Proof of moreleech/leafleech hacking clients - What happened?
What you are going to read in this post, usually doesn't happen, because we don't disclose evidence to users, but since we care, we feel it's necessary to protect our users, by making this warning post.
STAFF INVESTIGATION
If you are not ready to read huge ass post, don't bother, missing one part will make your image about this case distorted. We invested our free time to go through 40 days of investigation, and one whole day combining all evidence into one meaningful post.
This is a letter, which is targetting scamming group, coming from Bangladesh, under several names, previously advertising on WJunction. They are/were known as leafleech/moreleech/sparklinghost/newrapidleech and probably more they got up and shut down.
So, once we banned them for hacking into users account, they started trashing us.
It is time for the truth.
THE TRUTH
All started with leafleech and heart_tracker. heart_tracker complained about 40 days ago, that leafleech banned him and didn't want to refund them. So, I took the case.
We got several reports from bistarito@musafirboy, regarding trashing his thread with false comments, which were deleted. We deleted them. And then, we get report that heart_tracker was sending some random insulting messages to respected members and even administration. Of course, no one in his common sense does that, since that means instant ban. So I was reserved about whether he did it or not.
After all, he was using totally unsecured service, that never heard of password encryption, which is the main flaw in any Rapidleech. I was convinced it has to do something with revenge, we all know what kind of people is hanging there, and that competition will do anything, from DDOS, to hacking, just to put others down. On the other hand, WJunction staff has no benefit in doing so.
Now, for the record:
heart_tracker is pakistani
bistarito@musafirboy
x7x aka BT7
BiGG_BoSS
SparklingHost
Are nicknames are logging from Bangladesh, have criss-crossed matching IPs.
Main guy in all this is BiGG_BoSS character, and his email latestdownload7@gmail.com which he used to register on WJunction.
Moreleech WHMCS license is registered with same email Latestdownload7@gmail.com <--this is how we know x7x is BiGG_BoSS
It is undeniable proof of connection.
Bigg_Boss have site named warez-lab.com, that he used to send hacking messages to heart_tracker, proof can be found here:
Yahoo message header:
Gmail message header:
Proof that it's BiGG_BoSS domain is here <-this is how we know bistarito@musafirboy is BiGG_BoSS
Also IP logins from heart_trackers gmail account, show that Bangladeshi was accessing his gmail account:
We also got confirmation from Extabit (Thanks to Gfx), that this is the IP that got accessed to heart_trackers extabit account
Same IP that shows in heart_trackers posts with abusive messages, shows as IP in bistaritos justification thread:
From this, we know that bistarito used server to access WJ, and post abusive messages using heart_trackers account. Since IP is static, and belongs to RapidSwitch, we know it's not a coincidence.
Also, they (moreleech) are showing up on WJ at the same date when bistarito got unbanned, on 12th November, which is actually a new service from same 'kitchen' that was a backup plan, in case bistarito doesn't get unbanned.
MOTIVES
Motives are also required for someone to do this, and motives are obvious. heart_tracker ruined their thread with negative replies, and as revenge, they picked up all his data he entered in rapidleech, accessed all his accounts, changed his passwords and emails. This can also be confirmed by Rapidgator, Extabit, and all other services heart tracker was using through moreleech/leafleech rapidleech, where he was needded to enter own details in unencrypted system, where staff had access to his accounts at any given time. They did this after bistaritos case, 40 days ago, and another time, just a few days ago.
DECISION TIME
So, anyone who thinks we made our decision, just to put them with no reason out of business, think again. Do you really want to use a service that has access to all your file host details all the time, where it was proven, that they are taking customers details and play with them?
What you are going to read in this post, usually doesn't happen, because we don't disclose evidence to users, but since we care, we feel it's necessary to protect our users, by making this warning post.
STAFF INVESTIGATION
If you are not ready to read huge ass post, don't bother, missing one part will make your image about this case distorted. We invested our free time to go through 40 days of investigation, and one whole day combining all evidence into one meaningful post.
This is a letter, which is targetting scamming group, coming from Bangladesh, under several names, previously advertising on WJunction. They are/were known as leafleech/moreleech/sparklinghost/newrapidleech and probably more they got up and shut down.
So, once we banned them for hacking into users account, they started trashing us.
It is time for the truth.
THE TRUTH
All started with leafleech and heart_tracker. heart_tracker complained about 40 days ago, that leafleech banned him and didn't want to refund them. So, I took the case.
We got several reports from bistarito@musafirboy, regarding trashing his thread with false comments, which were deleted. We deleted them. And then, we get report that heart_tracker was sending some random insulting messages to respected members and even administration. Of course, no one in his common sense does that, since that means instant ban. So I was reserved about whether he did it or not.
After all, he was using totally unsecured service, that never heard of password encryption, which is the main flaw in any Rapidleech. I was convinced it has to do something with revenge, we all know what kind of people is hanging there, and that competition will do anything, from DDOS, to hacking, just to put others down. On the other hand, WJunction staff has no benefit in doing so.
Now, for the record:
heart_tracker is pakistani
bistarito@musafirboy
x7x aka BT7
BiGG_BoSS
SparklingHost
Are nicknames are logging from Bangladesh, have criss-crossed matching IPs.
Main guy in all this is BiGG_BoSS character, and his email latestdownload7@gmail.com which he used to register on WJunction.
Moreleech WHMCS license is registered with same email Latestdownload7@gmail.com <--this is how we know x7x is BiGG_BoSS
It is undeniable proof of connection.
Bigg_Boss have site named warez-lab.com, that he used to send hacking messages to heart_tracker, proof can be found here:
Yahoo message header:
Gmail message header:
Proof that it's BiGG_BoSS domain is here <-this is how we know bistarito@musafirboy is BiGG_BoSS
Also IP logins from heart_trackers gmail account, show that Bangladeshi was accessing his gmail account:
We also got confirmation from Extabit (Thanks to Gfx), that this is the IP that got accessed to heart_trackers extabit account
Same IP that shows in heart_trackers posts with abusive messages, shows as IP in bistaritos justification thread:
From this, we know that bistarito used server to access WJ, and post abusive messages using heart_trackers account. Since IP is static, and belongs to RapidSwitch, we know it's not a coincidence.
Also, they (moreleech) are showing up on WJ at the same date when bistarito got unbanned, on 12th November, which is actually a new service from same 'kitchen' that was a backup plan, in case bistarito doesn't get unbanned.
MOTIVES
Motives are also required for someone to do this, and motives are obvious. heart_tracker ruined their thread with negative replies, and as revenge, they picked up all his data he entered in rapidleech, accessed all his accounts, changed his passwords and emails. This can also be confirmed by Rapidgator, Extabit, and all other services heart tracker was using through moreleech/leafleech rapidleech, where he was needded to enter own details in unencrypted system, where staff had access to his accounts at any given time. They did this after bistaritos case, 40 days ago, and another time, just a few days ago.
DECISION TIME
So, anyone who thinks we made our decision, just to put them with no reason out of business, think again. Do you really want to use a service that has access to all your file host details all the time, where it was proven, that they are taking customers details and play with them?
