# Forum > News > Trade Support > Scam Reports >  ko1n ahk hack, public script?

## pamanPMC

Accused Information

Dispute Date: Feb 11, 2017
Ownedcore Profile Link/User Name: http://www.ownedcore.com/forums/memb...297-ko1n-.html
Instant Messenger username of Accused: unit.alex
Payment Method Information: 1AyhFDahrTMkPavQyxSPB5WDsfdAujmsse His wallet address, Txid: 9e7a410eb7c1f07b55eb42deb571bbf334b0eb1713b40b657c34e561a96d90d0 and Paypal: [email protected]


Dispute Information

What is the dispute about? Overwatch AHK aimbot, Money.
Dispute Thread Link:
Other Sites Scam Link:
Value of Trade Involved: $55.00USD
Did you use a middleman?: No.
Provide more information on what leads to the dispute:

Proof


koin - Album on Imgur <- In there is our skype conversation with proof that skype i provided is who sold the bot. 


I have a friend that can prove i bought this hack and has now seen it himself. Admin should know who i am talking about.

-------------------------------------------------------------------------

I just want to add that this bot got my 2 accounts banned, just saying.


I bought ko1ns private ahk hack on January 4th this year. He sold me the "better version with gui" for $55USD which was the price of the guiless version because I had to wait to next day to make the purchase. This was due it being to late for him to complete the transaction on the first day. Now it turns out that even the so called better version is just public script shared even here, most likely something from here AHK coders lounge - discuss and share code , the first one, pretty sure. I can provide screenshots of the sell, the files themselves and more info to admin who takes this case to look into. Hope to hear from admin soon.

PamanPMC.

----------


## DvASystems

First off, I've been shown the executables and source code *3 times* now.
- First was when someone tried to leak "ko1n's cheat" here, claiming he got duped with no real proof posted.
- The files are already available on leakforums
- I was PM'd with these files asking for guidance.

In each case I've believed it's just people being duped into downloading free "cracked" cheats when it's just some public script.
However two guys insisted I was wrong and claimed they had proof this was actually ko1n!'s cheat that was being spread since it literally has no protection, they claim.

If their claims are valid, it would go like this:
Korea aimbot source gets released on Ownedcore, Stinkyjoint makes some adjustments such as adding gui? and some combo macros.
Ko1n! supposedly removed the gui and added his own and removed the combo macros.
Started selling it and claimed it was a private hack.
The hack had no code encryption/protection, get's decompiled and is shown to be very primitive.

I was consulted on this prior where I noticed it looked a lot like the Korean source code you can find here:
AHK coders lounge - discuss and share code

Here's an easy tell to ko1n! having no clue on how to code (other than the source code being the same with no additions/upgrades)
Main reason ofc, is the values being the same and this codefiller being at the bottom:
DebugTool1:
MouseGetPos, MX, MY
ToolTip, %AimOffsetX% | %AimOffsetY%
ToolTip, %AimX% | %AimY%
ToolTip, %IntAimX% | %IntAimY%
ToolTip, %RootX% | %RootY%
ToolTip, %MoveX% | %MoveY% || %MX% %MY%
Return

It has no actual function in the cheat program. It's meant for developers to easily cut it out and use it to find center screen values which is vital for the script if you want to move around scan area.
However when you compile a script in ahk, the comments will get removed to optimize the code. Thus in this case Ko1n! did not know what this code was when he blatantly plagiarized Korean aimbot.

Next post will be file investigation.

----------


## DvASystems

The files use the same method to detect HP bar colors, which the Korean cheat provider introduced. Stinkyjoint's modified version of the cheat also uses same method.
This is the second hint they use the same source.

