- Joined
- Apr 12, 2016
- Posts
- 2,110
- Solutions
- 2
- Reaction
- 10,130
- Points
- 1,565
Hello Im just going to spread awareness I found this video circulating in Facebook and YøùTùbé ngayon araw lang
na delete yung thread ko kanina kasi violate ako sa rules. pasensya na boss Draft
Heres the Caption From the YT video (di ko lang i-link)
==========================================
Good day fellow countrymen, the day has come once again that our digital privacy has been compromised.
We, a group of IT SEC (INTERNATIONAL TAMBAY SEC), out of whim tries the legibility of this MONEY EARNING APP which is SAGA AI, which became viral early on October
It seems that this advertisement (Saga AI (saga.top, w.saga.top, safe.saga.top) is too good to be true - without any return to the creator.
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Upon our forensics investigation, we discover that the websites' real ip is hiding on a proxy; that can also protect from DDoS Attack.
However, digging the well deeper, we found out that it has a 2 different IPs;
• Front end PAGE (saga.top - 45.135.229.149)
• Backend Server "Registration page" (w.saga.top - 8.212.145.160)
So we "DDoS Attack" the backend server ip, since proxified front-end IP will just mitigate ddos attack.
Filipinos are so feeble in this scheme because we all want easy money, without considering our data being collected.
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
On November 05, 2022, around afternoon (Same day as someone posted an thread about SAGA AI scampage link on PHIL IT group).
At first glance on Gcash login, it look convincing that it was the real Gcash API Login payment gateway interface
just like other online shopping website using this kind of method.
Truth is, inputting random number and MPin on login page still proceed on logging in an account. Seems suspicious right?
So, we check out how this scampage works and we've found the admin login panel.
At the time we visited the admin login panel, we saw the stored User/Password of the System Admin
(Misconfigured or Maybe the DDOS Attack **** up their admin panel)
As we access the backend monitoring dashboard we saw logs of SMS from different people, thinking these is just logs from the SAGA AI APP who sends money from.
Since dashboard is in chinese language, time to time using the google translate to automatically translate the panel so that SysAd will not notice,
While looking for vulnerability to put a backdoor, (but later on these Logs on dashboard that) we discovered
the ACTUAL SMS LOGS of VICTIMS (on their cellphone) receiving OTP's from an official transactions confirmation from GCASH APP.
How did this happen?
Many of us thought that this is just another ponzi - money generating - referral scheme,
without investing a single cents, or whatever means for the creator of this shitty scheme.
Well, if you remember, SAGA AI requires you to install a certain application to be used for actual earning monitoring (SCAMDASHBOARD) XD
then without checking its permission you let installed (one of it is accessing your realtime sms), and that's where it all began.
This a threat of our data privacy. you've been deceived with this mindblowning Chinese-Filipino Scammers
That's why on November 05, 2022, SAGA AI released an App where a gcash login gateway is inside, hosted in "safe.saga.top".
If you put your gcash number and pin code they can s†éál right away your money, by having realtime SMS access,
you'll receive an OTP from gcash, OTP will appear on Admin panel dashboard, then boom you're money will be sent to them,
GCASH can help you? I think no, this is considered authorized transaction since you've entered your OTP code during the transaction.
Gcash service can do is suspend the gcash acc that received the money.
As you can see the SysAd noticed us and immediately removed our access;
but we downloaded and recorded a proof how they operate their mindblowing scheme.
Fellow Countrymen we are not ready with this kind of cyber threat specially in Data Privacy where
our mind focus only whats in the front of a table and not thinking if you'll get poison.
This is a lesson on us to THINK BEFORE YOU CLICK.
Are you one of the VICTIM? Follow these to secure your privacy once again:
• Change your Gcash MPin Code
• Remove the SAGA AI APP - Reset your devices
• To our government of the Philippines please take a review on this specially SEC where on SAGA.TOP website we see a SEC License given to them
and if is a true SEC License, kindly manhunt this person now!
• Avoid Installing or Playing this money paying app you received in your text messages or someone invited you. Even Vloggers now awadays promoting it on there content.
• To all filipino PLEASE WAG NA KAYO MAGPAPAUTO SA MALIIT NA PERANG INO-OFFER SA INYO.
