|
every so often that campaign will message me from a compromised account and i'll tease a bit more of their background out. they're not reselling accounts and only want single specifically valuable trading items they don't focus based off of inventory though and it's entirely a manual effort. the person chatting passes compromised accounts to someone else to sift for valuables they recently changed their domain and backend but that was after months of the same plan. the script hasn't changed and still gets low hanging fruit through perseverance naturally even this brings a more stable income than local jobs, and they view it as just entertainment products so no moral issues
|
# ? Apr 1, 2021 23:45 |
|
|
# ? Apr 25, 2024 06:40 |
|
Wiggly Wayne DDS posted:every so often that campaign will message me from a compromised account and i'll tease a bit more of their background out. they're not reselling accounts and only want single specifically valuable trading items If I remembered the account that messaged me, I would go and report it, but it was a distant acquaintance and they make sure to block everyone after they're done running the script or deviate from it, so I can't pull them up again. Hopefully someone else on their friends list alerts them. The psychology of phishers/scammers is interesting; I watch a lot of scambaiting videos on YouTube and occasionally the uploader will get through to the scammer at the end of the saga and confront them about what they're doing. Indeed, most of them believe themselves morally sound; after all, why would you keep doing it day after day if it didn't rest easy on your conscience? It's good to hear that they're focused on items and not going to try and resell my email on the darkweb or something (joke would be on them, it doesn't exist anymore), or try to lock me out/compromise related accounts, but obviously I'm not going to take any chances! e: I also hope this inspires some of you to go on a password updating/MFA enabling spree like I did when I posted about my friend's Twitter account being mysteriously compromised a while back. Bought me some peace of mind! Cup Runneth Over fucked around with this message at 23:57 on Apr 1, 2021 |
# ? Apr 1, 2021 23:53 |
|
Sure, but just to be clear to the casual reader, this isn't prevented by a strong password or MFA.
|
# ? Apr 2, 2021 00:05 |
|
Internet Explorer posted:Sure, but just to be clear to the casual reader, this isn't prevented by a strong password or MFA. Of course, since I had both. But having Steam Guard on certainly limited the changes an attacker could make to my account, and having a password manager means my passwords are unique, so one being stolen won't allow the attacker to compromise other accounts, and I only have to change 1 if it's compromised.
|
# ? Apr 2, 2021 00:07 |
|
Cup Runneth Over posted:Of course, since I had both. But having Steam Guard on certainly limited the changes an attacker could make to my account, and having a password manager means my passwords are unique, so one being stolen won't allow the attacker to compromise other accounts, and I only have to change 1 if it's compromised. MFA all the things.
|
# ? Apr 2, 2021 00:45 |
|
Internet Explorer posted:Bravo on you for sharing.
|
# ? Apr 2, 2021 00:48 |
|
BlankSystemDaemon posted:Mikrotik is supposedly the other option. Mikrotik is surprisingly good if you want to use a late 90s config management tool (winbox.exe) to manage your internet poo poo, and don't mind some Slavic jank that seems to ooze through in strange areas (several routing engines being single threaded, on a 16+ core machine). Config it right, lock down all the config ports and turn off all services you don't actively use, and subscribe to the 'Uhhhhhh, we, perhaps, maybe, might have hosed up' mailer. I've had my cloud core router thing for 4? years and aside from periodically updating it, I've had exactly zero issues with it. Their wireless stuff is less slick than the Ubiquiti stuff, but once you get it set up, the stuff lasts for years, but setting them up can be annoying. And if Mikrotik gets hellowned, just reset your mikrotik owners forums password, and possibly roll back a dodgy update to a previous version.
|
# ? Apr 2, 2021 04:53 |
|
someone tried to phish my steam account with this visible in the bottom of the login page also, iirc steam does actually send you the location on new access? you get sent to a link where it shows yours and theirs
|
# ? Apr 2, 2021 09:18 |
|
Methylethylaldehyde posted:Mikrotik is surprisingly good if you want to use a late 90s config management tool (winbox.exe) to manage your internet poo poo, and don't mind some Slavic jank that seems to ooze through in strange areas (several routing engines being single threaded, on a 16+ core machine). The 90s/early 2000s feel of the config tools and web interfaces is something I find almost endearing, in a "yeah, we don't spend much time on polish, but our gear can do so much neat stuff!" way. Wifi channels? No, have a list of frequencies, including a bunch that don't adhere to the standards (eg. 5MHz spacing instead of 20MHz), better know what you're doing! I still haven't figured out how to make DHCP traverse to a client behind an AP in client mode, but that is kind of hacky setup in the first place, I really should just pull some cat6.
