Scammer asks for password, gets his database wiped by prospective victim

Why register a domain when you don’t have to. Besides, that would only further incriminate yourself. I wonder how long it takes the scammer to clue in. This post makes it a widespread international story, but who knows what the scammer has been focussing on. The IP address remains exposed to all and that might eventually expose him, or it could result in harassment of whomever tries to use the IP in the future. The Internet can have a long tail…

For that matter, isn’t listening only on the loopback adapter or on a unix socket the out-of-box default?

Trinity used nmap, so that’s cool. I might use masscan for that (judiciously, against active attackers).

Open MySQL… Jeez. my router doesn’t forward that port to the Internet. I set access permissions to a user from a particular IP address. (I just tried to access a LAN DB from my devel Pi rather than my PC and was blocked. Oh yeah, have to allow that IP address.) And I use parameters with my SQL at the very least, so injection would be hard.

This is all true.
I just tend not to think of it as an operation though. An operation suggests a level of organization that might might make something a little slicker and competent for these reasons.

But I can believe “evil, lazy and sloppy” just as easily as I can “evil and lazy” too…

I was curious, so I looked this up. According to Wikipedia1, nmap was first released in 1997, two years before Napster’s 1999 release. So if anything, the evolution went the other way. :wink:

1the changelog on nmap’s website only goes back to 2.05 in 99

I’m guessing “script kiddie” and either “the cliff notes version didn’t cover secure configuration” or “if you don’t know why it’s not working, keep turning off/loosening security settings until it does”-school troubleshooting.(See also, running all kinds of crazy stuff as root because configuring least privilege access is hard and annoying…)

Some criminals are scary good; or at least professional quality; but it’s not a field exactly short on opportunistic noobs.

2 Likes

Aside from some “CALEA is arbitrarily elastic” witch hunt if you’ve peeved people for other reasons I’m not sure port scanning even falls under anyone’s jurisdiction. Get silently blacklisted by one or more systems if you are too blatant? Sure. But unless you are doing it at DDoS rates it’s pretty much just spidering but for stuff that isn’t web sites; a wholly legitimate mapping operation.

Doesn’t have a totally legitimate smell to it, so nobody will mourn too hard if someone decided you’ve violated a ToS and you need to get a new ISP or VPS; but that’s a long way from having something to go to the cops with; even if they cared, which they substantially don’t.

1 Like

Looks like the video has been taken down.
Does anybody have an alternate link?

This topic was automatically closed after 5 days. New replies are no longer allowed.