Sign in Subscribe

Why FDP Client is untrustworthy

Presti

4 min read

Grab some popcorn. I’m going to take you for a ride.

We all know FDP, the free client that has taken the Minecraft hacking community by storm these past couple years. Before the recent anticheat update, my data suggests 52% of the cheaters I found on BlocksMC were on FDP. Not only that, since FDP is multiserver, you can find it on virtually any cracked server. But behind the wellmade, safe, free, open-source client, there is another side, full of lies and betrayal.

FDP has always, and I mean always, been known for skidding other clients. It’s quite obvious how this made devlelopers angry; it sucks to have your work stolen, and FDP was shameless in doing so. This sprouted a long and constant flow of FDP hate. It was the joke of the community, comparable to putting ketchup on a pizza in Italy. It fascinated me why people used it, and who even used it. The answer: Primarily young kids. And just like YouTubers centered towards children, people did not like this. The type of kids that used FDP would also alck a certain knowledge about clients, giving the FDP community a reputation of being the dumbest within the larger hacking community. All this hate and anger is why people made things like deletefdp.today (made by the Rise team, I highly recommend checking it out, it’s hilarious.)

But, hey, whatever, it’s free. There will always be people who just want the free stuff. And as long as it free and safe, it would stay and it would have users. Free? Check. Safe? …

FDP has always been open-source, as far as I know. This means you can download the source from github, read through ALL code, and compile the mod to run in Forge. Being open-source is a huge deal, since generally, open-source code means a client is safe.

Just to clarify, as far as I am aware, FDP has always been safe… until they announced their discontinuation.

On the 27th of April, 2022, one of the lead FDP developers, Zywl, announced the ‚unfortunate😉‘ discontinuation of the client. It was quite interesting to me, since he mentioned how they found it funny how mad people got over FDP and how big their community had become. Either way, just a couple days after, they announced they had changed their minds and would continue development on the client. It was not too long after, perhaps a week or two, when the first allegations came.

„FDP got hacked“
„FDP ratted lolllll“
„is FDP a virus?“

These were all things I saw pop up between 17th of May and the 19th of May. However, on the 19th, one of the admins adressed the rumours very briefly. „also quick note, fdp isn’t ratted nor has it been so don’t spread rumours xd“
This is supposedly false, as there is a popular theory that the FDP github was hacked for some time and there was, indeed, a RAT in the source on there for some time. This is yet to be confirmed true. However, the past few days the general story is that there is no longer a RAT in the code.

However, with evidence of them lying, this was all already a red flag for me. How could we even trust them if they were straight up lying to us? And then, last night, my moderator KittenSenpai#3341 sent me an interesting DM. We were dicussing posts for MCN, when KittenSenpai#3341 wrote:
„im tryna collect evidence of FDP being a rat and logging jar files.“
I just kind of shrugged it off and replied „it’s not a RAT anymore.“
„it is. [REDACTED] admits it“

I’m going to be using [REDACTED] a bit, since I was asked not to say the actual name of the person involved. This is what I will tell you: they are known for using FDP frequently, and they are close friends with the dev team.

These are the screenshots. I’d like to state that these are rumours, not everything [REDACTED] says can be verified to be true. HOWEVER, everything that DOES have evidence will have its evidence shown later in the post 🙂 Image links: (wp refuses to load them lmfaoooo)
https://imgur.com/ef3KzBM
https://imgur.com/1kn9Oml
https://imgur.com/FtjpV4N
But who can prove any of this shit is true? I can. I was so interested at this point, I instantly started reaching out to developers to help me. To prove that the current version on the GitHub is a RAT. But many were busy, and I had barely any programming experience so I had to wait. Time to introduce you to the hero of the story. Tecnio#0001. I didn’t originally ask him to go through the code, but, little did I know, he had already done it earlier. Within the source, there is a file named ‚artifact.zip‘. Witin that file, there is most likely a RAT: https://i.imgur.com/oGGKkIw.png

However, Tecnio’s word could be bullshit right? Well, he provided two scans:

  1. https://analyze.intezer.com/analyses/3455c776-de6f-415f-872e-e55010e5f936/genetic-analysis
  2. https://www.virustotal.com/gui/file/17fecac65bc548f5cf3a66b702178d9047457670a64a85eddf725f4201dd94dc

Note that this is scanning artifact.exe, which is within the .zip file I mentioned earlier. It is highly likely that this is a RAT.

Now, lastly, it is important to mention that this was the ‚current‘ version. 19 hours ago, they updated the GitHub with a new version with the RAT removed. However, can we even trust the FDP devs, specifically XiGuaHanHan after blatantly lying to us not once but twice?

With FDP playing such an important part in the community, this is an important question we should all stand still and think about. Blind trust is dangerous- especially in the community.

Have a great day

~SmackVideo

And thanks to KittenSenpai#3341 and Tecnio#0001, this post wouldn’t be a thing without them.

Sign up for more like this.

Enter your email
Subscribe