NINA & Escargot from the inside

I’m starting this off with a short introduction. I’m a former active member of the NINA/Escargot community and am close with many of it’s former staff. I joined the Escargot Discord server on day one and have been there before and after the NINA merger. I won’t identify myself beyond that.

I’ve been aware of some of these things for a long time, and there’s even more that I’ve learned about recently. All of it will be revealed so you can see what’s really happening behind the scenes at LevelLeap (Escargot/NINA’s holding company).

Screenshots for everything will be provided in this zip file, and specific ones will be mentioned for each point, because new users can’t embed more than one file ().

https://files.catbox.moe/rvnsem.zip

Skype Development: Ponzi scheme

epicness (a former staff member/lead developer & reverse engineer of Escargot’s Skype server) started work on REing Skype 6 as a hobby project, which then got noticed by tonyshowoff (NINA/Escargot’s head honcho) who then offered to make it an official project of NINA/Escargot. Initial work was Skype 8, but moved quickly to Skype 6/7 due to community demand. For those not in the know, Skype pre-8 is incredibly tedious and specifically designed to make reverse engineer’s life hell. The initial agreement was that once the Skype project was released, he would be able to participate in revenue splitting for donations specifically marked for the project by the donors. Enticing, because at the time he was in the middle of a financial rut, not having any real income. Tony sent him $40 kind of as an incentive or morale boost. (see screenshots 1, 2, & 4)

Probably the most concerning thing to me, however, is how revenue splitting was handled. It was determined by how many “shares” you had in LevelLeap. The procedure was that all staff, after about a year of activity, would receive 100 shares - from there, every dollar donated would be another share. (see screenshot 3)

This is the textbook definition of a Ponzi scheme: “A Ponzi scheme is a form of fraud that lures investors and pays profits to earlier investors with funds from more recent investors.” Considering that he would’ve had to pay in more for a chance at maybe, possibly getting more Skype donation revenue, it seems scummy, especially knowing that there were significant donors who were pledging to the project in amounts upwards of $5,000 in hopes that it would come back.

Around that time, he had received quite a bit of money from a bug bounty, the first real money he’d seen in a while. Tony made specific private requests for investment in shares/a short term loan as a result of the newfound source of income. (see screenshots 5 & 6)

Not to mention, Tony announced the Skype project before there was even working login, without epicness’s explicit approval, which led to immense stress due to suddenly having to deal with the wrath of 10k+ people eagerly waiting for the service, as well as many people who started donating specifically to fund the project (of which he received nothing except for the initial $40, and another individual $20 from Animadoria personally that likely came out of his pocket). He managed to push through for several weeks and made significant progress, but then had to stop to prevent burnout, which likely led Tony to apply pressure onto Animadoria to get him to continue working. (see screenshot 7)

Needless to say, Tony nearly burnt him out from working on the project as a whole before he pretty much forced himself to stop working on it, and knowing epicness that’s quite the accomplishment considering REing is one of his favorite things to do.

Competitive Gatekeeping, Hostility To the Previous Team and to Competition

I know some of you have experienced this yourselves.

The staff team, particularly Animadoria and Tony, tended to gatekeep and demean the competition on multiple occasions. For one, a significant amount of the documentation, including for several important aspects of their protocols, is incomplete or practically non-existent. To make matters worse, the staff team has said on multiple occasions that they will “document only what is necessary” despite saying in multiple places, including the wiki where their documentation used to be hosted, that they would document everything they came across. Animadoria has been contacted about documentation multiple times, to which he has stated it is “good enough” - and much of it is simply just compiled from other, non-NINA resources from back in the day.

This gatekeeping, as well as hoarding internal documentation, assets, and source codes, led them to become the “most complete” implementation of many protocols, particularly in the AOL/AIM/ICQ department, which they’ve become incredibly arrogant about. That fact you can see by just looking at their post histories on this very Forum.

