The Tech Corner
The Tech Corner is a technology news and advice column presented each week courtesy of Melvin McCrary at Georgia Computer Depot in Cedartown. fied version of the Tor Browser specifically built to let users access The Rodeo marketplace.
The settings drop-down menu provides users with the option to load The Rodeo marketplace. When users press this option, the fake Tor Browser pretends to connect to a fake site.
Everything on the site is fake. All content is downloaded from a web server, stored in either text or Base64 or encrypted HTML files. Rodeo was built to scam foolish users
Users need to register, log in, explore the merchandise, view vendor profiles, and place orders. The site says that all orders are encrypted via PGP keys, but no evidence was found of this.
To make sure the fake marketplace makes as much money as possible, the site lists products from a wide variety of categories, such as drugs, weapons, counterfeit money, unlocked phones, hacking services, fake credit cards, and more. The folders for each user store the user's password in clear text, along with their private messages with no encryption.
The site operator allows users to place orders to various vendors, but all messages reach the same person, who then provides victim's with Bitcoin addresses where they can make payments before receiving their products. NICE Systems, an Israeli tech company involved in supplying mass surveillance capabilities to oppressive regimes.
The server and its data were accessible by typing a URL in the browser.
In each of these daily folders, there were text files. Each text file held information on Verizon customers.
These text files held details such as Verizon customer names, addresses, account details, and for some account PINs.
If the data from this leak was ever exposed to the public, hackers could use these PINs to pass as legitimate account owners. In the past, hackers have social engineered mobile Telco call centers to attach a new SIM for a user's phone number, which they used to sign into protected accounts and steal money from bank accounts, cryptocurrencies, or PayPal.
Besides text files holding data on Verizon customers, the same server also housed recordings of calls to Verizon customer support lines. Data from French mobile operator Orange was also exposed. The same NICE Systems server also contained data from French mobile Telco Orange.
Experts say they contacted Verizon and NICE on June 13, when they discovered the server, and the leak was fixed nine days later on June 22.
"This breach demonstrates the fact that cloud services like AWS can be secure, but it is up to organizations using them to ensure that services are configured in a secure fashion," said Bitglass CEO Rich Campagna, who wanted to point out this incident was caused by human error and not the underlying technology.
Verizon is one of the largest provides of cell service in the United States. Of note locally, the company recently got permission to move forward with construction of a new cell tower in Cedartown’s Northside Industrial Park to improve coverage.