Found malicious line of code in my expert (MQL5 Freelance)

Jou 2023.01.21 09:51

Yesterday, I hired a freelancer to develop an expert that moves the SL or TP a few points and set it back to the original price at a certain time.

I had a very long argument with the developer because he was very rude. Today I opened the source code, and I saw the following:

if(TimeCurrent() > Ref_day)

{

Alert("Please contact gnihouenoucon@yahoo.com");

ExpertRemove();

}

datetime Ref_day = D'2023.01.25 21:00';

I am not a developer, but it seems like it deactivates the expert

Am I paranoid, or is it really malicious? Source code attached

Files:

Move_SLTP_Yukawa_vf.mq4 32 kb

Lorentzos Roussos 2023.01.21 10:56 #1

Yukawa Moradi Jou:

Yesterday, I hired a freelancer to develop an expert that moves the SL or TP a few points and set it back to the original price at a certain time.

I had a very long argument with the developer because he was very rude. Today I went to see the source code because I was paranoid, and I saw the following:

if(TimeCurrent() > Ref_day)

{

Alert("Please contact gnihouenoucon@yahoo.com");

ExpertRemove();

}

datetime Ref_day = D'2023.01.25 21:00';

I am not a developer, but it seems very clear what he did here.

Am I paranoid, or is it really malicious? Source code attached

I dont think so . It is probably for the demo version and was forgotten there in the heat of the argument .

Without a switch though (on/off for the check) it should have been removed prior to delivery . But it was likely forgotten and not intentional

EA N7S_AO_772012 FOREX - Trends, forecasts GBPUSD stopped running on

Jou 2023.01.21 11:06 #2

Lorentzos Roussos #:

I dont think so . It is probably for the demo version and was forgotten there in the heat of the argument .

Without a switch though (on/off for the check) it should have been removed prior to delivery . But it was likely forgotten and not intentional

I see, thank you for the information!

Fernando Carreiro 2023.01.21 12:02 #3

Yukawa Moradi Jou: Yesterday, I hired a freelancer to develop an expert that moves the SL or TP a few points and set it back to the original price at a certain time. I had a very long argument with the developer because he was very rude. Today I went to see the source code because I was paranoid, and I saw the following: I am not a developer, but it seems very clear what he did here. Am I paranoid, or is it really malicious? Source code attached

I believe that if the developer really wanted to be malicious, they would have encrypted the text and obfuscated the code so that it would not be easy for you to find it.

So, it was either forgotten there by mistake (or they are an extremely unskilled programmer 😅).

AI as a tool [Archive!] I will write Looking for patterns

Pham Khanh Duy 2023.01.21 12:18 #4

Fernando Carreiro #:

I believe that if the developer really wanted to be malicious, they would have encrypted the text and obfuscated the code so that it would not be easy for you to find it.

So, it was either forgotten there by mistake (or they are an extremely unskilled programmer 😅).

Yeah, that freelance is amateur. Freelancer should send .ex5 file instead of.mq5

Lorentzos Roussos 2023.01.21 12:23 #5

Pham Khanh Duy #:
Yeah, that freelance is amateur. Freelancer should send .ex5 file instead of.mq5

It it was agreed upon the source must also be sent

New comment