Your Discord Messages Are For Sale (4 Billion of Them)
Vložit
- čas přidán 2. 05. 2024
- Get 20% off DeleteMe US consumer plans when you go to joindeleteme.com/seytonic and use promo code SEYTONIC at checkout.
DeleteMe International Plans: international.joindeleteme.com/
0:00 Intro
0:15 Discord Messages for Sale
4:22 DeleteMe (sponsored)
5:09 Telegram Vulnerability
8:00 iMessage Exploit
===============================================
My Website: www.seytonic.com/
Follow me on TWTR: / seytonic
Follow me on INSTA: / jhonti
=============================================== - Zábava
Oh, how great.
So, an army of bots was used to join servers, request through every message and digest them to a ready-to-sell format... Honestly, I thought this would happen sooner...
The 🇪🇺 European union will decend on them once they hear about this
@@IdontKnowAtAlllol oh no, not the strongly worded letter to ask them to stop!
It already happened once, that site got sued to oblivion by discord.
It did happen sooner, just way fewer people knew about it. Also not counting the times armies of bots joined servers just to check what users were in those servers
@@IdontKnowAtAlllol Read on the eIDAS legislation, unless you want the "almighty" EU to legally force browsers to include government root certificates and spy on everybody, just the way facebook did with their VPN. The EU isn't as good as people make it up to be.
"currently remains anonymous" you hear that unknown, you're "unknown" 😊
they better not leak the "src" of the site 😊
@@claytontdm omg, lmaoooo
yeah 😂
As a quick note for anyone curious. The youtuber No Text To Speech has gone over the situation and other accounts likely owned by the same user.
I tried to purchase credits yesterday and I still have zero credits :D Wouldn't be surprised if the owner gotten scared after seeing NTTS's exposing video and going to disappear soon.
Edit: I received the credits after 19 hours and 2 emails
yeah, Seytonic just didn't do his research when he said "it's not clear who runs the site"
@@sehnyu1652in his defence ntts's video wasn't up until today and it's also more of a media focus then mega dangerous thing. He also makes videos with a lot larger range then ntts
I don't think it's smart using your credit/debit card on that website
@@pr3cious193 I don't think it's smart to comment on topics you have no idea about. Even if I wanted to, I couldn't put my card infos there because they only accept crypto....
@@pr3cious193 didn't seytonic say that payment there is crypto only?
Soon on the market: "data for training A.I. algorithms. No copyright, we totally didn't steal it"
imagine training AI on 9 years old discord users AND (not calling 9 years this) .. so, and cancer discord users
@@AEGISAOE I have the same thing with only 800 servers and it's shit data. 300 million messages and a few million users and complete and utter shit data. A waste of time really unless you want your bot talking like someone in the roblox server lmao This is the last thing anyone should be worried about because Discord won't be able to fix it. Only take them down. Just treat Discord like a townhall unless in DM with a friend
@@zr9757 are those huge streamer servers where people talk all the time and chat never stops. ik its also botted, because they dont reply to dms or reply to my messages
I mean... yea, Public servers are public and everyone can read the Messages and copy that data. This is interesting to know, but not at all a suprising...
The scale of 4 billion messages is impressive and more than I would have expected.
well, that's actually true, they are public , so, should not be problem. only problem appears when someone makes profit. people dont like others making money
@@AEGISAOEtrue public servers are public servers i think the issue appears when you cant remove your details from the website (if watched NTTS video or visited the website recently you will know that you still cant no matter what has changed on the website) as well as the multi server tracking since public message loggers using vencord etc are a thing but being able to view most or all servers a user is in can be a issue.
discord even has a search function albeit a bit s**ty
@@williamisl6612 you know how websites work? there is a frontend (what we see in browser) and a backend (code, database and so). Removing your personal details from website won't do much, because who has the data can rehost..
Now can we talk about how the guy who founded Discord (Jason Citron) sold the personal data of every user of his previous platform to a Chinese data scrapping company?
im sorry but we cant we just dont feel like it sorry
Yup.
Okay, so it's just public servers. It's on you for posting sensitive stuff to a public forum in the first place.
anyone can submit links to the website, including private servers.
