Hello there everyone,
Scammers use a very large variety of pc remote control software. Although very few of them can be easily reversed (like Anydesk) and the rest are nearly impossible to reverse (such as GoToAssist), I have seen some youtubers having access to scammers PCs. I have also noticed that the reversing process doesn’t require any programs installed on the scammers pc. Thus, scammers would never know if someone is viewing their PCs.
I have always been wondering how that is done since it would significantly help eliminating thosd scams.
3 Likes
I have not tried it (I only do legal parts of scambaiting), but I believe there are multiple methods of doing this.
Use a keylogger and try to get passwords (used by Jim Browning).
Persuade the scammer to run an executable that installs a Random-Access Trojan (RAT) using social engineering, for example saying it will give them bank details.
Taking their partner ID (only works on certain remote access software) and using another Virtual Machine to try to connect to their machine, stating that they need to click “allow” to enable the connection. Requires huge amounts of social engineering.
2 Likes
@Telescope#155947 It’s a Remote Access Trojan, not Random Access. The main way Jim does it is through RATS but the way he spreads it I am unsure of. It is illegal as you said. OP if you got discord add me on it flutterverse#2291 since I can show you a few things.
2 Likes
@Chop#155948 @Telescope#155947 Neither of you are correct. R.A.T. stands for Remote Access (or Administration) TOOL, not trojan. People have (incorrectly) taken to calling these programs “trojans” due to scammers using them for nefarious purposes, but they have never been Trojans. Trojans are a form of malware whereas R.A.T.s are not. Sure, R.A.T.s can be dangerous in the wrong hands, but the same can be said for any tool. You wouldn’t call all hammers weapons just because a few people use them to beat a person’s head in. The hammer is still a tool, even if some people use it for purposes other than what it was intended for. The same thing can be said about R.A.T.s.
Many legitimate R.A.T.s exist and are in use among many legitimate companies, either internally or for use with consumers' computers. Some of them would include, but are not limited to:
LogmeinRescue (LMIR for short)
Teamviewer
Bomgar
Supremo
Go2Assist
And many more.
It's unfortunate these scammers started to use some of these tools for criminal activities, but that doesn't make them "trojans." When a customer (or victim) downloads these applications, they don't give the other person backdoor/free access to get on and off the victim's PC as they please. LMIR, for example, will not allow access again once it's shut down until a new six digit code is generated and the customer re-downloads the applet. Sure, a scammer could use LMIR to put trojans on the victim's computer, allowing them to gain access to the customer's computer at will later, but that still doesn't make LMIR a "trojan" as it is not directly responsible for that continued access. Bomgar is the same way. Teamviewer and Go2Assist do install to the customer's computer, but once the remote session is ended, the other person can't get back into the victim's computer again unless the victim cooperates (provided that scammer didn't already put a trojan on the computer while he or she had access the first time). I haven't used Supremo, so I can't attest to whether it installs to the PC it runs on, but I'm fairly certain it also does not grant continued access to the PC it runs on once the remote session is shut down.
So yeah, those programs are tools, and nothing more, despite what some criminals may do with them.
@Lionfan1986#158834 Your correct but I call them Trojans when I am referring to ones that give backdoor access without people knowing.
there a forums site that sells rat trojans …hf …dont tink we can say the whole name… ur fav youtube scam baiter is doing this.thats how he gets there webcam footage…jus renames a file like …credit card info.txt then wraps the trojan around it and crypts it so it wont get detected, the tech support scammer once connected on your computer ,he will always download it to his pc lol
1 Like
@newtondial#159257 that’s false, scambaiter doesn’t crypt his stubs. plus he’s using a cracked rat that’s a bit old. still works tho even on windows 10.
@Lionfan1986#158834 You are also incorrect. Remote access tool as well as remote access trojan are both ways that you can refer to a RAT, it depends on how it’s being used. If it’s being used for legitimate purposes such as administration needs with AnyDesk for an example, then it’s a remote access tool. However, if you’re using it with malicious intent to “RAT” someone, then it’s considered a remote access trojan
I would love to learn more. I’m trying to install some key loggers on one of my Bait machines and will then wrap a file with that so I can grab their info and share it with @scammerpayback , @JimBrowning11