Unity The Villain Simulator [v46.2 Beta] [ZnelArts]

[AK_47]

That is so funny to me... I downloaded the kemono version weeks ago but didn't bother to extract files from the archive and play because I thought that those updates really don't bring anything new to the game. Really dodged the bullet there...

I always got frustrated with the way models move in VR and hoped that, maybe, the dev will fix it and when the game releases on steam I could support it. BUT NOW with all these posts about a F-ing malware in links???? Screw this dev...

 

[LudoBelle]

That is so funny to me... I downloaded the kemono version weeks ago but didn't bother to extract files from the archive and play because I thought that those updates really don't bring anything new to the game. Really dodged the bullet there...

I always got frustrated with the way models move in VR and hoped that, maybe, the dev will fix it and when the game releases on steam I could support it. BUT NOW with all these posts about a F-ing malware in links???? Screw this dev...

The dude's profile on here says New York, and using malware for blackmail and extortion falls under the jurisdiction of the FBI.



If this is true, a complaint could totally be filed at the IC3. Thing is, it pretty much has to be the victim filing the complaint.

This happened to be with a different game, I never downloaded the villain game from Kemono, I cant remember which game was it but it was from Kemono so I wouldnt trust anything from kemono since I looked it up and the ip seems to be the Kemono ip which is owned by Rusia.

Update: my discord DID get hacked. I got the blue screen WEEKS ago.

Similar to what happened to me, tho I got the blue screen from another game downloaded from kemono

 

[Whitevenom69]

This happened to be with a different game, I never downloaded the villain game from Kemono, I cant remember which game was it but it was from Kemono so I wouldnt trust anything from kemono since I looked it up and the ip seems to be the Kemono ip which is owned by Rusia.



Similar to what happened to me, tho I got the blue screen from another game downloaded from kemono

So rule of thumb is just to not download anything from Kemono?

 

[IForgor7092]

Update: my discord DID get hacked. I got the blue screen WEEKS ago. Today, someone bought 3 Nitro Basic gifts with my linked card and sent random friend requests. I have 2FA enabled, AND changed the password immediately after the blue screen, so I don't know exactly how that happened. If any technical wizards can explain this, for my security, please do. I DID change my email AND my password after today, so I might be okay?? Not too sure. Anyway, I am sure it's genuine malware.

edit: getting log ins from New York. Dev is from New York. See the correlation?

I'm quite scared now that someone else got hacked since I encountered the blue screen too.... btw does it send like random links to all of the discord servers that ur in?? and is there anything i could do to prevent it?

 

[Danbario]

This happened to be with a different game, I never downloaded the villain game from Kemono, I cant remember which game was it but it was from Kemono so I wouldnt trust anything from kemono since I looked it up and the ip seems to be the Kemono ip which is owned by Rusia.

Like I said before, it can't be Kemono doing this because the infected files are on an external file host. Only the dev and the owner of said external host would have access. The dev is committing cybercrime and trying to pin it on Kemono.

and is there anything i could do to prevent it?

Change all your passwords and sign out all devices. Since they most likely have your cookies, they could be logged in through that. Apparently, changing your password should log out all devices on Discord.

Update: my discord DID get hacked. I got the blue screen WEEKS ago. Today, someone bought 3 Nitro Basic gifts with my linked card and sent random friend requests. I have 2FA enabled, AND changed the password immediately after the blue screen, so I don't know exactly how that happened. If any technical wizards can explain this, for my security, please do. I DID change my email AND my password after today, so I might be okay?? Not too sure. Anyway, I am sure it's genuine malware.

edit: getting log ins from New York. Dev is from New York. See the correlation?

PLEASE go to

You must be registered to see the links

and file a report. Believe me, piracy of some shitty copyright-infringing porn game is nothing compared actual cybercrimes like this. This mofo needs to get got.

 

[IForgor7092]

Change all your passwords and sign out all devices. Since they most likely have your cookies, they could be logged in through that. Apparently, changing your password should log out all devices on Discord.

I already changed my pw on the first day as soon as I got the bluescreen thing but its prob the best way so ty abt that. Anyways, I hope I don't get hacked but I'll update here if something happens

 

[Copper4473]

Wow that's extremely shitty the author went to such lengths.

 

[hitman11]

With more evidence showing up, i really hope we get a warning in the main post about the dev actually uploading malware infected games to pirate sites.

 

[Reckoning10]

Are the download links from Kemono or are they safe?

 

[Danbario]

Are the download links from Kemono or are they safe?