Yeah no. It's more than just public servers lol
@@BR-ty3hx It's not. They got these messages by making a bunch of bots and sending them to different servers then scraping the messages in said servers, thus dms are unaffected (as stated in the video) because there's no way of seeing dms between people unless one of the users are hacked.
@GhOs7-Operator There's a difference between accidentally leaving something in a public place and deliberately thinking "Yup, this is a message that I think is suited for a public server with 1k members that can be joined by anyone at any time who can search for my messages".
I don't use public forums, but Discord taught me they can't be trusted. Worse, Discord has idiots victim-blaming their users on their behalf.
lmao. many years ago i was telling people to not put details on discord that could come back on them, people with large bitcoin wallets etc. what i said, is every so often i hear about some person getting violently assaulted in their house and there is a pattern to who. not that my warning was listened to.
They already were up for sale, Tencent (partly owned by CCP) owns a 38% share in discord
Source of it being up for sale?
@@prieadieu he means that we already sold our shit to china
It really doesn't matter unless Discord themselves wants/needs the money, in which case they would do anything the CCP/Tencent wants them to!
You would be surprised at how many gaming companies Tencent has invested in (there is a Steam curator "Owned by China" if you wanna know this about your favorite games).
Publicly traded companies really have no say on who invests in them, but they can always ignore it (Blizzard being good example of someone who did listen) :P
Btw I couldn't find a direct answer to how to invest in Discord. They aren't public, but many companies have invested in them.
that doesnt mean anything lmfao, even if they want to sell the info thats on discord they dont have their hands on the server they just make business decisions
@@prieadieuI made it up for dramatic effect
"it's not clear who runs the site"
ntts: boi I got news for ya
I think there's a problem with Discord often being used as an alternative to a website for hosting content and information, which can't be indexed and found via internet search engines. I think if instead of selling the data it was rehosted in an indexable website format that could be a useful resource for everyone.
I hate this trash and I wish it would be indexable by search engines
If a cyber criminal is using telegram for chat, they're probably not a good cyber criminal.
What's a good platform 🤔
@@iabakarnone of them
obviously!
@@iabakar matrix obviously lol
Ah, so that's what (some of) those mysteriously quiet bot accounts track.
They randomly join large servers but do absolutely nothing visible in there, blending in the member list when not watching new joins.
The servers I've helped out in or own have various verification approaches that nullifies these bots their tracking.
This either by exploiting them automatically selecting the first option of all roles or verifying manually after some back-and-forth.
Good to have confirmed that this is an effective effort and worth keeping up with.
_Mental Outlaw is going to have a field day in his upcoming video with that news_ !
I discovered a few days ago that my password is only worth 4 dollars on the dark web. Discord messages only sell for 10 cents is crazy cheap. Our privacy is worthless nowadays. Hackers and scammers rule the world.
riiight.. and not politicians and their master from shadows? riight...
@@user-td8ng4dn1r It's a turn of phrase you dip
@@user-td8ng4dn1r Politicians are scammers you good for nothing commenter... Stealing tax payers' money. If you trying to be smart then at least do it better
@@user-td8ng4dn1r false, it is I whole rule the world
@@gideon5942 yessssssssssssssss
well looks like I'm screwed if my discord messages are getting leaked 😂
well tbh if you're posting on a public server you should know its "public"
it's only for public servers so if you put personal info into a public server that's your fault
That's not how that works. Nobody expected people to scrape the entirety of any discord server they were in.
They are not only for public servers there was a link to request ADDING to a server, meaning all you need is to send an invite link to the owner of the site, and specifically targeted LGBTQ, politics and other servers.
@@r8gg what you said makes quite literally 0 sense. It targets public servers
@@user-ye6dg4wv6m He is saying that the website has the ability to scrape any server if you submit an invite link to them
Today is a good day 😊 thanks for the upload 😊
Best cyber news channel.
