Categories > Etc > Disputes >
CW // Mercury - Lies, Lies, Skidding, and Illegal Activites, what a disaster!
Posted
Hello Guys, Nori Here.
While I was looking at ROBLOX Exploits on Youtube, I saw this executor called "Mercury".
Now what intrigued me about this executor was the bold claim of a "Custom API / Custom DLL". This claim is very bold as of now because of Inlining, so me and my buddies (ImmuneLion318, Cybuh) have come to investigate.
Youtube Video in Question: https://www.youtube.com/watch?v=9hhZNlscNd0
While we were investigating this executor, we found a lot of suspicious things, and we like to share them with you.
Category 1: Lies, Lies, Lies
The "Custom DLL", as it turned out, was "in development", and would be "better than KRNL".
https://cdn.discordapp.com/attachments/958900265103282176/958901789174935592/unknown.png
However, this was farther from the Truth. They in fact had no developer, and was looking for one.
https://cdn.discordapp.com/attachments/958900265103282176/958901772192215131/unknown.png
However, they didn't know the current prices of DLL Developers, so they backed off once I told them he was expensive.
The developer himself promised things that no one like him can actually do:
https://cdn.discordapp.com/attachments/958900265103282176/958905787772723280/IMG_0049.png
He puts faith in Virus Detections:
https://cdn.discordapp.com/attachments/958900265103282176/958906273192112158/IMG_0050.png
And made false accusations about the Synapse Developer being gay:
https://cdn.discordapp.com/attachments/958900265103282176/958906327424454686/IMG_0051.png
Category 2: Skidding
The bootstrapper is made in WPF while the Executor itself is made in Winforms. This inconsistency makes no sense especially if the less important program is made in a better design platform.
And as it turns out, it is based off Hexo / Serenity:
https://cdn.discordapp.com/attachments/883245267019784225/958915216014467173/unknown.png
Pasted from Fadh's Bootstrapper Video:
https://cdn.discordapp.com/attachments/958900265103282176/958905577902338048/unknown.png
Executor Pasted PareX Monaco:
https://cdn.discordapp.com/attachments/958900265103282176/958907361223917578/unknown.png
The owner apparently not knowing who PareX is:
https://cdn.discordapp.com/attachments/883245267019784225/958915297283309648/unknown.png
Skidded Listbox:
https://cdn.discordapp.com/attachments/958900265103282176/958905073646333952/unknown.png
Category 3: Suspicious Behavior
As they use KRNL API as of now, they added a shady KRNL Bypass:
https://cdn.discordapp.com/attachments/883245267019784225/958915368510980206/unknown.png
https://cdn.discordapp.com/attachments/958900265103282176/958901458168864788/unknown.png
This executor straight up hooks to your startup, no where in the UI to disable it, and no way of knowing (why?)
https://cdn.discordapp.com/attachments/958900265103282176/958908266413457419/unknown.png
https://cdn.discordapp.com/attachments/958900265103282176/958904549291216947/unknown.png
https://cdn.discordapp.com/attachments/883245267019784225/958915432658636850/unknown.png
Everyone in our team who has used Mercury has had this happen. They don't even ask for consent.
The Executor also sends your raw IP Address, not protected, RAW:
https://cdn.discordapp.com/attachments/958900265103282176/958903999044661308/unknown.png
Illegal HWID Grabbing:
https://cdn.discordapp.com/attachments/958900265103282176/958903795813847050/unknown.png
They don't have a privacy policy, in fact they straight up lie to you:
https://cdn.discordapp.com/attachments/883245267019784225/958915511956164669/unknown.png
Mercury makes an Unknown Request:
https://cdn.discordapp.com/attachments/958900265103282176/958905915275362374/unknown.png
Mercury opens something (we are not sure what):
https://cdn.discordapp.com/attachments/958900265103282176/958905979213344828/unknown.png
(Thanks to ImmuneLion318 for his findings)
We bypassed Mercury BTW:
Old:
https://cdn.upload.systems/uploads/zdOBbHZH.gif
New:
https://cdn.upload.systems/uploads/yO4C1PAt.gif
(Thanks again ImmuneLion318)
Conclusion:
We don't think Mercury should exist at all. What they are doing in terms of logging is borderline illegal and their lies over themselves and other exploits ruins their credibility and their future. As of it's current state, we do not believe this exploit will survive due to it's poor leadership and shadiness, and we don't think anyone should use this.
Discord Server, please don't spam (bad etiquette), but please warn the over 240 members in their discord server about the Executor's shady activities:
https://discord.gg/EB6dUyR3jN
<3 N4ri
---
Exploits i use: Comet
Scripts i use: anything cool
Replied
Vouch Nice Cw N4ri This Was A Great Time We Got To Chill And Do This
Cancel
Post
Replied
Vouch
must be something chars
Cancel
Post
I am Styx/JJ.
I am gone, I will no longer use this account, and this account is gone. Bye 👋
"Questionable intellegence, but I like the mystery" - CubeFaces
https://cdn.discordapp.com/attachments/1136067487847415848/1138948596679589898/sig.png
Replied
Bruhh.. I laugh on the Video but heck nice CW
Cancel
Post
https://media.discordapp.net/attachments/996322272547704845/1016492646820233246/standard.gif
https://cdn.discordapp.com/attachments/1074291934501290087/1085354909609754775/PelicanDevelopment.gif
Replied
Oh boy here we go again
Cancel
Post
Replied
Damn logging ip? Grabbing HWID? for what? Bruh
Cancel
Post
https://cdn.discordapp.com/attachments/1088161134621773975/1088481077401751552/Untitled.png
Replied
Another great CW by N4RI, this kid full on made whole a* false accusations, and was overall very dumb.
Cybuh#0762.
Cancel
Post
Just Cause You Cracked It Doesn't Mean You'll Get The Best Out Of Them.
"How do I zoom out?" - kali#5751
Replied
i just send this cw to his server then i got ban/deleted
update: video is deleted
nice cw nori
Cancel
Post
https://cdn.discordapp.com/attachments/895548946578030592/959378680763805736/hi_ricecracker.png
Replied
Vouch. I hade no idea! Thank you for spreading the word!!
Im Lethal from the post btw.
Cancel
Post
<3 N4ri
---
Exploits i use: Comet
Scripts i use: anything cool
Replied
so Bobby is n4ri gotchu
Nice CW
Cancel
Post
https://media.discordapp.net/attachments/1013939973671624917/1027279180192292944/unknown.png
https://media.discordapp.net/attachments/1010670716062007347/1108945330847883274/image.png
Replied
Lol
/charssssssssssssss
Cancel
Post
simp for immune
Replied
Vouch, what a bad developer. They should not be in this community at all.
Cancel
Post
Mail me at sirweebdev@protonmail.com if you have any questions or you want to say anything to me, I'll reply (maybe).
Users viewing this thread:
( Members: 0, Guests: 1, Total: 1 )
Cancel
Post