MalwareTips
Security Review

Is aimmy.dev legit or a scam?

Our verdict:Suspicious· 49/100

Aimmy.dev offers an AI-powered game cheat tool that has recently been flagged for distributing malware and causing permanent hardware bans in popular games.

Top reasons
Sandbox analysis flagged downloads from this site as malicious (MENORAH YARA detection).Documented reports of trojans (Backdoor.MSIL) bundled with the software in community discussions.High risk of permanent hardware bans (HWID) in games like Fortnite and Valorant.
aimmy.devScanned 1h ago
Post Facebook
0
Trust score
SUSPICIOUS
Heuristics 56·MT 45
Category tags
malwaregaming scam#malware#gaming scam85% MT confidence
Technical red flags (1)
Impersonates Fortnite
Warning signals (1)
Some abuse reports (40%)

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
0/92
All engines report clean
Domain Age
2 years old
Registered Jan 5, 2024
MT Intelligence
Suspicious
Moderate likelihood · 85% confidence
SUSPICIOUS

Warning signs detected

Aimmy.dev offers an AI-powered game cheat tool that has recently been flagged for distributing malware and causing permanent hardware bans in popular games. Several risk indicators suggest caution. This site might be legitimate — but treat it as unverified until you can independently confirm.

Website Preview

Screenshot of aimmy.dev
LIVE RENDER
aimmy.dev
1Impersonates Fortnite

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site. See full visual analysis →

Visual Screenshot Analysis

We capture a fresh screenshot of the live page and ask a vision model to look for scam visual patterns — fake trust badges, countdown timers, overlay pop-ups, and visual clones of legitimate brands.

25
/ 100
Moderate visual risk

Visual red flags detected in the screenshot

The page appears to be a legitimate landing page for a software project called Aimmy, featuring links to its source code and community. While the software's nature as an 'aiming' tool may be controversial in gaming contexts, the site itself does not exhibit typical visual scam patterns.

Visual risk25/100

What our vision model saw

5 signals

Prominent download buttons for Windows software

Links to external platforms including GitHub and Discord

Claims of 'AI-Based Aiming Nomenclature' which may relate to game automation or cheats

Professional layout with consistent branding and navigation

No immediate signs of phishing, fake urgency, or cloned branding

Brand Impersonation

medium confidence

The page mentions or styles itself as Fortnite, but is hosted on a domain that is not an official Fortnite property.

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Moderate scam likelihoodengineMT · Guardiantrust45/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
The site serves as the landing page for 'Aimmy,' an AI-driven aiming tool. While the project has a significant following on GitHub, our research indicates that downloads from this specific domain have been flagged by sandbox analysis for malicious activity, including registry changes and unauthorized binary execution. There are also documented reports of 'supply-chain' attacks where malicious clones of this project distribute trojans. Furthermore, the software's nature as a game cheat leads to high risks of permanent hardware ID (HWID) bans on platforms like Fortnite. Because the site lacks formal business registration and distributes executable files that trigger multiple security warnings, it carries a high risk for average users.
Full dossier
Analysis complete

Page Content

The website is a professional landing page for Aimmy V2, an AI-based aiming tool using YOLOv8 and ONNX. It features direct download links for Windows and links to a GitHub repository. The content is focused on 'game accessibility' but explicitly lists features like Anti-Recoil and Detection ESP, which are standard game-cheat functions.

Infrastructure

The domain is hosted on a common content delivery network with a valid SSL certificate. While the hosting IP has a moderate abuse score due to shared hosting environments, the domain itself has been active for over 900 days. No formal business entity is associated with the site, as it is operated by individual developers.

Domain History

Registered over two years ago via Namecheap, the domain has maintained a consistent identity as the home for the Aimmy project. However, the lack of public WHOIS data and the recent emergence of malicious clones (such as aimmy.app) have complicated its reputation.