Another issue that has become apparent is an unfounded hostility to both competition, a la Phoenix, CrossTalk, and other rivals, as well as their previous leadership prior to the NINA merger. As well as this there have also been hostility to previous moderators of their Discord server. The hostility continues despite their current legal battle with Yahoo/AOL. (see screenshots 8 - 11)
(wp, aka walkingphasers is @OhHelloThereImTheGuy, and campos is a former moderator for their Discord server who saw through the grift from the start)

The way they market themselves, even in public as “the one and only retro messenger revival”, downright implying that the competition is to not be cared about and simultaneously pushing away people that imply any care towards alternatives. This combined with the hostility, and making the lives of those making their own servers difficult through the gatekeeping of documentation, despite their promises to document everything, shows that Escargot/NINA would rather like to keep its foot in the door to its entire demographic as the one and only retro instant messenger revival project with an acceptably large feature set. They care more about profiting off of people’s nostalgia rather than actually preserving the original services and protocols they implement.

CSAM allegations and Pay-To-Win moderation

It has recently become apparent that NINA/Escargot has a “need” for donations (need being said very loosely, as their Patreon alone already covers server/domain costs), and will do anything to affirm that the constant flow of money continues. There have been an astonishing number of cases in which donors receive little to no punishment in situations where someone who has not poured money into the project would face at minimum a mute, or possibly a ban. This on its own is not the most abhorrent thing to come of their push to keep donors. Recently one of their biggest donors, a user by the name Pavlosik was promoted to the board. This was done with little to no consultancy of the currently active moderation team as far as can be found (usually any time a new staff member is considered, a vote is held and if even one person dissents, then they will not move forward with it), and it is actually evidenced that Pavlosik paid his way into this position. (see screenshots 16 - 18)

Later, this Pavlosik guy was outed for potentially threatening to upload CSAM (Child Sexual Abuse Material) to the file hosting service of a competing Skype revival who’s team he had beef with. Not only this, he also issued fake DMCA takedown requests to those people, and DDoSed the aforementioned file hosting service.

When it was brought up in their Discord server, their initial response was to “forgive and forget” completely ignoring the fact it’s CHILD PORNOGRAPHY we are talking about. At best this is an absolute blunder of a PR move.

The resulting shitstorm is why the Discord server ended up being shut down a couple of days ago.

See screenshots 12 - 15.

Ignoring Legal Orders/Threats

The NINA AIM services remain up as of 9 PM BST on 12th September 2025, despite orders from AOL/Yahoo’s legal counsel to cease all services. They initially received a cease & desist for deceptive branding (their logo is pixel-for-pixel the AIM running man, recolored and flipped. they still use the AIM running man in some areas to this day despite AIM being shut down). They did not comply with this order, and as a result they received a second cease & desist ordering the shut down of the NINA service. They’ve shut down the main website, Patreon, wiki, and blanked out their forums, but the AIM service remains online despite legal orders. This isn’t to say they can’t shut down at any point, but they have until the end of 12th September 2025 to fully comply to avoid any further legal trouble. And, Yahoo is owned by the same parent company as AOL (Oath, now Verizon Media), therefore the lawyers of said parent company have legal authority over any AOL trademarks (INCLUDING the AIM running man).

See screenshots 19 - 24.

Hopefully this clears up everything!

I think the only justified animosity for competition here is Phoenix, because Phoenix is owned by (what most people can imply from the INFO WARS ticker) a right-wing nut job, and also having a breach due to … running the entire service on Windows Server 2003 like a moron.

I don’t have any specific comments on any of the other statements at this time, but I will edit my post as they come apparent.

Note at the top: at the time the OP had a statement implying the CSAM allegations were entirely factual - this has since been cleared up, but I still recommend reading my first bullet point (it’s still worth discussing since it’s an integral part of the drama and why the Escargot Discord disappeared in the first place, plus the handling of the entire situation by the admins was terrible in its own way.)