|
# ? Apr 2, 2021 10:42 |
|
Biowarfare posted:someone tried to phish my steam account with this visible in the bottom of the login page Nah, didn't even receive an email telling me I'd logged in from a new location.
|
# ? Apr 2, 2021 20:16 |
|
KozmoNaut posted:The 90s/early 2000s feel of the config tools and web interfaces is something I find almost endearing, in a "yeah, we don't spend much time on polish, but our gear can do so much neat stuff!" way. My first purchase was a 16 port SFP+ switch to replace my Nexus 5548 in the homelab, and my ears have never been happier! Definitely took some learning how to make things work properly in Mikrotik land, but solid hardware. Software web interface definitely looked identical to a Geocities page.
|
# ? Apr 3, 2021 06:10 |
Methylethylaldehyde posted:Mikrotik is surprisingly good if you want to use a late 90s config management tool (winbox.exe) to manage your internet poo poo, and don't mind some Slavic jank that seems to ooze through in strange areas (several routing engines being single threaded, on a 16+ core machine).
|
|
# ? Apr 3, 2021 19:44 |
|
KozmoNaut posted:The 90s/early 2000s feel of the config tools and web interfaces is something I find almost endearing, in a "yeah, we don't spend much time on polish, but our gear can do so much neat stuff!" way. Remember appreciating the hell out of open source when you flashed your router with something like WRT54G and get a soooooo many more options and a UI that felt so good. Network security is still kind of a black magic to me. "You mean there are things in windows networks that *give* you password hashes?!?". I recently set up my Valheim server on a new subnet on its own vlan id. Spent a day and a half figuring out how to come out of the old subnet to the server subnet, but only in that direction (no server creating connections my client) to play on the server and it demonstrated to me I will never be a network admin/security guy. Before I figured it out, I had to VPN out and come back in on the afraid.org dyndns my external ip is connected to which I am now realizing is very problematic and another big headache.
|
# ? Apr 3, 2021 22:30 |
|
EVIL Gibson posted:Remember appreciating the hell out of open source when you flashed your router with something like WRT54G and get a soooooo many more options and a UI that felt so good. My WRT54G running DD-WRT and later Tomato certainly did pull its weight in my old dorm room, lots of fun tweaking around to avoid issues with the ~25 other networks I could detect, all of them 2.4GHz of course, none of us were fancy enough for 802.11a. I had an old Alphaserver 1000A running NetBSD as a file server and to SSH into, when I got bored in class. 400MHz 64-bit CPU, something like 640MB RAM, a 5x36GB RAID5 for files and 2x18 RAID1 for system, using pilfered disks from an old decommisioned DEC SAN setup. Man that thing was noisy as hell in a dorm room.
|
# ? Apr 3, 2021 23:41 |
|
Cup Runneth Over posted:If I remembered the account that messaged me, I would go and report it, but it was a distant acquaintance and they make sure to block everyone after they're done running the script or deviate from it, so I can't pull them up again. Hopefully someone else on their friends list alerts them. Awareness is of course important too - we've been laughing at dumb goons getting caught by this over in the Steam thread for months now e: glad nothing of value was lost because you had defense in depth, but of course the true defense is to not have any friends Albinator fucked around with this message at 02:40 on Apr 4, 2021 |
# ? Apr 4, 2021 02:38 |
|
Albinator posted:but of course the true defense is to not have any friends Truer words were never spoken
|
# ? Apr 4, 2021 04:52 |
|
The best defense is to have nothing to defend. Delete your accounts, encase your computer in concrete, and drop it in the sea as you sail away to your new life.
|
# ? Apr 4, 2021 18:23 |
|
Volmarias posted:The best defense is to have nothing to defend. Delete your accounts, encase your computer in concrete, and drop it in the sea as you sail away to your new life. And the next day it'll be revealed that concrete has been vulnerable to an aggregate overflow attack since the incorporation of volcanic ash in version 4.6 in 31 BC.
|
# ? Apr 4, 2021 19:51 |
|
My threat model does not include octopi
|
# ? Apr 4, 2021 20:57 |
|
Volmarias posted:My threat model does not include octopi I have a vagina and live on the same planet as Japan, so mine does.
