The moral of this story is that there is no honour amongst thieves!!!
Mystery database left open turns out to be at heart of a huge Groupon ticket fraud ring
We have a new twist on the "researchers find unprotected public-facing cloud-hosted database" story, as one recently uncovered archive turned out to be at the heart of a years-long fraud operation. The folks at VPNmentor said they were confused when first encountering a mystery database that contained details on scores of …
COMMENTS
-
-
-
-
Thursday 12th September 2019 17:23 GMT Crazy Operations Guy
Yeah, but the person paying may not actually be aware that they are paying for it. The fraudsters could be using a stolen credit card to pay for hosting, or just hijacking someone's cloud account. I've seen more than a few occasions of employees of large corporations throwing their own instances in with the company's massive fleet, I wouldn't be surprised if some of those were used for nefarious purposes.
-
-
Thursday 12th September 2019 11:33 GMT lglethal
"The moral of the story is, as always, keep track of your cloud database instances and always make sure public access is disabled. "
Unless of course your a criminal, in which case, by all means leave it open for the world to see. And dont follow any of the suggestions listed in this document. Just continue on as before. Thanks very much...
-
Thursday 12th September 2019 16:42 GMT Jimmy2Cows
Fake accounts? You sure?
Even more curious, when the team tried to track down the owners of the exposed email addresses, they got few responses, indicating the vast majority were fake accounts.
Sounds a tad hyperbolic. Perhaps equally likely is these days fewer people respond to emails along the lines of "Your account has been hacked. Please confirm your email address." or however their "tracking" effort went, thus severly limiting responses from owners of exposed email addresses.
-
-
-
Saturday 14th September 2019 20:18 GMT waldo kitty
Re: Fake accounts? You sure?
I would love to have a simple way of populating Chrome's password store with fake logins (real login in password manager), as I suspect that some webpage malware has been able to access the password store - given the old passwords that I'm threatened with.
why use malware to access and decrypt some local password storage when one only need to use an "invisible" iframe and embed a ftp link which causes the browser to use the user's configured name and password? that's an old method, though, and it doesn't really work any more with modern browsers... it wasn't quite that easy, either, but it is the gist of the method that i'm conveying without going into too much detail...
remember, there are some very sneak bastards out there in the ethers...
-
-
-
Friday 13th September 2019 16:20 GMT Roland6
Re: Fake accounts? You sure?
>Even more curious, when the team tried to track down the owners of the exposed email addresses, they got few responses, indicating the vast majority were fake accounts.
I wonder if the team tried them against Troy Hunt's Have I Been Pwned DB.
Certainly, this adds a new dimension to Have I Been Pwned, a DB of known fake email addresses and associated passwords that have been used by criminals...
-
-
Thursday 12th September 2019 21:18 GMT Anonymous Coward
"people still use this voucher biz – who knew?"
What surprises me more is that Groupon didn't die to to a lack of new *businesses* signing on. It became clear years ago that Groupon had hugely oversold many the idea that all those people they'd get through the door with (in effect) loss-leaders would become upsellable repeat customers, when the reality was that most were only interested in getting as much as they could as cheaply as possible from them before moving on to the next Groupon.
Having had their business disrupted by Groupon shoving way more customers than they could handle through their door (another problem IIRC), disrupting their regular- and profitable- business and clientele with nothing to show for it but way more losses than expected and Groupon adding insult to injury by taking their cut... well, you'd assume that most who hadn't already been burned would have learned from others.
From what I remember, it was generally considered that the only businesses Groupon was considered a sensible idea for- if any- were those who ran services, classes and so on that had larger or more malleable profit margins and where a significant proportion of buyers were likely to end up not using the vouchers they'd purchased. Or those with a large amount of some arbitrary thing that they needed to shift but could afford to discount significantly.
-
Saturday 14th September 2019 20:22 GMT waldo kitty
Re: "people still use this voucher biz – who knew?"
this reminds me of those laughable TV ads for discount sites... the ones where the the people are saying things like "i made $900" and similar... this goes for those credit cards ads that do the same thing touting their "cash back" offers... the folks falling for these come-ons didn't "make" anything... they simply saved it... maybe...
-