A few statements myself since I’m mentioned here a few times:

• To make it entirely clear, the Pavlosik CSAM situation is not a fully proven allegation (the currently presented evidence around it is very unclear consisting of a single vague screenshot from apparently an administrative chat of the aforementioned file host, and Pavlosik himself denies it ever happening), although the DDoS and DMCA part of it have more significant proof from Animadoria’s own conversations with Pavlosik and some other, more detailed screenshots flying around from both the accuser and the targeted Skype recreation project itself. My opinion is, even outside of any wrongdoing of Pavlosik’s, his current stance on this situation, and whether the CSAM allegations are true or not (because I know there’s been some discussion going around on this topic), the way the situation was handled by the rest of the administration team was, at best, a horrendous PR nightmare for Escargot/NINA. And either way - you should never let people buy onto your staff team anyways, especially when this onboarding entirely bypassed the specific policies we had in place on the staff team to ensure situations like this didn’t happen, and was done entirely silently. It was mentioned to the staff a little while after the fact, but many people didn’t even know Pavlosik became an administrator until the accusations came out, which is highly concerning considering other high level staff additions like TommyD’s addition to the Internal role (second highest staff role) were publicly announced at the time they happened.
• I’m going to clarify on the situation regarding Skype and the financial aspects surrounding it from both my side and NINA/Escargot’s. To explain my financial backstory - I was removed from a position in IT administration with a non-profit organization in roughly October of 2024 due to a mix of significant funding cuts and shady behavior on my former employer’s side (including an entire $1k+ that I was never paid for parts of my work.) In late March when I started on Skype, and even still to this day to an extent (although things are looking up and I got a smaller contract gig in mid July, as well as the aforementioned bug bounty in mid June), I still have not received another significant employment position. This was stuff that I had discussed publicly and that the staff team almost certainly knew about. When I decided to take on Skype, mostly just to poke around at it, I didn’t expect the attention it got from the administration team, although maybe I should’ve considering Skype was known to be going dormant in a little over a month at that time. About the earlier financial struggles - by the time things started truly ramping up from the Skype project in mid April, I had used up the roughly $700 I had left from October and was practically on the verge of bankruptcy - missing education loan payments, racking up late fees and interest on those and having to even borrow money from family to stay afloat. At this point, Tony had already announced the project, long before I had anything to truly show for it besides some logs from very early stages of development. So, of course, when large amounts of money specifically earmarked for Skype start flying in and Tony says I can have a cut, that’s highly exciting to me as someone who was completely broke. Of course, then the conversations of buying more shares for a higher cut of Skype donation money came in, and then getting basically asked for $500 directly after getting out of this financial situation, and then Tony pressuring me from all angles to basically push me to keep going on Skype, leaving me to nearly burn out. I had to stop myself and just tune all of that out because I didn’t want to completely burn out from the project as a whole. Not to mention, Skype was an entirely separate codebase from the rest of the Escargot/NINA code at the time because yes, after nearly 5 years of work with Escargot, I still wasn’t trusted with the actual code.

So, that’s my statement on this situation - clarifying some things that needed to be clarified and giving a bit of my own side of the story for some of this. I’ve never used this forum personally but I wanted to jump in with an old account I have and talk about this, and I’ll try to keep up with the thread and answer questions as I can.

And I know the question’s gonna pop up since I’m here, WHAT HAPPENED TO SKYPE?!?!?!?!? - I’ve moved it to CrossTalk, where I plan to document everything (actually), release it for completely free like everything else on there, as well as eventually make it all open source - because what’s a preservation project without actual preservation?

Thanks to all of you nerds who are into retro tech and IM clients and I hope to see you all around at some point - you are the reason why I keep going even after something like this.

pffffhahahaha okay, i’m not surprised with how fucked up the management has already been made to be with previous incidents

While I’m here, I’ll let you all know what I know about the recent AIM incident that resulted in large amounts of users being left unable to log in. (I’m trying to reference specific sources so that you all know what happened on this front)

Earlier this month, a mass spamming event happened across a few NINA platforms. It started with the registration of a user with the name “BasedRacist1488” that created a profile with racial slurs, which the users saw and was quickly followed by forum spam that implied the user was lurking in the Discord.

