Just another little nugget from that site. Grc is NOT a conspiracy site or garbage site. Far far from that.
Bleeping computer was a better site a few years ago, but now has sold out to a major software reseller who peppers that site with it's wares while trying to keep the facade of a research backed source it once was.
Still a decent source of information, but now tainted by promotions.
GRC only has a few programs he himself has written.
Via grc.com;
Lawrence Abrams, who covered this issue on his Bleeping Computer site wrote:
"“As the port scan is only looking for Windows remote access programs, it is most likely being done to check for compromised computers used to make fraudulent eBay purchases. In 2016, reports were flooding in that people's computers were being taken over through TeamViewer and used to make fraudulent purchases on eBay. As many eBay users use cookies to
automatically login to the site, the attackers, who were able to remote control the computer, were able to access eBay to make purchases. It got so bad that one person created a spreadsheet to keep track of all the reported attacks. Many of them reference eBay.
The script being used for fraud detection is further confirmed by Dan Nemec's great write-up, where he traced it to a fraud detection product owned by LexisNexis called ThreatMetrix. As part of ThreatMetrix's description, they discuss how they detect and protect sites from Remote
Access Trojans (RATs). ThreatMetrix's product page explains: “Malware protection helps businesses mitigate the risk by being protected from Man-In-The-Browser (MITB), Remote Access Trojan (RAT), high velocity/ frequency bot attacks to low-and- slow attacks mimicking legitimate customer behavior, ransomware, key logging attempts, etc,”
While the programs being scanned for are all legitimate, some of them have been used as RATs in phishing campaigns. Regardless of the reasons, port scans like this are intrusive and not something that many users would want to happen when visiting a site.""
AI