==================================================================
I dont own this content i just re-upload it on vimeo. credits to the rightful owner
na delete yung thread ko kanina kasi violate ako sa rules. pasensya na boss Draft
Heres the Caption From the YT video (di ko lang i-link)
==========================================
Good day fellow countrymen, the day has come once again that our digital privacy has been compromised.
We, a group of IT SEC (INTERNATIONAL TAMBAY SEC), out of whim tries the legibility of this MONEY EARNING APP which is SAGA AI, which became viral early on October
It seems that this advertisement (Saga AI (saga.top, w.saga.top, safe.saga.top) is too good to be true - without any return to the creator.
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Upon our forensics investigation, we discover that the websites' real ip is hiding on a proxy; that can also protect from DDoS Attack.
However, digging the well deeper, we found out that it has a 2 different IPs;
• Front end PAGE (saga.top - 45.135.229.149)
• Backend Server "Registration page" (w.saga.top - 8.212.145.160)
So we "DDoS Attack" the backend server ip, since proxified front-end IP will just mitigate ddos attack.
Filipinos are so feeble in this scheme because we all want easy money, without considering our data being collected.
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
On November 05, 2022, around afternoon (Same day as someone posted an thread about SAGA AI scampage link on PHIL IT group).
At first glance on Gcash login, it look convincing that it was the real Gcash API Login payment gateway interface
just like other online shopping website using this kind of method.
Truth is, inputting random number and MPin on login page still proceed on logging in an account. Seems suspicious right?
So, we check out how this scampage works and we've found the admin login panel.
At the time we visited the admin login panel, we saw the stored User/Password of the System Admin
(Misconfigured or Maybe the DDOS Attack **** up their admin panel)
As we access the backend monitoring dashboard we saw logs of SMS from different people, thinking these is just logs from the SAGA AI APP who sends money from.
Since dashboard is in chinese language, time to time using the google translate to automatically translate the panel so that SysAd will not notice,
While looking for vulnerability to put a backdoor, (but later on these Logs on dashboard that) we discovered
the ACTUAL SMS LOGS of VICTIMS (on their cellphone) receiving OTP's from an official transactions confirmation from GCASH APP.
How did this happen?
Many of us thought that this is just another ponzi - money generating - referral scheme,
without investing a single cents, or whatever means for the creator of this shitty scheme.
Well, if you remember, SAGA AI requires you to install a certain application to be used for actual earning monitoring (SCAMDASHBOARD) XD
then without checking its permission you let installed (one of it is accessing your realtime sms), and that's where it all began.
This a threat of our data privacy. you've been deceived with this mindblowning Chinese-Filipino Scammers
That's why on November 05, 2022, SAGA AI released an App where a gcash login gateway is inside, hosted in "safe.saga.top".
If you put your gcash number and pin code they can s†éál right away your money, by having realtime SMS access,
you'll receive an OTP from gcash, OTP will appear on Admin panel dashboard, then boom you're money will be sent to them,
GCASH can help you? I think no, this is considered authorized transaction since you've entered your OTP code during the transaction.
Gcash service can do is suspend the gcash acc that received the money.
As you can see the SysAd noticed us and immediately removed our access;
but we downloaded and recorded a proof how they operate their mindblowing scheme.
Fellow Countrymen we are not ready with this kind of cyber threat specially in Data Privacy where
our mind focus only whats in the front of a table and not thinking if you'll get poison.
This is a lesson on us to THINK BEFORE YOU CLICK.
Are you one of the VICTIM? Follow these to secure your privacy once again:
• Change your Gcash MPin Code
• Remove the SAGA AI APP - Reset your devices
• To our government of the Philippines please take a review on this specially SEC where on SAGA.TOP website we see a SEC License given to them
and if is a true SEC License, kindly manhunt this person now!
• Avoid Installing or Playing this money paying app you received in your text messages or someone invited you. Even Vloggers now awadays promoting it on there content.
• To all filipino PLEASE WAG NA KAYO MAGPAPAUTO SA MALIIT NA PERANG INO-OFFER SA INYO.
==================================================================
I dont own this content i just re-upload it on vimeo. credits to the rightful owner