The forums closed and quickly came back up with “protections” - that didn’t work, as the forums were spammed by multiple old accounts that were likely compromised from information stealer logs (TLDR: someone runs a sketchy executable and everything in local password managers/etc. gets uploaded to a malicious actor, which then may get widely distributed.) This spam included an administrator’s dox as well as graphic shock images.

When the forum webhook was removed from the Discord, this spam transferred to Last Call, which had a Discord bridge - I don’t remember everything, but the spam involved more racial slurs, doxxing, and a mocking edit of an administrator’s dead cat.

Tony quickly began to take measures after these incidents:

Now, I don’t expect you to have knowledge of SQL for this post, but the summary of these screenshots is:

• tb_umf_users_user and tb_umf_users_user_profile are related to the “Users Master File” (terminology stolen from AOL) which is basically the database where all Escargot/NINA user information is stored.
• The screenshot shows that Tony removes the general access flag from all people who haven’t donated. The “general access flag” in this case is the basic indicator that gives users access to certain services (such as AIM) that are released as “free”.
• After this, he re-adds the general access flag to people who logged in after September 5, 2024 (a year before the date this happened) that weren’t already suspended. He also re-adds it to everyone who had enabled the profiles feature. (This will become notable later on.)
• The COUNT queries ran by tonyshowoff say, before the changes, 121,841 people had access to AIM and the forums. (This was basically all users, minus suspended users.) After the changes, only 42,775 users have access.

The thing is, this on its own wasn’t the worst thing that could’ve happened - while the numbers are large, most active members would’ve been fine - it was just if someone took a break for more than a year and decided to come back, they would find they no longer had access to AIM.

Unbeknownst to them, the spammer already had another session from a stolen account before these changes were made and spammed one last time. After that account was banned, he then states this:

Effectively, this is the same SQL code run before, but without the second part - and this is what made the incident significantly impactful. This had suddenly went from “okay, maybe a few people who hadn’t touched the service in a while can’t log in anymore”, to “99.9% of users are suddenly unable to log into the service, even active members who could just log in yesterday or a few hours ago”.

Of course, this caused an influx of support requests asking about why they suddenly weren’t able to log into AIM - with which Tony responded and usually just reactivated accounts with no explanation as to why they were deactivated in the first place. Furthermore, his statement in staff chat basically told everyone to keep quiet, and direct people to support to let Tony handle everything himself:

Eventually, this was properly clarified as a “limited account” system was implemented and a good 1,000+ accounts were found to be in information stealer logs and subsequently suspended while they waited to notify individuals they were hacked as they posted in the support channel. But the initial secrecy surrounding almost the entire userbase suddenly being unable to log into a service they promised was free, with no explicit announcement, never stating why it happened, and very vague responses when brought up is sketchy in its own way. I don’t defend the spammer’s actions, but at least notifying the public that an attack is underway and you’re working to implement security measures would’ve been the way I approached this publicly.

Signing out, again, for now - I’ll pop in to answer questions if needed, but this has been a whole situation and I’m just trying to get the information where it needs to go at this point.

I’ve been reading what you guys are saying, and I get your points, but there’s some things I’d like to say to clean up the air, especially about me.

