Phobos Incident

From 2b2t Wiki
Jump to navigation Jump to search

Phobos was a formerly backdoored hacked client, with versions 1.3.3 and 1.5.4 having contained backdoors. Phobos 1.3 contained a coordinate logger, and Phobos 1.5.4 contained a Remote Access Trojan (RAT), which uploaded the user's Minecraft passwords, Discord token, Chrome passwords, desktop screenshots, and computer files to a remote server. The coordinates to many bases were obtained and leaked, and the developers had access to the personal information of thousands of players.

Origin

Originally, Phobos was a normal private hacked client, the developers being 3arthqu4ke, Crystallinqq, ohare, and Megyn. Hand chosen individuals used the client for its advantages in crystal PVP. Travis, the developer of Wurst+2 and other known Emperium members attempt to steal the client's source code, which were eventually successful when Crystallinqq Discord account was token-logged. The version 1.3.3 soon being leaked under the radar by Emperium. To avoid the code being sold for profit, the client developers publicly released the source code.[1]

However, to get revenge, a new, better version of the client was "leaked", which included the now known backdoors. These backdoors retrieved information from the user's computer. Despite the source code still being public, the backdoored code was hidden deep inside and went unnoticed. The backdoored client was run over 4,000 times across the server in under 48 hours.[1]

0x22, a known programmer and client developer, discovered the backdoors after searching through the code for a few days. It was discovered to be able to steal Discord tokens, Minecraft usernames and passwords, and Google Chrome usernames and passwords.[1]

After the discovery became public, the developers immediately removed the backdoored code to avoid trouble. However, the damage had been done; countless bases were compromised, and personal information was collected.[1]

Many victims had reported the developers to the FBI, and archives of the backdoored code were made.[1]

Losses

Over 15 bases were griefed due to the backdoor in the course of a few days.[1]

References