TL;DR for everything below: If you want to be extremely careful, you could unlink/unsave your payment methods. We still have ZERO evidence that any payment methods have been, or could be, compromised. Until/unless we get an official update stating otherwise.
This is only speculation IF any payment methods are at risk, however, it might be a good idea to unlink PayPal if you/anyone else has it connected. That way it will not be possible to make any “instant” purchases without having to go through PayPal’s two-step authentication methods.
(Again this is ONLY an assumption/speculation) but I would NOT expect it to be possible for payment methods to be hijacked and used outside of Gaijin/War Thunder. HOWEVER, if for some reason someone was able to use your stored payment methods to purchase a gift for a separate account, THAT might cause issues for YOUR account. Details below:
TO LET EVERYONE KNOW: it is in the Store Policy/TOS that if you have a “recalled purchase” (“charge back”) for a purchase on your Gaijin account, you may/will be blocked from using certain types of payment methods in the future.
There are multiple statements for different types of purchases. (Though, they look like they say the same thing: if you have a recalled purchase, certain types of payment methods become unavailable to your account.)
NOTE FOR MODS: If anything here is incorrect or incomplete, please let me know and I will edit OR you should edit my post yourself OR just go ahead and delete my entire message if you need to 👍 No hard feelings if you do.
I do encourage Gaijin to make a public statement about this entire situation ASAP to prevent an excessive amount of speculation. Thank you.
Considering he was egging him on to crash servers and matchmaking, I’d hardly doubt anything he was doing was for the benefit of the site. The fact that he knew what Plupsy was capable of and knew he was trying to get people banned for little to no reason tells me more than enough about Hadi and the other developers. They willingly took on a notorious cheater and justified it with “oh well he didn’t distribute it so he did minimal to the community” is just as stupid. Even if he didn’t distribute it, it gives way for new hacks to be discovered as other cheaters know where vulnerabilities lie. A user on here pointed out that it looks like weak server-side verification, so if he’s to be believed then any cheat maker might be able to do the same.
Is Hadi capable of doing the hacking instead? Its plausible. If he really found it so amazing what Plupsy was doing, I’d say there’s a fair chance that he wanted to learn to do it. Not to say he can, or that he can’t.
Either way, Statshark’s team can’t really be trusted. The tool itself is fine I guess, but the team behind it are unreliable and complacent- especially since Hadi admitted they knew Plupsy was trying to get the person banned, and all they did was “talk to him”. Childish.
Pretty much my whole view. Obviously what Plupsy did is bad, nobody can deny that. The issue is that the developers knew about everything and didn’t do a thing. Even after the video, all they did was let him leave by himself. Their whole announcement is just trying to save face.
The real corporate-level winrate-by-nation-and-BR data Pluspy obtained for Hadi starting early this year basically helped Statshark to drive Thunderskill out of the “cool third-party War Thunder website” game (for now), so I’d say the site benefitted. And there’s not really “other developers,” it’s just Hadi, Pluspy from February until now, and a couple volunteer Discord mods, more or less. As far as I can tell from here anyway. And the egging on by Hadi all occurred long before Hadi “went legit” last year and tried to build something useful for the community. Did they do an Icarus and go too far with the XVM stuff, if only because it led indirectly to the Pluspy personal implosion? Maybe. I totally believe Hadi is going to have to expect to take some time to earn back player trust for what he’s trying to do. But I still think he’s made a useful site and I feel perfectly safe and comfortable using it as a resource for data (like the flight model stuff) about the game that he’s either derived or legitimately acquired that you really can’t get anywhere else.
yep, seen em, they are long term friends, no one’s denied that, just saying that all happened six months or more before Hadi started Statshark, and a year or more before Pluspy offered to help him with it. I’m not a member of Africamod Discord where that all went down, but there was a lot of sketchy stuff happening over there and they were both part of it, along with others, and (not that anyone would care) I don’t agree with any of it.
All those screenshots are from Africamod. Statshark didn’t exist before August 2024.
Not defending it, Gaijin was fully aware at the time of Africamod’s collective abuse of certain CC’s and what they were doing and chose to do nothing. I just don’t associate Africamod with Statshark, although yes, it’s some of the same people. I believe we have to give people chances to change.
There’s multiple users with the “Dev” role so I assume they are also devloping it.
