Gassing StationThe Pie & PistonNews, Politics & Economics
"Operation Cookie Monster" seized
PistonHeads » Gassing Station » The Pie & Piston » News, Politics & Economics
"Operation Cookie Monster" seized
My ProfileMy PreferencesMy Mates
SearchMy Stuff
What's New3122472
Reply
OP Posts Only
OP Posts Only
Reply
OP Posts Only
Author
Discussion

rjfp1962

Original Poster:

9,054 posts

95 months

[report]
[news]
Wednesday 5th April 2023
quotequote all
Genesis Market: Popular cybercrime website shut down by police.

https://www.bbc.co.uk/news/uk-65180488

Getragdogleg

9,819 posts

205 months

[report]
[news]
Wednesday 5th April 2023
quotequote all
How the hell did they spoof the location and device data for users ? that's a seriously scary thing.

What's stopping someone doing that and accessing websites and content with someone else's name/id/location/device ? Committing online crimes masked as some innocent ?

I had no idea that was possible !

peterperkins

3,299 posts

264 months

[report]
[news]
Wednesday 5th April 2023
quotequote all
Hopefully the Police have been watching the site and gathering data for a while and can now at their leisure hoover up a bunch of total scummers nervously waiting for a knock on the door.

Sixsixtysix

2,825 posts

188 months

[report]
[news]
Wednesday 5th April 2023
quotequote all
Getragdogleg said:
How the hell did they spoof the location and device data for users ? that's a seriously scary thing.

What's stopping someone doing that and accessing websites and content with someone else's name/id/location/device ? Committing online crimes masked as some innocent ?

I had no idea that was possible !
My understanding is if you have a compromised PC, they can take the session cookies that most of use so we don't need to keep logging in, or proving where we are.

It's a fine line, isn't it - I get annoyed if I have to keep logging into websites/apps but if we were all forced to log out properly every time, these types of attack would be harder to pull off.

Mr Whippy

32,161 posts

263 months

[report]
[news]
Wednesday 5th April 2023
quotequote all
2FA!

But then that is just the next thing to get nerfed somehow.

AI powered face ID unlocking iPhones and stuff.

Biometric ID (rather than random usernames) and 'smartphone' concentration (rather than a password you store in your brain) are just the next thing to be targetted.

hairykrishna

14,346 posts

225 months

[report]
[news]
Wednesday 5th April 2023
quotequote all
Getragdogleg said:
How the hell did they spoof the location and device data for users ? that's a seriously scary thing.

What's stopping someone doing that and accessing websites and content with someone else's name/id/location/device ? Committing online crimes masked as some innocent ?

I had no idea that was possible !
It's fairly trivial a lot of the time. Ultimately, whatever you are logging into relies on your device reporting a bunch of info to it. If you already know all that info then it's not hard to send it back as a response to requests.

souper

2,457 posts

233 months

[report]
[news]
Wednesday 5th April 2023
quotequote all
Linus Tech Tips lost his whole site through Session Cookies hacked.
https://www.youtube.com/watch?v=yGXaAWbzl5A
Reply
OP Posts Only
OP Posts Only
Reply
OP Posts Only

Gassing Station | News, Politics & Economics | Top of Page | What's New | My Stuff