Jump to content

Buyer with a Backdoor virus as a project brief!


Recommended Posts


First time posting here so hope I do all the steps correctly.
Today at “buyers request” section I’ve run onto a buyer requesting a intro animation for which he attached a file for more information. His msg:


Upon downloading the zipped file and checking it I’ve realized it has an exe extension. And it was clear it’s a malicious file. At first I thought I should just ignore it. Click on “remove request” and move one. Few minutes later I’ve noticed the same post again and same buyer. (I could only see a W on his profile since he don’t have an img)


I didn’t opened the file on my pc I’ve uploaded it to few online file scanning platforms like virusdesk at kaspersky.com and virustotal.com. On both platforms file was recognised as a Backdoor.MSIL.Agent.



And again I thought I should just ignore it, since there’s no option to report buyer within BR section.
…Buuut, I couldn’t just move on, so I had to do something. So I’ve figure it out only way is to send an offer and then It’ll show up in my “sent offers” section. And there I’ll have his full account user name shown.
The fun part for me was once I’ve went to his profile I saw he has a Top Buyer status. I’ve freaked out for a second but then I’ve realised it’s just a text under the profile picture, that anyone can write anything to huh… Clicked on a report button underneath and closed the case.

Now, I think it would be good if we were able to see the full name in the BR section on web like it is possible within the mobile app. And also to be able to click on it and easily access the buyers profile. To see their ratings, status, and period that they are on the site. Before we decide to send an offer. After few chargebacks and malicious files sent my way it’s good to know a bit more of the other side before starting anything with them. Accounts that where created lately and with $$$ offers and high scale projects, approaching them with caution. Anyway, that’s what I felt a need to share here. Hope this experience saves someone from the sample.exe and similar “project briefs”.


  • Like 4
Link to comment
Share on other sites

They should:

A) scan attachments for viruses (why aren’t they doing that yet?).
B) Add a report option for buyer requests. This has been suggested for a long time and would help prevent things like this. Or at least help quickly get people intentionally attaching things like this stopped from doing it.

I saw this and didn’t trust it enough to look at the zip file.

  • Like 2
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in

Sign In Now

  • Create New...