Pretty sure there’s another developer besides Prae and Hadi (+ Plupsy) but can’t find them in official announcements.
Irrelevant of when it happened, they knew what he was capable of and kept him anyways. Either they wanted Plupsy to keep hacking (as it seems like when he did go back to it, they never cared) or are incredibly naive.
Use Statshark all you want, I just can’t trust the developers. I don’t care much for a players stats or vehicles stats so I never use it anyways.
Also for this, I don’t know if this was what Plupsy was getting for them. I just assume that he wasn’t doing it for the benefit of the site.
Hadi has said the two things that have to go now are the corporate data winrate stuff and the XVM stuff (presumably because it relied on the additional verification and only Pluspy knew how to make the game chat work like that), so it seems pretty clear to me those are the two things Pluspy was doing for them. Also Pluspy joined the site, Hadi says, in February with a help to offer get “certain data” and February’s when he was able to add the corporate data winrate stuff to the site. And yeah, I forgot about Prae, sorry to Prae.
Good to know. This whole situation is so dumb and avoidable though, all they needed to do was distance their whole project away from a notorious hacker- nevermind fuel his ego in an echo chamber.
That’s a hard no and never for me. Once a cheater, always a cheater. It even happened with StatShark by their own admission! “Well yeah we knew he created and used cheats in the past. But he super pinky promised he wouldn’t do it again!”
I hope you don’t get burned “trusting” lairs and cheaters with the safety and security of your computer and War Thunder account. They could get hacked themselves, be bribed to try something more nefarious, among multiple other possibilities.
They can have their chance at redemption WITHOUT the risk to my personal devices and accounts. They deserve no benefit of the doubt now. They have already proven themselves to be severely lacking in good judgement and good moral character. The odds are extremely high that they will re-offend. I hope and pray they don’t 🙏 But liars cheaters and thieves almost always repeat their offenses and crimes. The statistics on crime (and cheaters in video games) prove it. I wish them the best and hopefully they turn a new page and never break any more rules, laws, or moral codes.
I agree and am left with no other choice: I will never even open the StatSkark website again. I already manually deleted all cookies and site data from that site for good measure, and thankfully had never logged in/created a profile/account on their site. I don’t care how neat or “special” or “unique” their site or data is. I do not care what statements or promises they make now, it is far too late. I refuse to entrust the safety and security of my accounts and devices to a bunch of lairs, cheaters, and thieves. Nor anyone who supported or ran cover for them; they are equally guilty and culpable.
EDIT/Addendum:
"Ok, I did think about something that could help redeem the StatShark team including Pluspy" :
(This is copied from my next reply below, just wanted to add it here too to have this reply be more inclusive)
Ok, I did think about something that could help redeem the StatShark team including Pluspy.
If Hadi and Pluspy were to give Gaijin ALL of the tools, information, and ALL relevant data:
How he was able to obtain the data for the full (“corporate level”) statistics.
How he was manipulating Custom matches.
How he was manipulating other player’s in game chat messages
How he was “DDOS’ing” Content Creator’s logins to force their game to log out.
How he manipulated the Nord missiles (IF Pluspy was actually responsible for that one, I am still not 100% sure).
Any and all other security holes that they know of. EVERYTHING.
Turn over EVERYTHING to Gaijin.I do NOT think it would be a good idea for Hadi/Pluspy to release this information publicly as it would almost certainly be used by nefarious entities to use and abuse the playerbase. But IF they were to give Gaijin EVERYTHING they have, everything they have done, even anything that they were still working on, anything and everything they have which would allow Gaijin to patch up ALL the security holes they had found and/or were exploiting:
That would be the only thing which would have even a slight chance of helping to convince me that they are trying to change their ways. But without a full and complete admission of their “guilt” and steps to provide “restitution”, I cannot rely on their words alone as evidence of a change (I consider turning over ALL of the information & data to Gaijin at least a partial substitute for financial restitution.)
Coming back to your message here: Again, I do agree with this concept. A full disclosure from Hadi and Pluspy et al. would be a very good step in the right direction. I personally would need more than just statements and promises to be convinced. Transferring all information and data to Gaijin is about the only action that could sway my opinion.
To Hadi and Pluspy et al.,
If you are reading this: I am praying for you. I pray you do what is right 🙏