The links in the first post should be a safe, clean version, not that I'm gonna touch it.

 

[.Sirene]

I'd definitely like to Triage it, but the service doesn't seem to be publicly usable anymore. I think it was too large to be done for free, anyway. Without it, though, I don't know of any good ways to run and fully monitor it.

You could slap it in a self-destructing VM and have it do its thing there. See what calls it's making, where it's leading and with that, you've got proof of his shitty practises. After all, it's Znel. He's a complete bitch when it comes to piracy.

I'll once again state to all here, who are just joining -

Znel said himself that he is fine with piracy so long as a contribution is made. Then, went back on his word and started banning people like the little bitch he is.

Update: my discord DID get hacked. I got the blue screen WEEKS ago. Today, someone bought 3 Nitro Basic gifts with my linked card and sent random friend requests. I have 2FA enabled, AND changed the password immediately after the blue screen, so I don't know exactly how that happened. If any technical wizards can explain this, for my security, please do. I DID change my email AND my password after today, so I might be okay?? Not too sure. Anyway, I am sure it's genuine malware.

edit: getting log ins from New York. Dev is from New York. See the correlation?

Primarily, if you have 2FA enabled - there is absolutely no way someone could gain access to your sessions. Even if using a cookie method, it's not going to work since cookies nowadays are not signed or managed like they used to be, they're a lot more strict - especially when establishing a HTTPS connection. It's impossible, unless they have physical access to your phone and/or authenticator.

The Injector from Kemono is almost certainly a scarecrow by Znelbitch, because he's been pissy with piracy for a long time now. At one point he was active on this site, but when he started sucking Patreon's taint a little more, he abandoned here and waged war against the very people who supported him early on.

I also don't believe for a second that a developer like Znel would be smart enough to build an injector for a specific website upload, only to then login to your account on Discord without using a VPN... Come on. I've met some stupid people but, that is something else. Especially if you want others to believe that.

 

[senpaiibro]

Big OoooF he should make a statement and address this, even though it was done through kemono he would still be liable as the information was pulled from his patreon page and no one would be able to modify that page other than himself on MULTIPLE occasions which is now saved and cataloged in kemono and also in his patreon backlogs.

Legal liability for damages, fraud ...... one or more patreon could say "I downloaded this from his pateron page and I been hacked, here look at the game code it's authentic".

Can you imagine getting a coke for free and inside was a note that said "you been poisoned, should have bought it yourself. - yours truly coca cola". lol

 

[HazaRealGamer]

Can you imagine getting a coke for free and inside was a note that said "you been poisoned, should have bought it yourself. - yours truly coca cola". lol

More like steal a coke and getting poisoned x) or like the thief that sued somebody because he broke into a house to steal stuff and got hurt by a trap xD ofc he lost
Honestly they would tell you just dont steal stuff...

I would just stick to trusted sources like here in f95, dev cannot touch links here

 

[Danbario]

I also don't believe for a second that a developer like Znel would be smart enough to build an injector for a specific website upload, only to then login to your account on Discord without using a VPN

The problem is, it's not actually any type of specific website injector, that's just a scare to point the blame at Kemono. All that seems to really happen is that, when he spots the link on Kemono, he replaces the file with a malicious version and puts a new link on Patreon. Any dumbass could manage that.

 

[.Sirene]

More like steal a coke and getting poisoned x) or like the thief that sued somebody because he broke into a house to steal stuff and got hurt by a trap xD ofc he lost
Honestly they would tell you just dont steal stuff...

I would just stick to trusted sources like here in f95, dev cannot touch links here

If you stole a cake and it was poisoned, and you got sick from eating said cake - you have a legal case against the person who poisoned the cake. You might think that's not the case, but - the case would be that, the baker had the intent of causing harm to someone. It was not specific who, so the intent is there - if there is intent - there is legal basis for judgement.

But there are cases where burglars for example sue home owners when breaking in, and do win. Look up the case of Terrence Dickinson, for example - he broke into a home while the owners were away on holiday. He couldn't get out of the house so he had to survive on dog food for about 7 - 8 days or so, when he got out - he sued the home owner for "Mental Anguish" and won approximately half a million USD.

From a legal standpoint, Znel doing this shit - is illegal and falls under FBI jurisdiction - as others have rightly pointed out. it's a federal offence since it spans numerous states & countries. When it reaches that point, if reported - it can be demonstrated that Znel "poisoned the well" for a specific group of individuals, thus - intending to cause panic and/or harm, and - therefore, a case can be brought against him. There would also be no judgement against a plaintiff here in this scenario since, the piracy of said game is not relevant here - the relevant would be the claim that he intentionally modified his software to target a specific group of people, and under US law - that's illegal.