Web Reputation

Independent review aggregators show mixed results, with some rating it as legitimate while others highlight malware concerns. Our research found specific sandbox reports from February 2024 flagging downloads from this domain as containing potential backdoors and unauthorized auto-run registry entries.
Risk Factors
6
  • Sandbox analysis flagged downloads from this site as malicious (MENORAH YARA detection).
  • Documented reports of trojans (Backdoor.MSIL) bundled with the software in community discussions.
  • High risk of permanent hardware bans (HWID) in games like Fortnite and Valorant.
  • No verifiable business registration or physical address provided.
  • The site distributes executable files (.exe) that bypass standard security prompts.
  • History of malicious clones and supply-chain attacks targeting this specific project.
Positive Signals
3
  • Domain has been active for over 900 days.
  • Associated GitHub repository has over 1,500 stars and active development.
  • Valid SSL certificate and professional site layout.
AI Recommendation
Avoid downloading or executing files from this site. If you require this software, only audit and compile the source code directly from the official GitHub repository to avoid potential malware bundled in pre-compiled binaries.
Scam network detected
2 linked domains correlated

Malicious clones like aimmy.app have been used to distribute malware by impersonating this official site.

aimmy.appcometrbx.xyz
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for aimmy.dev, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Domain age
2.5 yrs
Registered Jan 2024
Business registration
No public record found
Could not match the site to a registered company — common for small sites.
Clone check
Not a clone
No well-known site's layout or branding detected here.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
3 scam reports · 4 complaints · 3 positive
Key findings
7 headline facts from open-web research
  • Official site for open-source-available AI aim alignment tool (YOLOv8 + ONNX + DirectML) hosted at GitHub.com/Babyhamsta/Aimmy with 1.5k stars; marketed for accessibility but widely used as external aimbot/cheat for Roblox, Fortnite, etc.
  • Site explicitly warns it causes HWID bans in Fortnite and is unsuitable for Valorant, Apex, Warzone, EAC, or BattlEye; developers state they are not responsible for bans.
  • ANY.RUN sandbox flagged a download from aimmy.dev (Feb 2026) as malicious with MENORAH YARA rule, registry autorun changes, and renamed binary (YmmiaV2.exe); likely indicates tampered/malicious build or fake mirror.
  • Multiple GitHub issues and discussions report VirusTotal detections, trojans (Backdoor.MSIL), and AV false positives due to mouse control/screen capture behavior; users advised to download only from official GitHub releases.
  • Scamadviser rates it "Very Likely Safe" / legit with valid SSL but notes low Tranco rank; Trustpilot shows 3.2/5 from only 2 reviews.
  • Domain age ~904 days (~2.5 years); project described as non-commercial passion project with low operating costs, source-available but not fully open-source (prohibits commercial forks and malware-modified distributions).
  • Fake/malicious clones (e.g. aimmy.app) have been used in supply-chain attacks targeting Aimmy users via modified downloads.
Scam reports (3)
Direct quotes from public scam databases, forums, and news.
  • ANY.RUNopen

    "Malware analysis aimmy.dev Malicious activity... Verdict: Malicious activity... Tags: github menorah auto generic... MENORAH has been detected (YARA) * YmmiaV2.exe"

  • GitHub Discussionopen

    "Just found this trojan as part of a file for Aimmy an AI cheat... This is a Backdoor.MSIL.gkhl a malicious tool"

  • OpenAnalysis Researchopen

    "The malware operators have made a clone of the GitHub repository... and setup a malicious website https://aimmy.app which links to the cloned GitHub repository. The website also has a modified download link which links to malware"

Positive reviews (3)
Quotes indicating the site is legitimate.
  • Scamadviseropen

    "In summary, we think aimmy.dev is legit and safe for consumers to access."

  • Trustpilotopen

    "aimmy.dev ... 3.2 Average. TrustScore 3 out of 5. 2 reviews."

  • GitHubopen

    "Aimmy is a universal AI-Based Aim Alignment Mechanism developed by BabyHamsta, MarsQQ & Taylor to make gaming more accessible for users who have difficulty aiming... 1.5k stars, 672 forks"

Research summary
Narrative write-up from our AI analyst, grounded on the facts above
Analysis of community discussions on GitHub and specialized malware research sites reveals that Aimmy has been targeted by 'supply-chain' attacks where malicious versions of the software are distributed. Sandbox reports from early 2024 specifically flagged files from this domain as malicious. While some users on independent review sites consider it a legitimate tool for gaming, the consensus among security researchers is that the downloads frequently trigger malware alerts and can lead to severe gaming account penalties.

