fraud Chetan Nayak puts his reputation on the line! Watch him squirm :)

[zen]

Looks like Chetan Nayak was nothing but air and everyone can see after all this time that his claims were empty from day one. Now he has fellow malware author skid kyrecon licking his nuts in public so hard, it's one of the most cringe and disgusting things I have ever seen in the security field. At least these miscreant retards have each other.

(not to detract from legitimate nut-licking which hey who am I to judge maybe there are people who are into that)
as follows:



No one even talks like that. It is so embarrassing for them, some of the most cringe circle-jerk pageantry.

 

[sky]

Ponzi schemes in cracking/ reverse engineering free groups lol
This is the stupidest thing I've ever read.
I would say the Ponzi scheme, if so, would be more inside offsec professional/ paid tooling than in our work ahaha man those two are clowns selling literally malware lmfao

 

[zen]

Kyriakos Economou may be a former cracker and current malware-peddling nutlicker snitch but at least he knows their malware is always purchased by criminals - the fact is they peddle their malware to anyone who will pay them. There are still even today several threads on exploit.in selling Shellter Pro Plus and Brute Ratel. Kyriakos spends his time making a tool used primarily by criminals (gladly accepting their money) then boasts and grandstands on twitter like a madman pointing fingers but never taking responsibility for his own actions. Some time ago he made accusations about a release then backpedaled but never retracted his idiotic lies. Will leave this thread open in case he ever decides to man up and admit his mistake.

 

[fraylure]

@zen I don't believe you know anything about him except from things you have been told by people that he pushed away himself. It's sad that you still keep attacking someone that the only thing he tried to do was to defend his work from the leechers that you keep feeding. Knowing their vetting process and how things work behind the scenes, I can tell you that he is definitely not selling to anyone that is willing to pay. Your accusations are plain wrong. Clearly you know nothing about it. FYI, those threads you are talking about are posted by scammers trying to sell fake copies of Shellter. I am probably wasting my time telling you so, but that's ok.

 

[zen]

fraylure, well I think I know a thing or two about the false claims he made and the way he tried to cover it up instead of manning up and keeping it real. We never backdoored anything but his out-of-control ego wouldn't let him just stfu and tell the truth. Instead he decided to antagonize us, ddos the forum, and give ongoing threats about snitching and prosecution, though this would be quite a trick as we aren't doing anything illegal!! We have private versions of his software so we know full well some of those threads selling shellter are real and not scams. Besides the forums have escrow and the sellers haven't been banned after some years, so I think it's you who is talking about things you don't really know.

Do I have hard evidence that these guys knowingly sold their malware to people intending to use it for crime? Well no. I wasn't involved so I don't *know*. But I do know shellter is malware, and it's entire purpose is helping an attacker evade defenses, and even if you set aside the commercial versions, he has been providing the free version for a decade and helping countless criminal actors encode payloads into executables. All that and he pointed a finger at us for having cracked dual-use red team tools. Silly. He's a malware peddler putting on a show like he is a professional whitehat, willing to lie about us to inflate his reputation. I don't see that it worked, but unfortunately sometimes any attention is good attention and could have gotten him sales. I mean I guess I wouldn't otherwise care... I'm actually pretty open minded about software, and think that code can't be evil and the nature of it in this world depends entire on what it's used for - I don't think such things should be illegal. One and zeros, who cares. I just don't like being falsely accused (well, I mean, my friends, since I didn't actually help in cracking cobaltstrike personally) and generally in the infosec field with security and reversing some of these matters are really simple and straightforward, like you either have some scrap of evidence of a backdoor or you don't. There are only so many ways for an implant to communicate and if you are sniffing your network you will see them all - and he knows it. I haven't done anything to cause that guy problems he should really just own up to his error or stfu.

 

[sky]

@zen I don't believe you know anything about him except from things you have been told by people that he pushed away himself. It's sad that you still keep attacking someone that the only thing he tried to do was to defend his work from the leechers that you keep feeding. Knowing their vetting process and how things work behind the scenes, I can tell you that he is definitely not selling to anyone that is willing to pay. Your accusations are plain wrong. Clearly you know nothing about it. FYI, those threads you are talking about are posted by scammers trying to sell fake copies of Shellter. I am probably wasting my time telling you so, but that's ok.

