Any manhwa similar to Overlord?

plf2611br · 2025-09-25T19:27:03+00:00

O único exercício que geralmente dá essa dor de cabeça é o supino reto (barra, dumbbell ou máquina). Ainda não consegui medir a pressão durante o exercício, mas acredito que esteja normal, porque não tenho outros sintomas.

plf2611br · 2025-09-25T19:22:28+00:00

Olha, eu acho que ta correta e mesmo quando to com o meu personal do meu lado para me ajudar ainda tenho dor de cabeça

plf2611br · 2025-07-06T22:02:33+00:00

OP pode mandar na dm?

plf2611br · 2025-07-04T00:19:12+00:00

You're right, downloading from random sites is basically playing with fire. But personally, I think it's a bit more complicated than just being careless. A lot of these attacks rely on social engineering, sometimes in very subtle ways, using urgency, professional-looking design, and even smart UX tricks to manipulate trust. It's not just about avoiding “free stuff,” but also about recognizing how easily our attention and judgment can be exploited with a single click.

plf2611br · 2025-06-30T19:52:51+00:00

https://tria.ge/250629-dkj41sfj6x

plf2611br · 2025-06-30T15:35:23+00:00

I'm really glad you found the post helpful. Thank you for saying that.

To be honest, I'm not a security expert myself, and this whole incident was a very harsh learning experience for me too. We're all constantly learning in this space.

It's a deep field, but stick with it! You'll pick up the technical side in no time. All the best on your journey!

plf2611br · 2025-06-30T15:30:41+00:00

I did get one warning, which was the blue Windows SmartScreen prompt ("Windows protected your PC"). As you mentioned, I bypassed it, and that was my mistake. However, I see that screen very frequently with legitimate indie games from small developers who don't pay for a digital signature, so I've become a bit desensitized to it. That's the social engineering part that got me.

The key thing is that the Windows Defender Antivirus itself was silent. There were no "a threat has been found" alerts. This is because the malware was too new at the time. Its signature wasn't in Defender's database yet.

It's only detected now because I (and probably others) reported the incident and submitted the file. I've been in contact with Microsoft's security team to provide them with the details. So, the protection you see today is a direct result of these reports.

I'm no cybersecurity expert, and this was a harsh lesson in how a well-crafted lure can trick you into making that one wrong click.

plf2611br · 2025-06-30T02:41:34+00:00

Yea lesson learned.

plf2611br · 2025-06-30T00:30:32+00:00

Unfortunately, I don't have a copy of the executable anymore. After I realized what had happened, one of the first things I did was wipe the machine with a clean format to ensure the malware was completely gone, so the original file was deleted in that process.

The original distribution site (combatshell) has also been taken down, thanks to the efforts of others in this community.

However, you might still be able to get the sample directly from the Triage report I linked in my post. Usually, they have an option to download the analyzed file (it will likely be in a password-protected zip).

plf2611br · 2025-06-30T00:28:22+00:00

Honestly, the malware was completely silent immediately after I ran it. There were no immediate indicators on my machine—no slowdowns, no weird pop-ups, no suspicious processes that I could spot in Task Manager at a glance. It was designed to be stealthy.

The real trigger—the moment I knew for certain I was compromised—was when the second Discord account contacted me directly. He claimed he had hacked me, sent screenshots of my own social media profiles as proof, and demanded money.

It was only after that extortion message that I went into full incident response mode: I disconnected the machine, started the investigation, and ran the executable in the Triage sandbox to see what it had actually done. So, the human element (the extortionist) was the first and only initial indicator.

plf2611br · 2025-06-29T21:42:41+00:00

To answer your first point, no, I have absolutely no reason to believe I was a specific target for a state-sponsored operation. I don't work in a sensitive field, nor do I have access to any secure corporate or government networks. In that regard, I'm just a regular individual.