Antivirus Engines

Clean pass · verified
Clean across 92 engines

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. None of them flagged this URL in the last scan.

0Malicious0Suspicious58Harmless92Engines
Clean
Kaspersky
Clean
Bitdefender
Clean
Microsoft
Not in pass
ESET-NOD32
Not in pass
Avira
Not in pass
Sophos
Clean
Fortinet
Clean
Google Safebrowsing
Clean
Emsisoft
Clean

No engine detections. The URL passed every antivirus and blacklist engine we queried in this scan. Stay vigilant — AV coverage is only one signal among many.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
Has a contact email on its own domain
Emails on site's domaininfo@aimmy.dev
Phone numbersNone
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No phone number listed on the page.
  • No postal address visible on the page.
  • Page impersonates Fortnite on a non-official domain.
  • Contact email on the site's own domain (info@aimmy.dev).

Domain & Encryption

Domain History
Age2 years old
RegistrarNamecheap Inc.
RegisteredJan 5, 2024
ExpiresJan 5, 2027
Owner privacyVisible
Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerLet's Encrypt · R12
ExpiresJul 30, 2026 (32d)
Self-signedNo
Hosting & Technology
HostingGitHub, Inc.
Server locationUS
Web serverGitHub.com

Server Reputation

Abuse Intelligence
Confidence score40%
Reports on file36
ISPGitHub, Inc.
Usage typeContent Delivery Network

Proceed with caution

Our automated review flagged enough risk that you should treat this site as unverified.

  • Treat aimmy.dev as unverified

    Do not enter credentials or send money until you have independently verified the business.

  • Verify the business through independent channels

    Check the company's social profiles, registry records, and search for recent news or reviews that are not hosted on the site itself.

  • Never use irreversible payment methods

    Crypto, gift cards, wire transfers, and cash apps offer zero buyer protection. Use a credit card or PayPal if you must pay.

  • Share your experience

    If you have additional context, drop a comment below or post on the MalwareTips forum.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
Not listedCheck ↗
AbuseIPDB
ListedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

cometrbx.xyz

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review marked aimmy.dev as suspicious. Several warning signs were detected; it may still turn out legitimate, but you should verify it through independent channels before trusting it with money or credentials.
  • aimmy.dev currently scores 49/100 on our trust scale. We found enough warning signals to recommend caution. Verify the site through independent channels before entering credentials or money.
  • Yes. aimmy.dev presents a valid TLSv1.3 certificate issued by Let's Encrypt · R12, expiring in 32 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • aimmy.dev is 2.5 years old, registered on 1/5/2024 through Namecheap Inc.. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.
  • No. All 92 antivirus engines in our malware network report aimmy.dev as clean.
  • No. aimmy.dev is not currently listed on the major browser blocklist feeds that modern browsers use.
  • aimmy.dev resolves to an IP operated by GitHub, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • This is a permanent record of the scan run on June 27, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around aimmy.dev have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

0
Trust / 100
Final Verdict·aimmy.dev
SUSPICIOUS

This site provides an AI-based game automation tool that has been linked to malware detections and account bans. While the project is hosted on GitHub, recent sandbox analysis of the site's downloads has flagged malicious behavior.

Avoid downloading or executing files from this site. If you require this software, only audit and compile the source code directly from the official GitHub repository to avoid potential malware bundled in pre-compiled binaries.

AV engines
92
MT passes
2
Net signals
0
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Suspicious reports

Browse all reports
Suspicioustrust50
lolicit.org
47m ago
Read the review
Suspicioustrust45
sexycity.cc
49m ago
Read the review
Suspicioustrust45
rabbitmeow.live
49m ago
Read the review
Suspicioustrust49
downloader.now
51m ago
Read the review
Suspicioustrust65
mobilefuse.com
53m ago
Read the review
Suspicioustrust44
skullbrokers.com
2h ago
Read the review
Suspicioustrust52
maximumprofitstrade.com
2h ago
Read the review
Suspicioustrust58
onyxx.totalh.net
2h ago
Read the review
Suspicioustrust48
simpcity.us
2h ago
Read the review
Suspicioustrust55
palletsliquidationworldwide.com
3h ago
Read the review
Suspicioustrust48
tws-debit.com
3h ago
Read the review
Suspicioustrust58
scnsrc.me
4h ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.