Ok, so you defend someone who also tell a lot of lies, cries a like a baby and also like to dox, threaten and also attack in real life some people out just because they do something that you don't like.
Also I want to remind that KyRecon himself was a cracker of applications / tools and wasn't just that, there was more, but you should know by being in the underground scene (and not limited to).
So please don't assume we just assume how people are and all the shit you said.
Before having certain reputation/ ideas about someone, we wait a lot and evaluate how they think/ how they face issues / challenges.
That's really a nice guy, is he ?

And also just like they do, about "searching infos", we do as well. We don't care about what you show of yourself, you could always tamper that side in many many ways, just like most tweeters / LinkedIn retards do, and it's obvious.

Here again , I agree with what zen said, about the malware tools selling.
just because they're "legit" and have a company makes them good? So even NSO and all the rest of companies like those are gold guys because they sell malware , right?
Even if your intention are good , which I don't think at all, I think they just care of getting money, the tool is not. The tools is in the bad zone, accept it.
it is done for hiding malware in many other ways, same for BRC, good intentions or not, it's a malware made fork, guess what, evasion of advanced analysis systems and EDR. Same goes for metasploit, sliver and all the rest of tools.
As said, even metasploit and sliver are intended for "bad usage", it just depends on who's using it, to use them legitimately.
But this won't change how a single person/ group of person will use it. No sliver / open source C2 ? They might will in those underground forums paying for it, from friends or from those proxy companies and of course nor you, nor us, nor they will ever really know which are "proxy companies " and not.

I can understand "defending your work", but not how he does. Just like cheetah and cyb3rops do. To me they're completely filled just with so much ego that they can't even see how the real world work and neither you do see such.
Their vetting process sucks just like any other vetting process could.
See how they always talk about how Fortra sucks at vetting their selling, while all I saw from cheetah, for example, are just retarded people asking for the tool even by paying more.
Never saw a serious post about how a fake company tried or not, guess why? Because they don't care at all or they can't find really who's legit or not.

Also what I don't get is their flexing in their tools like they're the only one able to do such and bla bla, same old story.
You flex your shit > it gets cracked, no matter what, and this will be the same in any other topic, not only infosec one.

And please, as said I understand the fact to defend their work, but I will never understand nor accept how they behave just like childrens.

And another thing, using the customer data inside a license that will apply that data to your payload in any way you want, won't make your tool really "identifiable", if cracked, since I never saw a post saying "see, I found a legitimate copy circling around and the buyer was X", all I see is just shitty complaining about how others are trying to "destroy" their works, while this is just done by their shitty behaviors.

But at least KyRecon didn't accused us of infiltrating some shitty malware in our releases, as far as I can remember.

Other than that, I don't agree with you at all, so please stop this one way bullshit defend without even the full context.

 

[fraylure]

I don't understand what all this rant is about. He literally just wanted to protect his work from abuse by criminals which you actually promote by sharing commercial tools with them.
Kyrecon had always a very strict vetting process which became even harder to get past it as time went by.
Also, as far as I am aware he did not dox anybody. He could have exposed that pony guy to public, but he did not.
The other Greek guy was not doxed, since he was using his real ID everywhere.
There is no proof that those escrows you mentioned have access to real copies of his software, apart from that old 3.x version which had no DRM anw and some stupid customer made the mistake to leak.
So yeah, that version was just leaked, not cracked.
If you have any proof that anyone else has leaked a more recent version, then just notify the guy and he will take action, instead of blaming him for no reason.
Finally, claiming that you do nothing illegal while you promote illegal sharing of pirated copies of commercial software is a truly delusional take. You don't need to take my word for it, just ask a lawyer and find out.