However you can just put the codes next to each other to see the similarities.
Saved diff aJOvX21x - Diff Checker
Left - Alleged ko1n! code
Right - Cleaned Korean aimbot code found here:
AHK coders lounge - discuss and share code

The only difference is the GUI and the Korean aimbot having the aimbot script 2x added in (due to long range requiring different values or something similar from what I remember reading about)

Ko1n! has 24 hours to reply to these allegations.
This is not allowed per Overwatch section rules:
Overwatch Trade Section Rules - Read before posting!
Not even Rule 1 protects in this case due to 0 code improvements.

Especially here:

These are values defined by Oahsys since day 1.

----------


## Ko1n!

Not sure how this actually works, but yes i have used tiny parts of scripts from the ones found here, but i did not have it all copy pasted or everyone that i know would get banned right? My cheat acts differently in different ways, if there is no change in code then how come mine doesn't support long range? And how come at one point in time my cheat was undetected the most in ownedcore when the "Korean" was getting banned every other week? just doesn't add up the way it is right now, sure partial of the userbase got banned but it is not because of the aimbot. So i don't know what you exactly need from me right now but if DVA or any other admin/Moderator want to inspect the files and try mine compared to the korean then feel free, it doesn't act the way the korean does in any way.

----------


## DvASystems

> Not sure how this actually works, but yes i have used tiny parts of scripts from the ones found here, but i did not have it all copy pasted or everyone that i know would get banned right? My cheat acts differently in different ways, if there is no change in code then how come mine doesn't support long range? And how come at one point in time my cheat was undetected the most in ownedcore when the "Korean" was getting banned every other week? just doesn't add up the way it is right now, sure partial of the userbase got banned but it is not because of the aimbot. So i don't know what you exactly need from me right now but if DVA or any other admin/Moderator want to inspect the files and try mine compared to the korean then feel free, it doesn't act the way the korean does in any way.


Please PM me with the source of the Main aimbot. And I'll compare.

Edit: As for the long range, you cut it out as you can see here:
Saved diff aJOvX21x - Diff Checker
Line 54 on the right is presumably the long range function cut out.
Oahsys ran 2x scripts, one close range and one long range. The main difference between yours and his is the long range script presumably removed. 
Everything else is the same in comparison.

----------


## DvASystems

Update, another customer contacted me. This time he provided the 120$ files.
I quote:



> He said he has a "base" soruce and my version is the "premium" one, I believe it was 120€? and all it really has is minor change to the "public" one


Here's the difference between
55$ and 120$
Saved diff cq7E93g4 - Diff Checker
0 Code changes (except 4 lines where a space is removed)

Alleged Premium 120$ files:
TinyUpload.com - best file hosting solution, with no limits, totaly free

It's just the Korean Aimbot you can find here:
AHK coders lounge - discuss and share code

----------


## smusen

I provided DvA/Bunny with the "premium" in question above.

----------


## pamanPMC

Well... welcome to the club bro.

----------


## DvASystems

Ko1n! seems to not be interested in replying to my PMs.
He has 1 hour to respond (ultimatum given by another admin due to easy open and shut case) otherwise I'll just follow through with punishment.

As for Smusen's worry that him "leaking" the private files will get him banned:

There's no difference in signatures between private and public since it's the same code just different prices.
These files are already on leakforums meaning you have been cheating on a public detected signature for a long time with thousands of others that have downloaded the "leak".

----------


## DvASystems

No effort made by Ko1n! as he presumably knew it would be hard to defend himself against two testimonies and the other incidents (leak attempts and leakforums release) when both victims had given the "different" files for me to analyze which collaborated with the general story given.

As such, instructed by Kurios, I've issued a Temp ban and a sales thread removal. He's free to sell again but with his reputation in the gutter. Just not stuff we are giving away for free on Ownedcore though and then renaming it.

As for others in the future that seem to think this means we'll hunt everyone that shares code similarity, here's our stance as per rules:

We only look into cases where someone takes someones source code, does no changes = sells it back. Or someone scamming users, returns 1 week with same code under different name.
Or pyramid schemes.

We aren't exactly the stasi. People will vote with their wallets as per usual.


*This case will not be discussed any further.*

----------

