Found malicious line of code in my expert (MQL5 Freelance)

 

Yesterday, I hired a freelancer to develop an expert that moves the SL or TP a few points and set it back to the original price at a certain time.

I had a very long argument with the developer because he was very rude. Today I opened the source code, and I saw the following:


if(TimeCurrent() > Ref_day)

     {

      Alert("Please contact gnihouenoucon@yahoo.com");

      ExpertRemove();

     }

datetime Ref_day        = D'2023.01.25 21:00';


I am not a developer, but it seems like it deactivates the expert

Am I paranoid, or is it really malicious? Source code attached 

Files:
 
Yukawa Moradi Jou:

Yesterday, I hired a freelancer to develop an expert that moves the SL or TP a few points and set it back to the original price at a certain time.

I had a very long argument with the developer because he was very rude. Today I went to see the source code because I was paranoid, and I saw the following:


if(TimeCurrent() > Ref_day)

     {

      Alert("Please contact gnihouenoucon@yahoo.com");

      ExpertRemove();

     }

datetime Ref_day        = D'2023.01.25 21:00';


I am not a developer, but it seems very clear what he did here.

Am I paranoid, or is it really malicious? Source code attached 

I dont think so . It is probably for the demo version and was forgotten there in the heat of the argument .

Without a switch though (on/off for the check) it should have been removed prior to delivery . But it was likely forgotten and not intentional

 
Lorentzos Roussos #:

I dont think so . It is probably for the demo version and was forgotten there in the heat of the argument .

Without a switch though (on/off for the check) it should have been removed prior to delivery . But it was likely forgotten and not intentional

I see, thank you for the information!

 
Yukawa Moradi Jou: Yesterday, I hired a freelancer to develop an expert that moves the SL or TP a few points and set it back to the original price at a certain time. I had a very long argument with the developer because he was very rude. Today I went to see the source code because I was paranoid, and I saw the following: I am not a developer, but it seems very clear what he did here. Am I paranoid, or is it really malicious? Source code attached 

I believe that if the developer really wanted to be malicious, they would have encrypted the text and obfuscated the code so that it would not be easy for you to find it.

So, it was either forgotten there by mistake (or they are an extremely unskilled programmer 😅).

 
Fernando Carreiro #:

I believe that if the developer really wanted to be malicious, they would have encrypted the text and obfuscated the code so that it would not be easy for you to find it.

So, it was either forgotten there by mistake (or they are an extremely unskilled programmer 😅).

Yeah, that freelance is amateur. Freelancer should send .ex5 file instead of.mq5 
 
Pham Khanh Duy #:
Yeah, that freelance is amateur. Freelancer should send .ex5 file instead of.mq5 

It it was agreed upon the source must also be sent