 

[zen]

I don't understand what all this rant is about. He literally just wanted to protect his work from abuse by criminals which you actually promote by sharing commercial tools with them.
Kyrecon had always a very strict vetting process which became even harder to get past it as time went by.
Also, as far as I am aware he did not dox anybody. He could have exposed that pony guy to public, but he did not.
The other Greek guy was not doxed, since he was using his real ID everywhere.
There is no proof that those escrows you mentioned have access to real copies of his software, apart from that old 3.x version which had no DRM anw and some stupid customer made the mistake to leak.
So yeah, that version was just leaked, not cracked.
If you have any proof that anyone else has leaked a more recent version, then just notify the guy and he will take action, instead of blaming him for no reason.
Finally, claiming that you do nothing illegal while you promote illegal sharing of pirated copies of commercial software is a truly delusional take. You don't need to take my word for it, just ask a lawyer and find out.

It is so cringe and pathetic to see this coward kyrecon slink in here using a fake name, play-acting like he has a sympathetic friend. This is one of the most embarassing things I have seen someone do. I mean what a sick sad lonely little dude. No life, one-hit-wonder who made some single tool a decade ago and milked it like it was his whole world I mean holy *shit* can you image being so pathetic that you try to build a company and a life around a single shellcode tool? You mean backdoorfactory but closed source? You mean msfvenom? You mean a dozen other projects on github? Something like donut is approximately twice as elite as shellter will ever be, and it's free. Wow man, I mean, this isn't some day to day thing for you, but month to month, and year to year, and now you are caught out begging for work because your malware isn't paying the bills, and instead of working on getting your life straight like a real man you come here and whine and snivel at us - bitch you don't even know us. Seriously I don't care how pathetic and lonely you are, you bring this nonsense here you get no sympathy and you can go fuck off somewhere else. You are a liar and a scumbag who profits from peddling an old malware helper-tool built on ripped ideas. Why you fixate on the lies about us I have no idea but seriously, little bitch, GTFO.

 

[sky]

Oh man, never cringed that hard lmfao

 

[fraylure2]

It is so cringe and pathetic to see this coward kyrecon slink in here using a fake name, play-acting like he has a sympathetic friend. This is one of the most embarassing things I have seen someone do. I mean what a sick sad lonely little dude. No life, one-hit-wonder who made some single tool a decade ago and milked it like it was his whole world I mean holy *shit* can you image being so pathetic that you try to build a company and a life around a single shellcode tool? You mean backdoorfactory but closed source? You mean msfvenom? You mean a dozen other projects on github? Something like donut is approximately twice as elite as shellter will ever be, and it's free. Wow man, I mean, this isn't some day to day thing for you, but month to month, and year to year, and now you are caught out begging for work because your malware isn't paying the bills, and instead of working on getting your life straight like a real man you come here and whine and snivel at us - bitch you don't even know us. Seriously I don't care how pathetic and lonely you are, you bring this nonsense here you get no sympathy and you can go fuck off somewhere else. You are a liar and a scumbag who profits from peddling an old malware helper-tool built on ripped ideas. Why you fixate on the lies about us I have no idea but seriously, little bitch, GTFO.

Dude, you are completely out of your mind.

You have literally zero understanding of how Shellter works.

All these other projects that you mention share zero similarities with the Shellter Project, apart from the end goal which is payload execution. Other than that, you are comparing completely different things. Literally zero technical similarities.

Also, you say Shellter is built upon ripped ideas. Find another project that works the same way if you can.

Well, to do that you must first understand how Shellter works, which is not going to happen in this century, so never mind.

The only thing you are good at, is banning people whenever they suggest something that you don't agree with.

You should man up and start trying to keep a conversation going even when the arguments fall outside of the bubble that you live in.

You are living inside a vacuum where the only voice that is acceptable is yours.

If that's not pathetic, then what is?

 

[kyREcon]

@zen Invitation accepted.

Let's see what you have to say about me and my work.

 

[c0rt3zx]

@zen Invitation accepted.

Let's see what you have to say about me and my work.