 

[HazaRealGamer]

But there are cases where burglars for example sue home owners when breaking in, and do win. Look up the case of Terrence Dickinson,

Bad example, everybody knows that was just wrong, thus why everybody talks about it. To put it simple, if Terrence broke into your house and had to survive with dog food, would it be fair to you to pay half a mil to this thief? Ofc not right? Who will think that is fair? Only the thief ofc

Regardless the legality of it, this is irrelevant. From what Danbario and other people here said

The problem is, it's not actually any type of specific website injector, that's just a scare to point the blame at Kemono.

And from what I googled

You must be registered to see the links

This seems to be a prank from the dev to kemono. The Rusian characters seems to be just random text the dev put according to Rusian people commenting on the post.

As I said and repeat, I would just stick to trusted sources like here in f95, dev cannot touch links here.

 

[Frognaf]

I also don't believe for a second that a developer like Znel would be smart enough to build an injector for a specific website upload, only to then login to your account on Discord without using a VPN... Come on. I've met some stupid people but, that is something else. Especially if you want others to believe that.

Primarily, if you have 2FA enabled - there is absolutely no way someone could gain access to your sessions. Even if using a cookie method, it's not going to work since cookies nowadays are not signed or managed like they used to be, they're a lot more strict - especially when establishing a HTTPS connection. It's impossible, unless they have physical access to your phone and/or authenticator.

It is clear to me that you don't know as much as you believe you do, or you're trying to dismiss what is happening. I have 2FA enabled. My account was hacked. This much disproves that hacking an account with 2FA enabled is impossible. If you look into this at all, sources will say that yes, it is possible. I also don't think it's unreasonable to claim that a developer COULD run a backdoor into your PC, especially if the product isn't through an official market such as Steam. While it didn't add malware, Welcome to the Game had a backdoor that the developer could access to manipulate your game and render it unplayable. It's a possibility that ZnelArts is behind the hacks, but not a certainty.

 

[Frognaf]

I'm not selectively doing anything. And I'm not arguing in a vacuum here. His code could still be considered MALWARE under the US definition. It causes a blue screen, right? Which, could then fall under "Disrupts system behaviour" If you had bothered to read my post, you'd have read my point involving that.

It's not an actual BSOD, but rather a screen that happens to be blue. It's displayed in the game's window and can be exited. Still contains malware. Me and at least one other person in the thread have been hacked.

Without specific conditions being met, 2FA auth hacking without physical access to your authenticator device or knowledge of your phone number (for a SIM swap etc) is not going to be possible.

I got hacked. I don't know what else to tell you. Could it have been triggered by something else? Maybe. Still got hacked.

 

[HazaRealGamer]

Edit - I will retract my claims that this is malware, based on the merit that it does not cause a system disrupt but rather fakes one. I had thought it actually locked down the system. This was my entire argument, in which case - I was wrong.

I was typing my response just as you edited it but well, here it was what I was going to say:

Fair enough, appreciate the shift in tone.

I still think calling it “malware” is a stretch, a spoofed blue screen in a pirated build is hardly the kind of threat the CFAA was written to prosecute. but yeah we can pause the debate here cuz I’m planning to dig into the build myself on a VM and see exactly what it does. Until then, let’s put a pin in it.

Good discussion. Let’s pick it back up if anything new turns up.

 

[.Sirene]

I was typing my response just as you edited it but well, here it was what I was going to say:

Fair enough, appreciate the shift in tone.

I still think calling it “malware” is a stretch, a spoofed blue screen in a pirated build is hardly the kind of threat the CFAA was written to prosecute. but yeah we can pause the debate here cuz I’m planning to dig into the build myself on a VM and see exactly what it does. Until then, let’s put a pin in it.

Good discussion. Let’s pick it back up if anything new turns up.

As I said, I had originally believed it to be Malware based solely on it locking out the system. I was not convinced that it was genuinely taking data or transmitting since the IP was Kemono.

As for the VM idea, I had already the same idea but I'm struggling to find the exact build people are referring to - I've got a VM ready to go, and once I grab a copy I'm gonna poke about too. See what's up.

And of course, interesting discussion for sure. If anything should change, I'd be happy to discuss it further but I think Znel might not be in the market of fake-outs any further. And if he is, well, backlash would ensue I'm sure - if not from the piracy group, then from his subs. (I would hope).