Phobos backdoor

Phobos was a formerly backdoored hacked client, with versions 1.3.3 and 1.5.4 having contained backdoors. Phobos 1.3 contained a coordinate logger, and Phobos 1.5.4 contained a Remote Access Trojan (RAT), which uploaded the user's Minecraft passwords, Discord token, Chrome passwords, desktop screenshots, and computer files to a remote server. The coordinates to many bases were obtained and leaked, and the developers had access to the personal information of thousands of players.

Origin
Originally, Phobos was a normal private hacked client, the developers being 3arthqu4ke, Crystallinqq, ohare, and Megyn. Hand chosen individuals used the client for its advantages in crystal PVP. Travis, the developer of Wurst+2 and other known Emperium members attempt to steal the client's source code, which were eventually successful when Crystallinqq Discord account was token-logged. The version 1.3.3 soon being leaked under the radar by Emperium. To avoid the code being sold for profit, the client developers publicly released the source code.

However, to get revenge, a new, better version of the client was "leaked", which included the now known backdoors. These backdoors retrieved information from the user's computer. Despite the source code still being public, the backdoored code was hidden deep inside and went unnoticed. The backdoored client was run over 4,000 times across the server in under 48 hours.

0x22, a known programmer and client developer, discovered the backdoors after searching through the code for a few days. It was discovered to be able to steal Discord tokens, Minecraft usernames and passwords, and Google Chrome usernames and passwords.

After the discovery became public, the developers immediately removed the backdoored code to avoid trouble. However, the damage had been done; countless bases were compromised, and personal information was collected.

"this account has been token logged by crystallinqq. 汉字漢per download phobos 1.5.4 phobos 迪汉字emp字漢"

- Discord and YouTube accounts that had been backdoored began spamming this phrase

Many victims had reported the developers to the FBI, and archives of the backdoored code were made.

Losses
Over 15 bases were griefed due to the backdoor in the course of a few days.


 * The Emperium (founded December 2016) dies due to bases being leaked and doxxing (see The Emperium)
 * Elementars (high-ranking member) has e-chest/inventory cleared and is killed; stash griefed on 0b0t; gets banned from Hypixel
 * Emperium Halloween Base griefed
 * Guardsmen Halloween Base griefed
 * DonFuer 10 rebuild griefed
 * Infinity Incursion affected
 * Spookbase 4 griefed
 * Multiple dupe stashes griefed
 * Valinor (2017–2020) griefed
 * City Base griefed
 * 2b2t Party Committee Halloween Base leaked; after talking with jared2013, who had already been invited to the party, WomenAreObjects promised not to grief the base on the condition that he was invited to the party
 * Beirut griefed
 * Transylvania (Crimson Star base) griefed