Well, well, who do we have here... Kyriako, or do you prefer Hack_ThE_PaRaDiSe (H_T_P)? It seems like you've graced us with your presence. Are you here to apologize, or did you come to showcase the power of stupidity? Eventually, you muster the courage to create an account under your second alias. Jesus, kid...

So, what's your agenda here, little one? Are you planning to continue your online illegal activities? Oh, wait, I almost forgot about your evasion technique, altering the structure of malware. Let's be clear, these evasion techniques are utilized by cybercriminals to outsmart traditional antivirus and intrusion detection systems. In simpler terms: ILLEGAL! Spare us your attempts to sell the idea that you're engaged in legal work. Perhaps you should consult your lawyer for a reality check.

Now, what brings you here, kid? What do you want? Why not be straightforward and speak like a man instead of hiding behind fake accounts and lurking in chats? Before you unleash your verbal diarrhea again, take a moment to remember what you've created at https://reversing.gr/. Don't forget the questionable activities, the alterations to other people's software. Ever heard of karma?

Do you want to delve deeper into your own story? Because I have plenty of things to say about you.

Ps: thanks to your "friends" that they providing all infos :) by the way they rejected you .. they werent pushed away by you!

 

[zen]

@zen Invitation accepted.

Let's see what you have to say about me and my work.

Kyriakos Economou? Ok well if true then thanks for at least coming as you are - so look you have taken this entire interaction in negative directions, and created hostility and negative vibe where there doesn't need to be one. I have only the slightest interest in you or your software which is due to that you came around insulting me and attacking my friends. So about you, without any capitulation or concession on your part, I have nothing good to say. I mean I'd wish that people with security and reversing skills would have some level of solidarity and brotherhood, as we have shared a world that most common folk don't see or care about, but that's just my demeanor, I'm not a total dick. I'll call you a ball-licker because you pissed me off, but at least underneath I do respect when one builds something and shares knowledge.

Shellter from my perspective is not a passion and livelihood, as it must be for you, it is just another tool. I'm not sure how productive it will be for me to dissect shellter, going off the latest version we have since I don't have your current code base, because without you having cleaned up your lies about us I'm disinclined to give your product further attention. There are indeed dozens if not hundreds of other tools that accomplish entry point obfuscation, injection of shellcode into another pe (some which support 64bit which you are a latecomer but apparently do also), and the various edr-bypass techniques are flavor-of-the-week there is a constant litnay of new methods of evading edr. You might use the same methods as others, or have some cutting-edge thing that clowns crowdstrike/paloalto/whoever for a week until they get a code sample then kill that method. Then there will be others. Seeing how fast the escalation is on both sides, I wouldn't brag too much about a specific method.

Also I think I have mixed you and chetan up at least once but you see it's because I don't really care.

In the interest of trying to make this a productive exchange rather than just a place to toss insults I'll ask you some pointed questions:

1. why did you claim there was a backdoor in the cobaltstrike release when there is not, and will you retract your claim?
2. why exactly do you keep claiming we are doing crime and you appear to be salivating for a "bust". Because dude, we're legit, and speaking for myself I suppose, I personally don't let credit card and fraud and leaks posts here I delete them in moderation (first time posts are always moderated), and I don't conduct such things myself. I crack commercial software sometimes but honestly I'm not even a reverse engineer or even very good at it, sometimes it seems I am and it's a bit of a happy thing, but really I am not the guy who is digging in the malware analyst trenches - I could do that job, sure, but this is just fun stuff for me, not serious. So when I see someone claiming I am criminal and will be in trouble, and I know the law and that what I am doing is a civil liability at worst, it really bothers me - I know ignorance is plentiful and if we get bothered by each false thing it's a nightmare and one shouldn't even be on the internet... but claiming there is crime here is not just ignorance it is an attack because it might fool otherwise ignorant folks out there into believing that nonsense, or increase doubt - the whole fear, uncertainty, doubt mission of some of the intelligence agencies springs to mind - is that your goal, denigrade and deny? So my question is this: what specific laws do you think I have broken, or if you are talking about the community generall, that's fine but be clear about that. Laws are written out and codified and there are names and numbers for them so there is no excuse to be vague. There are also a lot of tiers and levels to law, international and maritime law, then each country at national levels, then in some it divides to state, county, city, or other similar divisions and the laws get complex and conflict and stack or not, etc. I hope you aren't so sheltered as to think that the laws from one country apply to citizens of another? It's illegal to drink in Saudi Arabia. We could both be there and arguing about "the law" but woe to us if we set up a still and take a drink. I'm not saying I'm in Australia, but if I were, would you care to explain to me what law I break by sharing a crack for some software? (heads up in case you don't know, that the copyright act 132AC requires trade or infringing at scale - you need to be an actual pirate, like selling copies at scale, to qualify for the joy of being prosecuted). Maybe things are different in your country. In any case your salivatory glee over the prospect of someone getting in legal trouble is really sick. The question stands though - name the specific violation you think exists?

