"Operation Cookie Monster" seized
Discussion
Genesis Market: Popular cybercrime website shut down by police.
https://www.bbc.co.uk/news/uk-65180488
https://www.bbc.co.uk/news/uk-65180488
How the hell did they spoof the location and device data for users ? that's a seriously scary thing.
What's stopping someone doing that and accessing websites and content with someone else's name/id/location/device ? Committing online crimes masked as some innocent ?
I had no idea that was possible !
What's stopping someone doing that and accessing websites and content with someone else's name/id/location/device ? Committing online crimes masked as some innocent ?
I had no idea that was possible !
Getragdogleg said:
How the hell did they spoof the location and device data for users ? that's a seriously scary thing.
What's stopping someone doing that and accessing websites and content with someone else's name/id/location/device ? Committing online crimes masked as some innocent ?
I had no idea that was possible !
My understanding is if you have a compromised PC, they can take the session cookies that most of use so we don't need to keep logging in, or proving where we are. What's stopping someone doing that and accessing websites and content with someone else's name/id/location/device ? Committing online crimes masked as some innocent ?
I had no idea that was possible !
It's a fine line, isn't it - I get annoyed if I have to keep logging into websites/apps but if we were all forced to log out properly every time, these types of attack would be harder to pull off.
Getragdogleg said:
How the hell did they spoof the location and device data for users ? that's a seriously scary thing.
What's stopping someone doing that and accessing websites and content with someone else's name/id/location/device ? Committing online crimes masked as some innocent ?
I had no idea that was possible !
It's fairly trivial a lot of the time. Ultimately, whatever you are logging into relies on your device reporting a bunch of info to it. If you already know all that info then it's not hard to send it back as a response to requests.What's stopping someone doing that and accessing websites and content with someone else's name/id/location/device ? Committing online crimes masked as some innocent ?
I had no idea that was possible !
Linus Tech Tips lost his whole site through Session Cookies hacked.
https://www.youtube.com/watch?v=yGXaAWbzl5A
https://www.youtube.com/watch?v=yGXaAWbzl5A
Gassing Station | News, Politics & Economics | Top of Page | What's New | My Stuff