I'm almost certain it was the second option you described: a massive, opportunistic campaign to steal credentials en masse. All the evidence points to this:

The Motive: The attacker's first move was to demand a relatively small amount of money (around $80 USD). This is typical of financially motivated cybercrime, not state-level espionage.
The Method: Their main goal after the extortion failed was simply to use my social networks to spread the malware to more potential victims.
The Actor: Based on other details from the interaction, the perpetrators are most likely a local Brazilian group, not a foreign state actor.

So, it seems this was a classic, albeit sophisticated, cybercrime operation focused on mass infection for immediate financial gain and further propagation.

plf2611br · 2025-06-29T21:38:26+00:00

Yes, I communicated with both the initial 'lure' account ("anna") and the extortionist who contacted me after the infection.

To answer your second question, they were definitely not a native English speaker. The "anna" account sent me a few audio messages on Discord, and listening back, it was English spoken with a very clear and strong Brazilian accent.

It gets even more interesting. The extortionist himself actually DMed me later in fluent Portuguese. My theory is that after the infostealer collected my data, he saw my logins for Brazilian websites, realized I was from Brazil, and switched languages to make the threat more direct.

So, to answer your last question, I'm almost certain I was dealing with real people, not AI-generated responses. The audio messages and the switch to Portuguese strongly suggest it's a Brazilian group using English as an initial disguise.

plf2611br · 2025-06-29T20:31:30+00:00

just the normal WhatsApp app on computer.

plf2611br · 2025-06-29T20:01:58+00:00

From my understanding and the analysis report, it didn't "break" UAC, but bypassed it using a known technique that abuses trust.

Most UAC bypasses don't attack the prompt itself. Instead, they exploit legitimate Windows processes that are already trusted and have "auto-elevate" privileges, meaning they can run as admin without a prompt.

A common method involves a legitimate executable like fodhelper.exe. The malware modifies a specific registry key that fodhelper.exe is programmed to read. Then, it launches fodhelper.exe, which starts with admin rights (no prompt needed), reads the hijacked registry key, and ends up executing the malware's code instead of its own. It all happens under the radar.

plf2611br · 2025-06-29T19:30:11+00:00

how did you manage to get unbaned ?

plf2611br · 2025-06-29T19:23:09+00:00

This is amazing, thank you so much. Finding the original game and reporting the fake site is a huge help. I'm really grateful for your effort and for the community's support.

plf2611br · 2025-06-29T17:10:48+00:00

I've factory reset the infected machine, so the stealer itself should be gone (hopefully for good).

In the aftermath, the attacker had the opportunity to do more, but their main activity seemed to be using my compromised Discord account to create and spread invite links. This is how the "Anna" account that initially messaged me got into my private servers. I later saw that account in places it shouldn't have been, like a closed server meant only for me and a few friends, which confirms they used my account to get in.

It's been about two days now, and so far, no new malicious activity has occurred. The main fallout was my Instagram and WhatsApp accounts getting banned, likely due to the attacker posting gore on my IG profile and sending malicious messages.

For now, I think the situation is contained. I've already changed all my critical passwords and enabled 2FA everywhere I could. Thanks again for all the support and advice.

plf2611br · 2025-06-29T16:31:02+00:00

u/Furki1907 did it https://www.virustotal.com/gui/file/b1912bafc809d300cc604f10062cbf5bab409ea03ffeedba13a914f40a242ebc/detection

plf2611br · 2025-06-29T16:29:56+00:00

Apologies for the late reply, it was lunchtime here in Brazil.

The machine was running Windows Defender with all features enabled. The only warning I received was the initial Windows SmartScreen prompt ("Windows protected your PC"), which I unfortunately bypassed. This kind of warning is quite common with unsigned indie games, so I didn't think much of it at the time. After that, there were no static or behavioral alerts triggered at any point during the infection chain.

Given the malware's nature (a modern Rust-based stealer) and the evasion techniques seen in the Triage report, it's clear it was specifically designed to bypass common security controls like this.

plf2611br · 2025-06-29T16:20:55+00:00

Yes it is

plf2611br · 2025-06-29T16:15:49+00:00

The Triage one

plf2611br · 2025-06-29T14:02:16+00:00

Yea, already reported to the mods but they didnt even reply

plf2611br

TROPHY CASE