Gassing Station » News, Politics & Economics
PistonHeads » Gassing Station » The Pie & Piston » News, Politics & Economics
"Operation Cookie Monster" seized
My ProfileMy PreferencesMy Mates
SearchMy Stuff
What's New3122472

"Operation Cookie Monster" seized

Reply
OP Posts Only
OP Posts Only
Reply
OP Posts Only
Author
Discussion

rjfp1962

Original Poster:

8,260 posts

79 months

[report]
[news]
Wednesday 5th April 2023
quotequote all
Genesis Market: Popular cybercrime website shut down by police.

https://www.bbc.co.uk/news/uk-65180488

Getragdogleg

9,043 posts

189 months

[report]
[news]
Wednesday 5th April 2023
quotequote all
How the hell did they spoof the location and device data for users ? that's a seriously scary thing.

What's stopping someone doing that and accessing websites and content with someone else's name/id/location/device ? Committing online crimes masked as some innocent ?

I had no idea that was possible !

peterperkins

3,201 posts

248 months

[report]
[news]
Wednesday 5th April 2023
quotequote all
Hopefully the Police have been watching the site and gathering data for a while and can now at their leisure hoover up a bunch of total scummers nervously waiting for a knock on the door.

Sixsixtysix

2,745 posts

172 months

[report]
[news]
Wednesday 5th April 2023
quotequote all
Getragdogleg said:
How the hell did they spoof the location and device data for users ? that's a seriously scary thing.

What's stopping someone doing that and accessing websites and content with someone else's name/id/location/device ? Committing online crimes masked as some innocent ?

I had no idea that was possible !
My understanding is if you have a compromised PC, they can take the session cookies that most of use so we don't need to keep logging in, or proving where we are.

It's a fine line, isn't it - I get annoyed if I have to keep logging into websites/apps but if we were all forced to log out properly every time, these types of attack would be harder to pull off.

Mr Whippy

29,555 posts

247 months

[report]
[news]
Wednesday 5th April 2023
quotequote all
2FA!

But then that is just the next thing to get nerfed somehow.

AI powered face ID unlocking iPhones and stuff.

Biometric ID (rather than random usernames) and 'smartphone' concentration (rather than a password you store in your brain) are just the next thing to be targetted.

hairykrishna

13,478 posts

209 months

[report]
[news]
Wednesday 5th April 2023
quotequote all
Getragdogleg said:
How the hell did they spoof the location and device data for users ? that's a seriously scary thing.

What's stopping someone doing that and accessing websites and content with someone else's name/id/location/device ? Committing online crimes masked as some innocent ?

I had no idea that was possible !
It's fairly trivial a lot of the time. Ultimately, whatever you are logging into relies on your device reporting a bunch of info to it. If you already know all that info then it's not hard to send it back as a response to requests.

souper

2,441 posts

217 months

[report]
[news]
Wednesday 5th April 2023
quotequote all
Linus Tech Tips lost his whole site through Session Cookies hacked.
https://www.youtube.com/watch?v=yGXaAWbzl5A
Reply
OP Posts Only
OP Posts Only
Reply
OP Posts Only

Gassing Station | News, Politics & Economics | Top of Page | What's New | My Stuff