Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://nya.social/notes/8199b5c5c1ebab1c0ff954a0">นาตาลี :bellsystem: (natalie@nya.social)'s status on Monday, 06-Oct-2025 04:11:02 JST</a><a href="https://nya.social/@natalie" title="natalie@nya.social"><img src="https://gnusocial.jp/avatar/3687-48-20220807192020.webp" width="48" height="48" alt="นาตาลี :bellsystem:" style="position: absolute; left: 0; top: 0;">นาตาลี :bellsystem:</a></section><article><p>i hope this sort of thing does not become more common. in western circles i have already seen editor tools that auth to gumroad, avatar gimmicks that include a dll for setup instead of using MA or providing any manual instructions... i would hope the problems are obvious<br><br>RE: <a href="https://kawane.misskey.online/notes/adhmb4ujpq">https://kawane.misskey.online/notes/adhmb4ujpq</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/5726455#notice-11236554">In conversation</a><time datetime="2025-10-06T04:11:02+09:00" title="Monday, 06-Oct-2025 04:11:02 JST">about 7 months ago</time> <span>from <span><a href="https://nya.social/notes/8199b5c5c1ebab1c0ff954a0" rel="external" title="Sent from nya.social via ActivityPub">nya.social</a></span></span><a href="https://nya.social/notes/8199b5c5c1ebab1c0ff954a0">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: proxy.misskey.online</div><h5><a href="https://kawane.misskey.online/notes/adhmb4ujpq">川音리오@osc25tk/fall@10/25(Sat.) in Asakusa! (@rio)</a></h5><div></div></header><div>So apparently, there's this semi-popular 3D Avatar artist in Japan who recently started to give out strange .exe files for the customers to... execute in order to get their avatar that they **PAID** for? When I first heard about this, it sounded like a straightup Discord scam; I thought that there's no way anyone would pay some random 3D Avatar Artists money **and then** runs their suspicious .exe file without questioning it.... Oh how I was wrong...So. If I'm hearing all [this](https://x.com/ouji_kun_v/status/1974816796206096604) dog-doo correctly, when you download the latest 3D Avatar [Pmma-chan](https://nem3.booth.pm/items/7062407) by [@nem_nem_nemri@x.com](https://x.com/nem_nem_nemri), you will **not** get an avatar file, but instead you get a 800+MiB of pure hot $[blur **malware**] **.EXE** that will:1. Ask for your booth login credentials,2. logs in to your personal booth account using YOUR Edge browser in YOUR computer, and downloads your purchased avatar for you and...3. ...will start **scraping the hell out of everything it sees in your account from booth.pm**!? 
Every single one of your past BOOTH purchases, 
alongside all of it's related metadata, even the download links that shouldn't even be shared AT ALL...it will scrape all of that while running in **YOUR PC**'s background! and4. **sends all that data log over to nem_nem_nemri(the author of Pmma-chan)'s personal backend server `pmmasoft-backend.nem2.net`.**Oh, and the best part? This **.exe file will auto-start itself** EVERY TIME you turn on your PC from now on.Was there any form of consent? → **NOPE.**Was it in their privacy policy? 
→ Honey, Pmma-chan **doesn't have** a privacy policy!This is a straight up **illegal scraping spyware without user's consent** on it's highway to a lawsuit.RN: https://misskey.niri.la/notes/adfxcd9f6h #PMMA3D</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
นาตาลี :bellsystem: (natalie@nya.social)'s status on Monday, 06-Oct-2025 04:11:02 JST นาตาลี :bellsystem:
i hope this sort of thing does not become more common. in western circles i have already seen editor tools that auth to gumroad, avatar gimmicks that include a dll for setup instead of using MA or providing any manual instructions... i would hope the problems are obvious

RE: https://kawane.misskey.online/notes/adhmb4ujpq
In conversationabout 7 months ago from nya.socialpermalink
Attachments
1. Domain not in remote thumbnail source whitelist: proxy.misskey.online
  川音리오@osc25tk/fall@10/25(Sat.) in Asakusa! (@rio)
  So apparently, there's this semi-popular 3D Avatar artist in Japan who recently started to give out strange .exe files for the customers to... execute in order to get their avatar that they **PAID** for? When I first heard about this, it sounded like a straightup Discord scam; I thought that there's no way anyone would pay some random 3D Avatar Artists money **and then** runs their suspicious .exe file without questioning it. ... Oh how I was wrong... So. If I'm hearing all [this](https://x.com/ouji_kun_v/status/1974816796206096604) dog-doo correctly, when you download the latest 3D Avatar [Pmma-chan](https://nem3.booth.pm/items/7062407) by [@nem_nem_nemri@x.com](https://x.com/nem_nem_nemri), you will **not** get an avatar file, but instead you get a 800+MiB of pure hot $[blur **malware**] **.EXE** that will: 1. Ask for your booth login credentials, 2. logs in to your personal booth account using YOUR Edge browser in YOUR computer, and downloads your purchased avatar for you and... 3. ...will start **scraping the hell out of everything it sees in your account from booth.pm**!? Every single one of your past BOOTH purchases, alongside all of it's related metadata, even the download links that shouldn't even be shared AT ALL...it will scrape all of that while running in **YOUR PC**'s background! and 4. **sends all that data log over to nem_nem_nemri(the author of Pmma-chan)'s personal backend server `pmmasoft-backend.nem2.net`.** Oh, and the best part? This **.exe file will auto-start itself** EVERY TIME you turn on your PC from now on. Was there any form of consent? → **NOPE.** Was it in their privacy policy? → Honey, Pmma-chan **doesn't have** a privacy policy! This is a straight up **illegal scraping spyware without user's consent** on it's highway to a lawsuit. RN: https://misskey.niri.la/notes/adfxcd9f6h #PMMA3D

Public

Embed Notice

HTML Code

Corresponding Notice