A user named VitaminX uploaded bitcoin miner attached to an installed for BG3. The admins removed the upload after community protests went viral, but VitaminX is for some reason not banned.

Is the site compromised? Was VitaminX splitting the profits with a rogue admin?

  • normonator@lemmy.ml
    link
    fedilink
    English
    arrow-up
    73
    arrow-down
    1
    ·
    1 year ago

    There’s malware all over that site, you download from known good uploaders or roll the dice.

    There is no such thing as a safe torrent site.

    • PsychedSy@lemmy.world
      link
      fedilink
      English
      arrow-up
      17
      ·
      1 year ago

      Even private/exclusive sites get a bad torrent sometimes. At least there you can trust the comments, though, so it gets sorted out quickly.

      • Dizzy Devil Ducky@lemm.ee
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        edit-2
        1 year ago

        Doesn’t matter how good of an uploader you are or what position you are in. You shouldn’t trust anyone online sharing pirated material.

        Nobody is trustworthy.

  • empireOfLove@lemmy.one
    link
    fedilink
    English
    arrow-up
    74
    arrow-down
    3
    ·
    edit-2
    1 year ago

    Does that user have other popular uploads that might disappear if they were banned?

    It’s entirely possible that whatever cracker they got their upload from snuck the miner in without the uploader’s knowledge. Always a lot of iffs when nobody will ever really know the truth.

    Not the first time weird drama has happened in the torrent scenes and won’t be the last. Just more reinforcement to scan all your downloads and consider sandboxing them until you’ve proven them to be clean

    • Waker@lemmy.ml
      link
      fedilink
      English
      arrow-up
      36
      ·
      edit-2
      1 year ago

      He actually was on the 1337x comment section defending himself and at a point he said he downloaded it from [Russian website] and only repacked it. He said we could go download it from there if we didn’t trust him, but I also got a virus warning from that one…

      • Admiral Patrick@dubvee.org
        link
        fedilink
        English
        arrow-up
        30
        ·
        edit-2
        1 year ago

        “There was a sign down at Ramsett Park that said ‘Don’t drink the sprinkler water’, so I made sun tea with it, and now I have an infection”

        It’s cool you investigated and found out they did just (accidentally?) repack a dirty copy, but it definitely reminded me of that lady from Parks and Rec.

        • Waker@lemmy.ml
          link
          fedilink
          English
          arrow-up
          5
          ·
          edit-2
          1 year ago

          That’s true, I didn’t embark on this journey of testing all the clients on my on will though.

          Something I realised is that “Baldurs Gate 3” will wield very different results from “Baldur’s Gate 3” . The files with the apostrophe seem to be legit, or… At least legiter

      • empireOfLove@lemmy.one
        link
        fedilink
        English
        arrow-up
        27
        ·
        1 year ago

        So he “repacked” it and either A. Was dumb enough to not verify wtf he was repacking, or B. Intentionally added the miner.

        Don’t look like a real smart cookie with either option lmfao

    • Unruffled [he/him]@lemmy.dbzer0.comM
      link
      fedilink
      English
      arrow-up
      25
      ·
      1 year ago

      I guess it’s possible. But looking at that VitaminX’s other uploads, many of them were scammy uploads of uncracked games etc. How they qualified for VIP uploader status in an open question that should really be addressed by 1337x.

    • Neuromante@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      20
      ·
      1 year ago

      /r/piracy has become /r/piracymemes. The first actually useful thread since the new mods took over and they close it. It’s pretty clear what they are doing with the sub.

  • Waker@lemmy.ml
    link
    fedilink
    English
    arrow-up
    24
    ·
    edit-2
    1 year ago

    Downloaded that torrent, thought it was weird that it triggered my AV. Usually I just assume it’s a crack file or something, and even Windows defender will say it’s a “game crack” file or something on the threat information.

    However, BG3 being released on GoG I found it odd… And it wasn’t even detected as a game crack file or wtv it’s called. Ended up downloading one uploaded by InsaneRamZes which ALSO was detected by AV…

    I’ve ended up downloading about 4~5 clients to finally find one that didn’t trigger it… The amount of trash that was going around is insane.

    The one I finally found that doesn’t have a virus was from a private tracker. (which was the RUNE release)

    Edit: Just checked on 1337x and this one that I had from InsaneRamZes has also been removed it seems. I can’t actually find a BG3 full game torrent on there atm… But I did manage to add the tracker to my private tracker’s RUNE download so I’ll be sharing with you all too 🤝

  • ciberConas3000@lemmy.world
    link
    fedilink
    English
    arrow-up
    20
    ·
    edit-2
    1 year ago

    I use rutracker for the most part. 1337x is blocked in my country and something feels off about the mirror. I do enjoy these types of dramas though, have to admit.

  • AphoticDev@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    14
    arrow-down
    1
    ·
    1 year ago

    The short answer is no. Why would you even ask that? Piracy is never safe, and you take responsibility for downloading stuff based on nothing more than the word of strangers you’ll never meet that it’s not infected with something that’s going to steal your banking information.

  • Dizzy Devil Ducky@lemm.ee
    link
    fedilink
    English
    arrow-up
    11
    ·
    1 year ago

    Things like this fiasco only reinforce the rule of never trusting people online.

    At any point they may end up screwing you over, no matter the position they are in.

  • ram@lemmy.ca
    link
    fedilink
    English
    arrow-up
    10
    ·
    1 year ago

    1337 should be used with extreme caution. The fact that admins are removing negative comments even makes that a useless method of gauging file safety.

    But of course, any tracker can have malware in their software bundles, and you should treat all with caution, especially public-facing ones. But I personally will be avoiding 1337 from hereon, for sure.

  • redballooon@lemm.ee
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    Was VitaminX splitting the profits with a rogue admin?

    Uh, a conspiracy theory in the baking.

    • 雨 月@feddit.de
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      In the baking? This literally came up the second this situation arose. People jumped from “This upload has a miner” via “People got banned for reporting it” to “The proceeds from the miner go directly to the admins” within one single post. And all most people had to say was “Well, where do I go now?”.

  • 雨 月@feddit.de
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    IMO, resources like the Megathread create a false sense of security here. People read something on there and think downloading anything from sites on the megathread is absolutely safe. Just like any admin of a torrent site can´t catch anything bad before it can cause any damage, the authors of the megathred also can´t be 100% aware of each and every upload on every one of the sites featured there.

    Just use your brains guys. We´re talking about piracy here after all!

  • President_Obama [they/them]@hexbear.net
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Just do a scan of your machine if you downloaded pirated games from non reputable sources. Get a few uploaders you know the community trusts and where they post links to their releases

    • TheQuantumPhysicist@programming.dev
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      For the love of God stop giving bad advice. Anti virus software cannot protect you from all viruses. Viruses are trained against anti virus software nowadays so only behavioral detection may help.

      Trusted community and uploaders is the only way this works.

      • President_Obama [they/them]@hexbear.net
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Alright, just format your machine if you downloaded pirated games from non reputable sources. Get a few uploaders you know the community trusts and where they post links to their releases

    • PolarisFx@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      I agree the game is worth it. What bugs me is that Larian always releases games for really cheap during EA, then raises the price slightly after release.

      This game though, was full AAA price from the start, so I believe a good chunk of the price of this game is going to Hasbro for D&D licensing. And like fuck those guys are getting my money after all the shit they pulled.