Your great at putting it into easy and understandable terms. 🎉🎉😊
Owner got spooked by notexttospeech's video xD
So you are telling me the Telegram Desktop client just executes whatever attachment you have... I feel like if the Python attachment vulnerability is fixed soon a new one will be discovered soon, just find an extension not in the list that people might have installed and bundle some arbitrary code in it! Also if this is targeted to someone you know it might be even easier since you know the programs installed...
EDIT: Just think about all the legacy extensions that still work.. I feel like this could be full of vulnerabilities
For the discord one I would recommend: NO TEXT TO SPEAK Which explains everything in a more detailed way, Something you shouldn't really cared about.Because it's public information not private information, plus uncovers the person who is behind it
@GhOs7-Operator nonsense analogy - you haven't lost anything by someone reading your messages in a public forum any more than you have lost something by me reading your reply. I have just copied your whole comment here on YT and I will be saving it on my server - am I breaking into your house?
A better analogy would be "if I said something in a crowded place and you heard me say it, can you use that information". While we can sit here and argue whether it is ethical to do it, this doesn't change the fact you shouldn't say private and sensitive things in public or if you do - you should expect that someone might have heard them.
"it's not clear who owns the site" * ntts walks in*
This isnt problem. Irc and archives of its channels was very important with good search. I see this only beneficial for all.
Corrections for spy pet:
- The screenshot you see on the home page isn't really showing messages of any random user but for some prominent people in Discord datamining and scambaiting community
- It is known who is behind the site, it's the user named "Unknown"
- Request removal now actually leads to some other page with supposed methods of requesting data removal, but it's doubtful that it's true
Watch the recent video by No Text To Speech about this topic for a better explanation
2:36 There is a opt-out button now instead of the "request removal" button. This redirects you to a blog post where it says you can send an email to them to opt out if you are within the EU (GDPR). There is also a section for people not in the EU, but that one sounds more like "maaaaybe" we are going to opt you out.
Edit: Some people say this is probably just a scam. And regardless, better don't put your real name there. (Theres also a good NoTextToSpeech video about this)
I wouldn't be surprised if he keeps the data fully intact but is then able to bolt on the additional information you've just given him to the existing data he has.
It's a one person operation - i highly doubt he'll take GDPR requests seriously.
It's just another reminder to be careful about what you put on the internet.
do they sell infos from dms as well or just servers???
I checked a server with 456k members
No info on it lol, I also checked mine, and a few others with less than 10k members none came back with anything.
Also this isn't the first time something like this has happened, few years back same idea but they seemed to be far more advanced (in the sense it knew of 15+ servers I was in) along with testing it on friends some of which listed them in 40+ servers.
Regarding the Telegram exploit, I think they should do it the other way around: instead of having a list of “unsafe” file formats that are blocked, maybe they should just have a list of “safe” file formats and block everything else. That would be future-proof in case new file formats appear.
Ntts did a great video about this website
Okay, you have to give it to them, that "Request Removal" button is hillarious.
It is their key flaw. If anything screams "sue me because I'm a scammer" it is that link.
Well that's great...
How can u scrape a private secure server?
Do u mean public messages?
In other news, water is wet.
We really should transition to whitelisting accepted file extentions, possibly with a selection menu in settings...
Blacklists are a recipe for overlooking important things...
I visited the site today, you can apparently actually request data removal now
Maybe watch the video from NoTextToSpeech. He uncovered the user behind that page
he just found his other profiles
it's over boys
@Seytonic btw with the Discord thing NoTextToSpeech said everything and who the person is by the way.
Happy 420
Jokes on them I already have access to my messages
ohh noooo, my public messages are public oh nooooooooo what ever am i gonna dooooo
yall didn't see this comming years ago? lmao
oh no my ets2 screenshots what ever will i do if they get out
It's actually pretty smart.
love seeing these pop in my recommended has got to be my favorite channel no lie
you could always just create an exe, use uni ext spoofing, embed picture into file as a resource and have the exe launch the picture during execution while also launching shellcode. not the same thing but wtv
Discord has a long history of issues, I don't understand why more people don't avoid it.
full of peter files as well. I'm glad their messages are searchable now, might help make some arrests.
@@artifactingreality Too bad the real use of this website was for harassment of people in (quote by unknownsrc, the owner of that website) "LGBTBBQ servers", political servers and all that.
