Category Archives: WARNINGS

WARNING: Telstra Resetting Modems To Default Login

UPDATE AUGUST 3, 2022, 1930 HRS

Well, I’m told it’s a Telstra issue, not a cybersecurity issue. Which it is, technically, but Telstra should not being doing this. Their fix was to perform a reset on the modem and if it happens again, a new modem comes my way.

The issue: it’s not the damn modem causing the problem. It’s Telstra.


ADVICE: Telstra users: CHANGE YOUR MODEM LOGIN PASSWORD. Usually connect to your home network and go to 10.0.0.138 (in a browser) or 192.168.1.1, and go from there. Don’t let Telstra’s default stick around, don’t let them reset it to default for god knows what reason.


POSTED LATE AUGUST 2, 2022:

It’s late, I’m tired, but couldn’t get the modem to work – or it would, but I couldn’t log into it without using an ethernet cable.

Turns out they had reset a bunch of settings, and worst by far, the modem configuration password back to the default – accessible from anywhere on the internet.

Telstra F@ST 5355 NBN Modem affected at least – others are simple to crack. Even without logging in, they can be rebooted, shut down, and give out your phone number.

Posting because Telstra have to pick up their damn game.

Admin username: REDACTED FOR SECURITY REASONS

Admin password: REDACTED FOR SECURITY REASONS

WARNING: Personals & Dating Sites

It’s come to attention that classifieds sites, personals, dating, and escort sites Australia-wide have been up to some mischief as of late (actually, for years.) This applies to advertisers, and people seeking company on those sites.

Sites in question (some):

  • locanto.com.au (scammers, criminal groups robbing men and women, fraudsters)
  • escortsandbabes.com.au (leaking personal sign up phone numbers to other sites)
  • secrethostess.com (scraping and reposting from other sites, often with personal contact info and incorrect info)
  • scarletamour.com (as above)
  • aussietopescorts.com (as above)
  • naughtyads.com.au (as above)
  • redescorts.com (as above)

Advice:

  • DO NOT sign up with your personal phone number at ANY stage. Use a burner phone
  • Watermark photos (subtle enough to not be seen by the naked eye) and remove all EXIF metadata
  • ^^^ There are services we provide.

Should your details be leaked, shared without permission, or image reposted – well, the sites are behind more than just leaking details, people on them are operating in criminal groups (as defined by the NSW Crimes Act 1900 No. 40) to rob both men and women. In Wollongong alone, there have been armed robberies, assaults, wire fraud, alleged kidnappings, and more. No further comment on those matters can be given.

At this point, things are just getting started, but we are aware of this, and so far, some money has been recovered, the sites themselves may put in a token effort to take down an ad, but the sites themselves should worry more about their poor security. Most seem to be affiliated and run from a similar web server, as loosely shown by the image below:

sexmap1