1. The “forgive and forget” was a bad choice of words. I never, under any circumstance, wanted to, in any shape or form, just sweep things under the rug. It is a complicated matter, but what I meant was to say something amongst the lines of “let’s see what is true and what is not, the DMCA part was true, and he apologized, but it was in the past, so let’s forgive and forget about that”. I didn’t just say “hey that’s totally ok”; absolutely not. It was a bad choice of words, and I admit my mistake and it still haunts me every second of my day. Internal investigations were still happening.
2. “They initially received a cease & desist for deceptive branding”: false. We never got an explicit cease and desist, just that we were using their original logos on our websites; and to schedule a conversation with the lawyers. The second email we got had the choices we could take. “have until the end of 12th September 2025 to fully comply to avoid any further legal trouble”; also false, and I’m not sure where this date came from.
3. “Another issue that has become apparent is an unfounded hostility to both competition, a la Phoenix, CrossTalk, and other rivals, as well as their previous leadership prior to the NINA merger.”. I unfortunately have to admit with that, as I’ve been known to be harsh to competitors. About the campos and wp/walkingphasers conversations, those are four years old, and at the time, things have happened between us and we weren’t friends in the slightest. I haven’t talked to wp in a long time; I have been on Discords with campos and I haven’t been harsh or anything to him or vice versa, so I do think that is in the past.

If you guys have any questions to ask me, I’ll be happy to answer, but this is been very chaotic and it’s taking a toll on me. I am sorry if I hurt anyone deliberately or otherwise.

We had to be careful to not announce what our security decisions were because they could just come up with ways to circumvent it. Once my PII is being spread around, and spamming multiple slurs is involved, I had to be careful about what was going on. All those decisions were rolled back later, anyway, it was more of a “quarantine” solution.

Thanks for this write up, it’s been hard to find any proper info so far, so this is a really good start for a layman like me. I was inactive in the discord, but a donating member at times when it was asked, and a member of patreon.

I know it had been discussed a few times when donations were “needed urgently”, if maybe some things should be scaled down if it’s too expensive to host/keep up. But the topic never really went anywhere afaik. I’m of the belief that if trying to keep nina/aol/icq/msn/skype and whatnot, and the money doesn’t go around, the obvious answer was to shave off the projects that were less popular - or leave it to someone else (ie opensource/let people make forks and decide what they want.). That is, if the funding issues were not made up as hinted in this thread?

Maybe because I’m such a layman and noob and don’t know anything about RE, that I cannot understand that giving up a project like that and allow others to try, is too jagged a pill to swallow - i dont know. But for me that was still the obvious answer in my head whenever there were funding issues or similar.

As an “audience”, there was at least to me an aura of gatekeeping the softwares, and that they’d rather see it go down forever than just let it become open source. I’m not claiming that is was what going on, or that it was their intention, I’m just saying that as someone who had no real say in this and just watched from the sideline, that it how it came across at times.

Overall I would always give them the benefit of the doubt, because it does seem like project they were very much interested in. More or less any time of the day, if there were issues on MSN/aim or whatever, there was someone in the discord who would check up on it immediately. They were open for questions, explaining things, etc.

I do hope that this sparks a new beginning, especially in this day and age with the OSA and all of this, that we will see WLM/MSN fully open sourced/FOSS, and forked by anyone who wants.

And although I didn’t donate much, as I dont have much to spare these days - it does feel sort of icky now to know that it may have been so messy behind the scenes, and to read all this in the OP. The idea of REing MSN (and how good it works/looks) was to me well worth the patreon, because it’s a cause I believe in - and even now more than before. But I’m starting to second guess this if in the long run, it’s not going to be FOSS to allow forks or whatever.

i was so fucking right about them. they only care about competition and money, not preserving any of msgrs

wwwwwwwww move

I feel like this could have been immediately quarantined with some WAF rules to make forum endpoints a whitelist but hindsight is 20/20

Well… that sums it up mostly… damn, what a mess is this community right now…

Hopefully Microsoft will never go after Escargot between late 2025 and early 2026! At all.

we all know it’s gonna happen eventually, WHEN is the key word for it

aged like milk

well this happend after they’ve been exposed

I was half-believing what was going on with open-source, so I’m very thankful they’re like, actually working on it.

they still had the choice to not open source, and they still did it. be grateful that one of your wishes has been granted

Nah cuz this shit was open source like 5 years ago and it jus had to turn closed source Fuck outta here.

“Shut up, Meg.” — Peter Griffin, Family Guy