Also it won't help with anything because you still have to comb thru billions of messages, without the consent of millions of users, out of a data pool that's barely a fraction of all that is on Discord. Not to mention most of those bad actors do their deed in direct messages, that aren't affected.
@@prieadieu well fair enough.
are usually either kids who look for chat or streamers who do voice chat
@@prieadieu as long they dont use personal irl information on their discord account, nobody can't hurt them (talking about lgbt and so)
2:57 its not clear who runs the site
no text to speech: i got u homie
A lot of elephant and castle map snapshots in these videos...
The "opt out" page now works.
Finally time to be the no.1 gamer word user 🙏
You know you cant use link markdown in closed captions... right?
I bought the minimum amount of credits to check my own messages, thank god there was none for mine
Damn that's worrying, but from my understanding it's scraping off public servers, so as long as you disabled the embed / public invite link then you're pretty much good? And if you don't want to disable that then your messages are pretty much out in the open for anyone anyways
Not necessarily.
They are not only for public servers there was a link to request ADDING to a server, meaning all you need is to send an invite link to the owner of the site, and the owner specifically targeted / requested links to LGBTQ, politics and other servers.
The bot would join, and provided the server didn't have anti-bot detection or something like that it would scrape all the known messages so even if it got banned you were f*cked
@@r8gg bot like user bot, right? i saw my server there, but had 0 messages and they only imported 50 of my 300 emoji. imagine THAT
Every year a new iMessage vulnerability..
imagine they have all messages about the leaked military documents on discord servers like war thunder and so on even DCS world
military is a joke, just some dudes who sacrifice their life for a illusion and not playing fornite
Ankh-Morpork Thieves' Guild approves
I LOVE that discord "leaked" 😆😆so dumb the idea that these things could be public and private at the same time -- literally just copied what was public already and put an interface on it -- this should be 100% legal if it isnt already
he not anonymus if you see ntts video about the site
What about all those free bots that we can add to our private servers with our friends? Since they are given permissions to read messages, who is to say that they have been selling data to 3rd parties? Of course this is all speculation and I don't have any data to support this claim. It's a scary thought that occurred to me after watching this video.
if that "0.01% of our users have python installed" thing was true, then I'm questioning how they know that, and if it's false I'm questioning why they'd lie about that
So it's not good either way
Alright who in hell will want to pay for the privilege of seeing fire emojis and nonsensical stuff sent by another user that's not you?
is not something new, the discord thing is since 2018-2019
So happy I deleted all my messages last year
Can anyone get on the site? I'm getting a 403.
Ok
I thought this was a No Text To Speech video at first.
its all over bros
lots of discord bots like the music ones had the rules to read messages by default ....
What's a Discord bot which can't read messages gonna do? Talk to itself?
btw, the person behind the discord thing doesn't have very good opsec, and we kinda know who they are.
No Text To Speech made a video on it.
this looks like big GDPR issue
if you don't own the server it's illegal to sell user data, but Google? reddit?
Is this a surprice? Discord is public. I'm not saying this is ok but i'm saying that some people get too confident and forget the messages are public and NOT secured.
Great Video :)
Yeah I’m sure you know all about it since apparently you watched a 10 minute video in 1 minute lol
@@zabrid9143It's a Seytonic video, don't need to watch it to know it's a great video.
Yeah, You cant? Skill Issue!!
Also whats with cyber-crims use anime profile pictures
>imagine not using Signal
Oh hey, Discord finally took down Spy Pet's bots. Spy Pet took down their website.
no, they were taken down by their host
Thank goodness that I am not a discord degenerate and use discord 24/7 lol
Sorry for those discord degenerates that were offended lol
Ah, thought the gc was leaked
1:54 bruh leornado AI
The telegram response shows, why you cannot trust ANY company, no matter what they say when there are big things at stake, especially your privacy and security. Just because they haven't found the zero day (DUH, the name's ZERO DAY "zero days since discovery" for a reason... ) I laughed when they literally dismissed the claim with "we haven't found the zero day vulnerability, so it does not exist". You cannot make that ish up.
