translation help
- On macOS, watch out for any installers that ask you to “Right click and select Open” to install them, this is a bypass for Apple’s Gatekeeper check
- Refer to the quoted list of examples of malware floating around that you should avoid
🚨 Current, non-exhaustive list of game/meeting malware you should avoid:
- Dexis dexis[.]app
- Silent Down playsilentdown[.]xyz
- Arcanix arcanix[.]land
- Calipso projectcalipso[.]com
- Wion wionworld[.]com
- Cozy Land cozyland[.]xyz
- Dinoverse dinoverse[.]app
- Nortex nortexapp[.]xyz
- Wasper wasper[.]app
- Clusee clusee[.]com
- Party Royale / World partyworld[.]io
Always DYOR and ask frens before you install anything on your devices!
- Dexis dexis[.]app
- Silent Down playsilentdown[.]xyz
- Arcanix arcanix[.]land
- Calipso projectcalipso[.]com
- Wion wionworld[.]com
- Cozy Land cozyland[.]xyz
- Dinoverse dinoverse[.]app
- Nortex nortexapp[.]xyz
- Wasper wasper[.]app
- Clusee clusee[.]com
- Party Royale / World partyworld[.]io
Always DYOR and ask frens before you install anything on your devices!
If you ever get a weird DC from a stranger asking you to download a game or app:
- 🚨 It is likely a scam/malware, don’t chat with them further
- Report them + name and shame them in /police - Mention what they are trying to get you to download so others can avoid it + I can do research on it
Stay safe frens 🫡
- 🚨 It is likely a scam/malware, don’t chat with them further
- Report them + name and shame them in /police - Mention what they are trying to get you to download so others can avoid it + I can do research on it
Stay safe frens 🫡
Baka scammers indeed…
uwu~ d-downlore-chan is always on pawtwol, sniffing out those naughty phishing scams and malware! *bonks scammers* baka!
uwu~ d-downlore-chan is always on pawtwol, sniffing out those naughty phishing scams and malware! *bonks scammers* baka!
Been resting after Bansko Nomad Fest but will be back in Asia soon.
One important lesson I learned is to know if you will be going into a conference with your social battery full or drained. Unfortunately it was the latter for me, after 4 months of going and hosting meetups.
Will take better stock for next year…
One important lesson I learned is to know if you will be going into a conference with your social battery full or drained. Unfortunately it was the latter for me, after 4 months of going and hosting meetups.
Will take better stock for next year…
루마 이벤트가 열리는 장소가 서울로 표시 되어 있는데 Сеул 이라고 적혀 있다면 ???? 출신의 스캠일 가능성이 높습니다
(참고로 서울은 러시아어로 Сеул 입니다 😂)
게다가 날짜마저 미심쩍다면..?
(참고로 서울은 러시아어로 Сеул 입니다 😂)
게다가 날짜마저 미심쩍다면..?
🚨 Updated names of malware scams being shilled in Farcaster DCs. Stay safe frens:
Dexis
Silent Down Metaworld
VDeck
Party Royale
Vorion / Vortax
Arcanix Land
Goheard
Calipso Project
Wion World
Spectral / R00M
Dash Land Metaworld
Cozy World Metaverse
Reborn1986 / 1986metaverse
Dinoverse
Nortex
Dexis
Silent Down Metaworld
VDeck
Party Royale
Vorion / Vortax
Arcanix Land
Goheard
Calipso Project
Wion World
Spectral / R00M
Dash Land Metaworld
Cozy World Metaverse
Reborn1986 / 1986metaverse
Dinoverse
Nortex
⚔️ My security research and anti-phishing browser extension has a funding proposal in the current @ensdao public goods grant round!
If you are an $ENS delegate/holder and want to improve the security UX in this space, please vote 🙏 https://ensgrants.xyz/rounds/41/proposals/993
If you are an $ENS delegate/holder and want to improve the security UX in this space, please vote 🙏 https://ensgrants.xyz/rounds/41/proposals/993
Just to clarify some points in this unfortunate situation:
1. The victim downloaded and executed malware; there's no token approvals to revoke, the scammers got the private key
2. UK business registrations are a farce and just used to trick people using social proof
3. Use filescan.io as an alternative to VirusTotal
1. The victim downloaded and executed malware; there's no token approvals to revoke, the scammers got the private key
2. UK business registrations are a farce and just used to trick people using social proof
3. Use filescan.io as an alternative to VirusTotal
Learn how to use git folks…