[IMPORTANT!!] NEW WAY CLASSICCAT DOXES PEOPLE

ClassicCat almost doxed me. Don't let him dox you.

 

 

This is a serious post about doxing (the collection of personal information). Please read this post in order to protect yourself and others from this new method of doxing.

I know reading lots of text is boring, but I promise you, this one will be worth it. You will also learn valuable information that will help you prevent this method of attack in the future.

I know that this is posted in the Discussion category, but I feel as if this is important, so I want everyone to see this, so that they can avoid having their personal information being leaked. I will also post this in Disputes as well.

 

About a week ago (sorry for posting this so late), ClassicCat almost doxed me. The method that he used was very clever, unlike anything I've ever seen before.

He used clever social engineering in an attempt to dox me in a way that didn't feel suspicious to me in the slightest.

In this article, I will cover the obscure method that he used to dox me, and ways that you can protect yourself from this kind of special social-engineering attack.

If you aren't careful (like I wasn't), you could end up giving ClassicCat these details:

 

- Your full (first and last) name

- Your house / street address

- Your ZIP code

- Your phone number

 

How the Attack Works (SPOILERS, SKIP TO NEXT SECTION TO AVOID)

 

First off, what was the attack? The main part that makes this attack work is the information manager built into Google Chrome.

As most of you know, Chrome stores your usernames and passwords, but it also automatically stores other information that you feed it, such as your full name, house/street address, zip code, and phone number.

When you fill out a form that involves this data, Chrome will automatically save it in the background so that it may make it convenient to fill out forms faster in the future with just one click.

The downside to this is that Classiccat abuses this functionality to harvest peoples' personal information.

 

The Attack Process

 

ClassicCat started off by sending me a friend request on (or close to) New Year's Day, which is what kick started this whole thing off.

Once he had added me as a friend, he waited a day, and then sent me a message saying that he 'knew that was my alt.' In other words, he was saying that I was going on an alt account and harassing him.

I wasn't harassing him on an alt, so I figured he might've just been trolling me to waste my time. I was trying to convince him that he wasn't me, but he wouldn't buy it.

The next day, to prove that I was him, he had me share my screen in a call to Discord. If I could prove that I could type while the other account types at the same time using a screen share as proof, it would prove that we're not the same person. I had no problem doing this.

The call lasted for a while since he was sending messages slowly on his alt account that he said was me to drag out the call.

While we were waiting for the other account to respond, ClassicCat makes me aware of this guy who had a lot of information on me. The guy apparently told him of how my method of identifying ClassicCat works, and he told me that he'd tell me who it was if I paid him $5.

Not going to lie, I had actually considered giving him the $5. He added that I could also get him a Roblox gift card, which he jokingly implied that I could also get him free Robux if I found a way to. So, he gave me the idea of exploring some of these free Robux scam sites while we waited for the other account to respond. I had no problem doing this, as I find myself going down the scam site rabbithole sometimes. It can be fun to see where the scam sites go.

The Robux scam site we went to was robuxfree.top (SCAM SITE, DO NOT GO THERE). I went through the whole process of putting in the Robux amount, username, etc. Then, when it gets to the "human verification," you have four surveys that you can complete, which he directed me to the $200 Walmart Gift Card survey. I answered the questions in the survey (with fake answers, of course) by clicking each answer.

Now, this is where things can potentially get dangerous. At the end of the scam rabbit hole, after you've done the whole process and clicked through all the answers, there is a form. When you click into any box in the form, Chrome will display an auto-fill prompt, which, when moused over, will show all your personal information. Once this is shown, it's too late, since ClassicCat is constantly recording the screen share with OBS, and has captured the auto-fill prompt.

I clicked into the "Name" field, and since my mouse had to click into the text box in order for me to type, it was right next to the "John" auto-fill, which I moused over. Thankfully, John Hedgeman (my spam inbox account) was on the top, and Carson was on the bottom. If Carson was on the top, he would have captured my personal info with OBS, and it would've been game over. The only problem is, the auto-fill prompt is very easy to mouse over, and if you do for even a fraction of a second, ClassicCat's OBS will record it.

Image Showing the Attack (37.8 kB)

 

How to Protect Yourself From This Attack

 

To protect yourself from this attack, I'd suggest the following pointers:

- Turn off the auto-fill feature in Chrome's settings

- Always be suspicious of everything someone tells you or asks you to do

- Use Chrome in Incognito Mode while screen sharing

- Do not make any contact with ClassicCat. You may think that you are safe and that he won't be able to outsmart you, but he is smarter than you think he is.

 

Summary / Too Long; Didn't Read

 

TL;DR: ClassicCat uses a clever social-engineering tactic to have a victim screen share and click into a form, which causes Chrome to display the auto-fill prompt, which ClassicCat captures using OBS.

 

Final Thoughts

 

I hate to say it, but the way ClassicCat did this dox is surprisingly clever. Never in my days of ethical hacking have I ever been able to think up something of this scale. ClassicCat knew the inner workings of the scam sites, so he was able to maliciously envision an entire plan to try to dox people with. This just goes to show that although ClassicCat is young, he has a brilliant mind, coupled with bad intent, which makes him a serious threat to the state of security. I wish ClassicCat would use his knowledge for something good, like ethical hacking, other than using it for bad, like manipulating people to dox them, and making a tool that DDoSes servers. If he continues to do what he is doing, he could have his computer privileges taken away from him later on in life, or even worse, be imprisoned. Going into the ethical hacking world will not land people in jail. They will be contributing to security, and making the internet what it was supposed to be. The original creators of the internet didn't intend for everyone to be able to attack each other's servers with DDoS floods.

Hopefully this warning was able to help you, and I hope to see ClassicCat make wiser decisions with his time in the future (no, ACTUAL wise decisions; he can say he has changed into a better person all he wants to, but until that actually happens, we will just have to hope).

Extra Image

 

Classiccat just casually sends someone's info just to show off his doxing skills:

Image (41.1 kB)

 

Also, I will probably be posting this thread eventually on V3rmillion, too, since classiccat is also posing a threat to that community as well.