 

[zen]

Frustrating but it was Chetan who made the bd claim, kyrecon just backed him up .. but I think my question at least about that is asked of the wrong person. Doesn't invalidate the other things I said so I'll leave my post, but yeah at some point when I only have so much split attention for things like this it will become better for me to just drop the project or hand it off or something. Anyway, I am at least aware I've got a slight mixup on that point. cheers

 

[kyREcon]

Frustrating but it was Chetan who made the bd claim, kyrecon just backed him up .. but I think my question at least about that is asked of the wrong person. Doesn't invalidate the other things I said so I'll leave my post, but yeah at some point when I only have so much split attention for things like this it will become better for me to just drop the project or hand it off or something. Anyway, I am at least aware I've got a slight mixup on that point. cheers

Ok, first of all, it is impossible for me to have a conversation when there is people like @c0rt3x that jump in the conversation with some total bullshit about myself. If you really want to have a conversation, then this must be only between the two of us and I would appreciate it if the other guy deletes his post and any further insults.
There is no point to waste time defending myself against imaginary claims from @c0rt3x and friends.

So, if you want to lock the thread for just the two us, then I can keep the conversation going, but I am not going to stay here and get jumped by another ten people and then have to reply to all of them.

Thanks

 

[c0rt3zx]

Ok, first of all, it is impossible for me to have a conversation when there is people like @c0rt3x that jump in the conversation with some total bullshit about myself. If you really want to have a conversation, then this must be only between the two of us and I would appreciate it if the other guy deletes his post and any further insults.
There is no point to waste time defending myself against imaginary claims from @c0rt3x and friends.

So, if you want to lock the thread for just the two us, then I can keep the conversation going, but I am not going to stay here and get jumped by another ten people and then have to reply to all of them.

Thanks

Why im jumping into conversations, mate? You've been busy reporting people, jeopardizing their jobs. If you're genuinely up for a chat, maybe take a moment to reflect on your actions before barging in. When did you become a master at mind games?

You seem to be missing the point of this group. Just a friendly reminder, especially after reporting our buddy. There's no room here for a discussion with someone as unethical as you. So, what's your agenda? Playing the victim? Do us a favor and leave, head back to your corner, and keep quiet. What ever get leaked and is shared with us it will be cracked !

What exactly are you aiming for here? Enough with the victim act. Return to your corner and hush. Your claims are irrelevant to us. The facts speak for themselves. But I guess you'll continue dismissing everything as make-believe and absurd!

 

[kyREcon]

Why im jumping into conversations, mate? You've been busy reporting people, jeopardizing their jobs. If you're genuinely up for a chat, maybe take a moment to reflect on your actions before barging in. When did you become a master at mind games?

You seem to be missing the point of this group. Just a friendly reminder, especially after reporting our buddy. There's no room here for a discussion with someone as unethical as you. So, what's your agenda? Playing the victim? Do us a favor and leave, head back to your corner, and keep quiet. What ever get leaked and is shared with us it will be cracked !

What exactly are you aiming for here? Enough with the victim act. Return to your corner and hush. Your claims are irrelevant to us. The facts speak for themselves. But I guess you'll continue dismissing everything as make-believe and absurd!

I am not interested in getting into another fight with a chicken that is attacking me while he is hiding behind a nickname.

