Summary of "Украли аккаунты Discord и Steam — разбираемся"

Problem summary

A user reported losing access to Discord and Steam after installing a so‑called “ban” (a tool intended to bypass Russian traffic blocks).
Multiple people reported similar symptoms after installing versions downloaded from unofficial places:
- Antivirus alerts.
- System slowdowns.
- Account compromises (e.g., Discord, Steam).

Context: Roskomnadzor (RKN) began blocking traffic using DPI (Deep Packet Inspection).
Purpose: The “ban” is a set of tools that modifies packet structure/behavior to break DPI signatures so traffic can pass through (packet‑manipulation evasion).
History:
- An early implementation was attributed to an author nicknamed Bolva (2016).
- A commonly used 2021 implementation is attributed to an author known as Lowe (or similar).

Official releases:
- The video argues that official releases of the ban do not contain trojans.
Source of infections:
- Most infections are traced to unofficial distribution channels (Telegram channels, random websites, YouTube links, archive files with passwords) where altered or malicious builds are shared.
Community/social effects:
- Infected users often assume “the ban” is malicious, then create or amplify misleading videos/posts claiming the official tool is infected.
- This creates a feedback loop that increases distrust of the official project and spreads the compromised builds further.
Other causes:
- Account losses can also result from unrelated background malware or preexisting compromises; users frequently blame the most recently installed item.

Download only from the developer’s official GitHub repository. Do not download from:
- Telegram channels
- Random YouTube links
- Archive files with passwords from unknown sources
- Untrusted websites or third‑party repacks
If antivirus flags or you see system lag:
- Consider the possibility of other infections or compromised files rather than assuming the official ban binary is malicious.
General hygiene:
- Verify sources before downloading or running binaries.
- Avoid third‑party repacks and “mirrors” posted in comments/forums.
- Treat unsolicited links and archived builds with suspicion.

The official ban project explicitly states it does not include Telegram/YouTube channels (per the project’s GitHub).
Many YouTube videos and forum posts show or claim infected ban downloads, but these are often from unofficial packages rather than the official release.

Narrator / video host (explaining the incident and analysis)
Affected user(s): “Malstroy”, “Mikh”
Developers / author aliases: Bolva (2016), Lowe (2021)
Institution: Roskomnadzor (RKN)
Distribution platforms discussed:
- Official GitHub (recommended)
- Telegram, YouTube, forums (untrusted sources)
Additional observational sources: antivirus reports and community videos