Slashdot Mirror
Turning the Tables On "Phone Tech Support" Scammers
mask.of.sanity writes A security pro has released a Metasploit module that can take over computers running the Ammyy Admin remote control software popular among "Hi this is Microsoft, there's a problem with your computer" tech support scammers. The hack detailed in Matthew Weeks' technical post works from the end-user, meaning victims can send scammers the hijacking exploit when they request access to their machines. Victims should provide scammers with their external IP addresses rather than their Ammyy identity numbers as the exploit was not yet built to run over the Ammyy cloud, according to the exploit readme. This is much more efficient than just playing along but "accidentally" being unable to follow their instructions.
Why not? What can you do with one IP address? On the flip side why do you think this is any worse than giving someone access via a cloud service after which they can look at your IP anyway?
216.34.181.45
Come at me bro!
I got called by one last Friday night. Kept him on the phone for almost an hour, playing along. Even gave him clues I wasn't on windows (ie, when he asked me to run eventviewer I described the output of top, including clueless worrying about zombie processes).
Finally told him I had to go pick up my daughter and that I'd been screwing with him. He called me a "miserable son of a bitch" and hung up.
Kinda felt that it was my duty to keep him occupied, after all each minute I was screwing with him was a minute he wasn't scamming some truly helpless user "out there" somewhere.
Don't blame me, I voted for Kodos
Yeeaaah ... that's the IP to slashdot.org :)
I am more concerned about the legality of it. Running a live exploit on their network may make some ISPs fidgety. Also not sure about the position of law enforcement agencies...
The cops won't like the competition ... in Soviet Russia, law enforcement exploits YOU ... oh, wait ...
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
... I'll just put you on hold while I boot up my computer. I'm afraid its really slow.
20 minutes later he hangs up and calls back. ... No its still booting I'm afraid. I'll just put you back on hold.
40 minutes later he finally gives up.
"Hi, we've detected a virus on your machine etc etc"
"Yes, that's mine, I've been testing it. Can you tell me how and when it was detected please?"
".....[click]beeeeeeeeeeeeeeee"
Wanna buy a shirt?
https://www.redbubble.com/people/stealthfinger/shop?asc=u
My husband loves the duct cleaning guys. He tells them that he needs there service so bad but first he wants to know how they clean the ducks and if they will clean his geese too. He continues his hilarious routine interspersed with quacking and squawking noises from his iphone in the background for a good 5 minutes.
For the tech support guys he pretends to feel it necessary to save them from the devil's work AKA the evil computer. Hilarious stuff.
These people call my mother incessently. Every other day or so I hear her yelling at her phone "you are not really with windows, windows doesn't call" (yes they say they are calling "from windows" lol).
I just saw this and ran down to show her, not so much for the exploit but the idea of playing mickey the dunce and keeping them on the phone for as long as possible. Lol she has a true talent for annoying tech support. Hell I once got a call from a guy at the help desk "I just got off the phone with your mother" "really?" "yah down in radiology right? I was on the phone for 45 minutes and had to send a technition out because I couldn't get her to plug the ethernet cable back into the wall" "now, she told you she is blind right?" "No she....what the fuck!"
Seriously.... I think I just punished them good suggesting she keep a log of how long she can keep them on the phone for.
"I opened my eyes, and everything went dark again"
If it's anything like how they pronounce lieutenant, then I don't know how British pronounce Brighton either.
Them: Hello, this is Microsoft. We have detected a problem with your computer.
Me: Really?
Them: Yes of course. Do you see your "start" button?
Me: No
Them: It's in the lower left corner.
Me:The lower left corner of what ?
Them: The lower left corner of your computer.
Me: The lower left corner?...........when viewed from where ?
Them: From the front.
Me: OK, let me see.....All I see is a little sticker that says Intel Inside on the lower left corner.
Them: I don't understand.
Me: The computer has a little sticker on the lower left corner. but no start button.
Them: No, I mean the lower left corner of your monitor.
Me: Wait I'll have a look..........I don't have a start button on the lower left corner of my monitor either. I do see a little sticker that says "Infant Optics" (it's a baby monitor) Them: click
I keep an old XP laptop loaded with furry porn, pictures of cows and pigs being slaughtered, BDSM porn, transsexual midget porn, stuff from rotten.com/ogrish like beheadings, gential mutilation, etc., set on random rotate every second for the desktop with a nice fading transition, everything locked except the remote assistance tool, and when they call I put that machine live and let them in.
The extortion begins, and then they see something that invariably offends the piss out of them while they're forced to watch a constantly-changing desktop wallpaper they can't stop, and the extortion ends with me laughing in their ears.
Endless entertainment. I even got a "You're the sickest thing existing on this planet." from some chick that was playing the scam.
I lol'd hard at that one.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
You want this:
http://itslenny.com/