Please don't try to play the macho while you are hiding. If you want a fair argument, then reveal your identity.

That said, the existence of you all would be unknown to myself and to many others if you had not tried to mess up with my work.

A kind reminder, that the actions of members of this forum pulled me into this.

Basically, you started everything by first promoting abuse of my work and then insulting me continuously when I took action.

Also, @c0rt3x I had the chance to dox your pony buddy in public, but I chose not to.

However, you instead are continuously trying to do this to myself.

Not that I have anything to hide, but I just wanted to point out your double standards.

Apparently, doxing is ok as long as it's just you who is doing it.

You can keep trying to intimidate me with false claims and other insults, but that only shows your current level on the human evolution map.

I came here to end the personal attacks and insults that are posted about myself, and I am only interested in getting through this.

 

[sky]

I am not interested in getting into another fight with a chicken that is attacking me while he is hiding behind a nickname.

Please don't try to play the macho while you are hiding. If you want a fair argument, then reveal your identity.

That said, the existence of you all would be unknown to myself and to many others if you had not tried to mess up with my work.

A kind reminder, that the actions of members of this forum pulled me into this.

Basically, you started everything by first promoting abuse of my work and then insulting me continuously when I took action.

Also, @c0rt3x I had the chance to dox your pony buddy in public, but I chose not to.

However, you instead are continuously trying to do this to myself.

Not that I have anything to hide, but I just wanted to point out your double standards.

Apparently, doxing is ok as long as it's just you who is doing it.

You can keep trying to intimidate me with false claims and other insults, but that only shows your current level on the human evolution map.

I came here to end the personal attacks and insults that are posted about myself, and I am only interested in getting through this.

So let me understand better your childish point of view.
We have "infos" of you, which is nothing but public shit you have around (underground forums, reversing forums and nothing else), and you call it doxing?

What about what you did then? Taking a guy, exposing him in your posts and even calling where works threatening to take action and exposing him to his colleagues? That's not doxing? If not, probably worse than doxing.

You're a liar even with yourself.
Not only that, if you think we're "low" humans, you are even worse than us, then.

Also about your awesome 0day novel tool, I have a question, why did you need some work on anticheats and shit, if your job is getting good? Oh I get it, nobody is really interested in that ripped shit.

Other than that, you can only cry about "offenses" and shit and you're also pretending to play fair or whatever is inside that little mind, full of ego, just like the other guy from BRC.

All I see here is just a scared cat that fears the water.
You assume shit and you also pretend to be the victim.
We didn't start anything, so stop twisting words and position, just you always did.

Start to man up, as you said to us, and start to be responsible of what you do and say, coward.

If you really think that your shit is uncrackable, what about a challenge? Too scared it might bee too easy ? :*

Also, please stop pretending you "defended" your work, you didn't, you just took the easy path to feel better than other people, such a manly path, ah!

 

[kyREcon]

If you really think that your shit is uncrackable, what about a challenge? Too scared it might bee too easy ? :*

To skids like you, it's definitely uncrackable. For competent people it's not.

Also about your awesome 0day novel tool, I have a question, why did you need some work on anticheats and shit, if your job is getting good? Oh I get it, nobody is really interested in that ripped shit.

The reason why I am looking for additional opportunities is because I just got bored working alone for the past few years. Shellter is doing great in terms of sales and that's why I am actively developing new features. Also, claiming that Shellter Project is based on ripped shit is really embarrassing as it's probably the only original project in that area. You wouldn't know about it because you simply don't have the technical skills to understand it.

In all seriousness, you are all hiding behind nicknames and arguing behind the coverage of a fake character.

On that basis, you are like cartoons to me.

Someone called @skybr34k3r is as real as Mickey Mouse, so I may as well call you so and it wouldn't make any difference.

When @zen is ready to end this ordeal of insults against myself, please let me know.

 

[sky]

Ah man, you're too good as a stand up comedians.
All I see are just excuses and excuses and excuses, nothing else.
Pretty cringe and sad for a grown up kid.