I deleted my discord account 2 days ago when I couldn't use it unless I agreed to the latest TOS. I ended up having to agree just so I could access the delete function. :(
bruh they are savages lol
for future reference it's still possible to email Discord to delete your own account w/o needing access w/in the app, assuming you use the same email your account is under to contact them.
failing that, if you don't use the account for two years they'll pretty soon after schedule it's deletion.
Just a small correction, people do know who runs the site. He has already been doxxed, the most I can say is he is based in the EU
Wait this isn't ntts
damn, if i only knew i could sell my hateful messages...
selling hateful and racial messages rn
@@gideon5942 no, i gave them for free, you could print it on a shirt and make money off of it, that is how generous i am.
free hate for all
@@gideon5942 and why is it racist ?
@@PhinkTink why give them for free when they you can get paid hating 🙏🙏🙏
Seytonic watching NTTS confirmed :)
If he did he wouldn't have said the person behind the site is anonymous
yeah
@@Maxikinzthe videos were posted within 24 hours of each other, there's a good chance NTTS's video wasn't up while Seytonic was writing and recording his script. Video production takes a good bit of time, even for simple stuff like this.
I guess noone saw the smiley at the end of my comment. Yes, they could have both bumped into the same thing, or what I just said, but this was merely a joke.
@@Jono997 exactly, breaking news and events get covered in parallel... the content you consume first, might not technically been the first to 'print' but does that matter?
i thought this was ntts video before clicking
Considering Discord is part-owned by Tencent, all your messages are up for grabs anyway.
im cooked
ight, im done.
This is interesting though: Data brokers are pretty much illegal in EU, so they legally cannot trade data of EU citizens. GDPR is very much clear in this case, your data should be safe according to laws.
HAHAH! Man, I'm not sure if you are joking, but if you are, you got me good!
You think cybercriminals care about GDPR? Ive had big established companies not care about it boy 😂
They changed it on spy pet that you can now opt out.
It's just a publicity stunt. DO NOT SEND YOUR PERSONAL INFORMATION TO THE EMAIL. Watch NTTS's video on this he strongly discourages doing so as the guy will likely just use it to attack you.
It's probably still just a cover up so that they don't get taken down. There may be a takedown request page, but there isn't any actual enforcement.
How my life is less dramatic without all these crypto and stuff. Is the govt spying on me? Most likely. Am I to be afraid of something in this regard? Mostly unlikely. And my suspicious mind got a thought today when watching about firefox being open source, wondering: can it be compromised by an attack similar to the XZ that was recently prevented in its course?
The online identity not real of the owner of the site has been exposed by ntts
holdup.. giving an autib data broker company all your data..
The only ppl buying discord messages are youth pastors and priests lol
nvm oops
They're not legitamate LMAO. the GDPR Is entirely wrong, and the other one simply claims they will "decide"
@@aspiredoc How well can they identify that though? Could a user not just claim to be EU? Regardless, it’s a notable step up from the link being a glorified rick roll
they're not legit, it's only their to cover his ass. if you send any data to those emails it'll be used against you
You can't. This guy is a criminal scammer, he will not do shit with those requests.
It's just a publicity stunt. DO NOT SEND YOUR PERSONAL INFORMATION TO THE EMAIL. Watch NTTS's video on this he strongly discourages doing so as the guy will likely just use it to attack you.
Meh, my truly devious messages only appear in DMs, so I'm all good
As far as you know..
Leaks happen all the time. Most of the time it isn't even public.
When are the Capitalists going to learn that Community Bulletin Boards are NOT a profitable venture?
Another serious vulnerability for apps running in Windows. Linux is so much better now. Offices and schools need to start using Linux instead. There are very few advantages of using Windows today.
We could say that an old person would have trouble using a Linux machine and doing things in it. I say that it is often just as hard for them to learn how to use Windows. Since they are not experienced in both Operational Systems, it is better to train them in the more secure option.
Windows machines are extremely bloated and slow. Linux machines boot and update much faster. The apps run much faster. I believe we need to switch away from Windows as soon as possible, everywhere.
hackers finding out my n word spams