How to reverse the connection on scammers :)

RedSunScamBaiter · June 3, 2023, 5:34pm

you would have the scammer connect to your VM, then take the code of the scammer and connect to it on your main conputer, then tell the scammer waiting for other party, or somthing like that, when they hit accept go to the VM they are connecting to and hit accept, then download, and transfer the files needed. After that happy scambaiting

Nigella · June 3, 2023, 5:48pm

So, in this situation, is that all tat needs to be done on the host?

ScorpionMIT · June 4, 2023, 5:16pm

You really shouldn’t use your main computer. Use a second VM if you are going to attempt this.

RedSunScamBaiter · June 5, 2023, 9:23pm

that is a good idea. thank you for sharing

p4th0gen · July 5, 2023, 1:02pm

agreed, I wouldn’t let these guys possibly see, realize, or worst case touch metal.

p4th0gen · July 5, 2023, 1:02pm

So your clear and I understand in this for instance… Clone a Widows VM let him conect to one and then pull something like the old " it popped up but now its gone" then send him an invite with escalated privs … Cuz he thinks we’re ‘stupid’ he accepts because he thinks he is in control ? That part was slightly vague , thanks.

KINGOFKINGS · July 10, 2023, 3:35pm

I would actually need his device to be the remote device to be able to mess up with his saved files. how could i do that, he needs to accept the connection request.

when i would be messing with his files ie copying and deleting them wouldn’t they be visible from his side while he is actually on the other V.M

if there are some settings i should do could you kindly send me a screenshot on how the settings should be for messing with his system for me not to be noticed.

KINGOFKINGS · July 12, 2023, 1:46pm

thanks for the info. have a couple of new questions.

does your system work just on anydesk.
what program do you suggest me install to be able to do the calls.

I am from Malta so i do not have a USA number.

cheers

d3k4-k3rb3r0s · September 7, 2023, 1:05am

Im not new to hacking or security, but new to scambaiting…

the idea i had in my head for approach wasnt necessarily reversing anydex.

I was thinking more like merge every fucking file on the entire VM machine with a payload, so when the idiots start taking juicy looking files… like any other juicy bait trojan file.

i mean it can be anything from ajuicy “bank info” pdf, to nudes, to images of “my” id card

is that an explored avenue, or is everyone just reversing anydex?