|
# ? Apr 4, 2021 20:59 |
|
Arivia posted:I have a vagina and live on the same planet as Japan, so mine does.
|
# ? Apr 4, 2021 23:55 |
|
So your phone number(s) are probably out there. https://twitter.com/mikko/status/1378694432652939264
|
# ? Apr 5, 2021 01:08 |
|
Yeah my buddy just confirmed my phone info is in the leak. Feels bad man.
|
# ? Apr 5, 2021 01:26 |
|
Deleted my Facebook about 10 months ago, I'm not showing up in have I been pwned for Facebook. So the data appears to be fairly recent.
|
# ? Apr 5, 2021 01:30 |
|
No, the data is from 2019, but not every account got hit by the phone number association attack.
|
# ? Apr 5, 2021 01:34 |
|
Never had a Facebook.
|
# ? Apr 5, 2021 02:46 |
|
Arivia posted:I have a vagina and live on the same planet as Japan, so mine does. Better encase it with concrete then
|
# ? Apr 5, 2021 03:43 |
|
Huh, I'm not in it. Lucky me. Guess it's time to delete my facebook, don't think I've used it for a couple years now.
|
# ? Apr 5, 2021 04:52 |
|
how are you checking phone numbers?
|
# ? Apr 5, 2021 06:17 |
|
RFC2324 posted:how are you checking phone numbers? Would be curious to know as well. I saw one shady site that claimed to be checking numbers but that was it - https://www.thenewseachday.com/facebook-phone-numbers-us Have I been pwned has added the breach to their database as well - https://haveibeenpwned.com/PwnedWebsites#Facebook but im not sure if they're just checking emails associated with the breach or letting you search for numbers.
|
# ? Apr 5, 2021 15:19 |
BaseballPCHiker posted:Would be curious to know as well. I saw one shady site that claimed to be checking numbers but that was it - https://www.thenewseachday.com/facebook-phone-numbers-us Troy has been discussing on Twitter whether or not to add the phone numbers, don’t think he’s decided yet.
|
|
# ? Apr 5, 2021 15:20 |
|
BaseballPCHiker posted:Would be curious to know as well. I saw one shady site that claimed to be checking numbers but that was it - https://www.thenewseachday.com/facebook-phone-numbers-us You can currently only check by email, as of late last night. Mine didn't show up as having been pwned by facebook(always fun running an email thats been active for 20 years through that database)
|
# ? Apr 5, 2021 15:55 |
Cup Runneth Over posted:Never had a Facebook. Every one of the "share" buttons you see on every page can be used to build a pretty comprehensive shadow profile on anyone on the internet, and they're incredibly hard to block.
|
|
# ? Apr 5, 2021 17:22 |
|
BlankSystemDaemon posted:No, but Facebook have a profile for you anyhow. Well, don't know how hard they are exactly, but I've been using EasyPrivacy's uBlock list for years, among others.
|
# ? Apr 5, 2021 17:44 |
|
Cup Runneth Over posted:Well, don't know how hard they are exactly, but I've been using EasyPrivacy's uBlock list for years, among others. Lol well this definitely won’t do it
|
# ? Apr 5, 2021 17:48 |
|
thats the old busted compromised ublock, isn't it?
|
# ? Apr 5, 2021 18:02 |
|
BlankSystemDaemon posted:No, but Facebook have a profile for you anyhow. The EFF has a privacy badger plugin for Firefox that will accomplish this.
|
# ? Apr 5, 2021 19:45 |
|
Cup Runneth Over posted:Never had a Facebook.
|
# ? Apr 5, 2021 19:45 |
|
RFC2324 posted:thats the old busted compromised ublock, isn't it? Nah I use Origin The Iron Rose posted:Lol well this definitely won’t do it I'm not quite enough of a hermit to install NoScript evil_bunnY posted:That's cool but unless you have no friends Where do you think we are
|
# ? Apr 5, 2021 19:49 |
|
|
# ? Apr 25, 2024 06:40 |
|
BaseballPCHiker posted:The EFF has a privacy badger plugin for Firefox that will accomplish this. there is also a plugin that automagically containerizes facebook, called Facebook Container, using Firefoxes built in containers.
|
# ? Apr 5, 2021 19:51 |