Yahoo email hacks

Discussion in 'Travel Technology' started by Gargoyle, Jun 17, 2011.  |  Print Topic

  1. Gargoyle
    Original Member

    Gargoyle Milepoint Guide

    Messages:
    22,014
    Likes Received:
    96,541
    Status Points:
    20,020
    I'm getting an increasing number of those malware phishing spams sent from friends accounts, and just about all of them are Yahoo accounts. The accounts get hacked, the spam sent to their entire mailing list, and their friends click the embedded malware link because a trusted "friend" sent them the mail.

    The fact that just about all of these are Yahoo mail leads me to wonder- is it an inherent weakness in Yahoo that permits dictionary attacks or other multiple password guessing attacks, or is it an inherent weakness in Yahoo users setting up weak passwords? (I've seen lists online of the 10 most common passwords, maybe they are using those?). Another possibility, a flaw in Yahoo's security that lets hackers get at the PW database, or an employee who went rogue and sold access? Or is it just coincidence that I'm seeing this pattern?
     
    jwsky, penumpang and sobore like this.
  2. SC Flier
    Original Member

    SC Flier Gold Member

    Messages:
    14,851
    Likes Received:
    30,839
    Status Points:
    16,520
    I've had the same questions. So no way would I use yahoo for my email.
     
    Gargoyle likes this.
  3. penumpang
    Original Member

    penumpang Gold Member

    Messages:
    782
    Likes Received:
    3,515
    Status Points:
    1,825
    I've received phishing spam emails from my friends' Yahoo email addresses as well. And one time, my friend told me that she received a phishing email from "me." It was from an old Yahoo email address that I rarely use. I moved to Gmail almost 6 years ago. I went ahead and deleted all the contacts in my Yahoo address book hoping that this would prevent another phishing email from being sent by "me."
     
  4. Simon
    Original Member

    Simon Milepoint Guide

    Messages:
    3,228
    Likes Received:
    2,540
    Status Points:
    1,670
    You raise some good points Gargoyle. I'd stay away from all the common email accounts (Yahoo, Gmail etc)

    Facebook seems to have had its run of people hacking accounts too though. Where there is a will, there's a way!
     
  5. viguera
    Original Member

    viguera Gold Member

    Messages:
    4,737
    Likes Received:
    6,913
    Status Points:
    4,745
    My guess is they probably gave have weak passwords to begin with. All the attempts in the world - literally - won't do anything against a properly secured account.

    But with that said you still need an entry point. My guess is Yahoo and some of these other mail hosts provide an API or some other method of connecting to the account that won't lock it up after a specified number of failed attempts. people can probably keep probing until they give up or find the right password.
     
  6. mhnadel
    Original Member

    mhnadel Silver Member

    Messages:
    265
    Likes Received:
    318
    Status Points:
    520
    Yahoo mail definitely locks your account after a few failed attempts.

    Those mails may not actually be coming from yahoo. It's fairly easy to spoof a mail header and spammers go use dictionary schemes for the account name. So you might get mail from ab@yahoo.com, ac@yahoo.com, etc.

    I do find that I have never actually gotten a yahoo chat request from a person I have any connection to. (I inevitably block these.)
     
  7. SC Flier
    Original Member

    SC Flier Gold Member

    Messages:
    14,851
    Likes Received:
    30,839
    Status Points:
    16,520
    That certainly can happen, too, from any email address. But I have received spam that was clearly sent to a list of contacts from an individual's yahoo.com accounts. This seems to happen to yahoo.com account holders than any others. I have not had such problems from gmail account holders. This seems to be the same as what Gargoyle has reported in the first post.

    My own email is hosted by Google but branded with my own domains (rather than the gmail.com domain). I've been quite happy with that arrangement.

    I've suspected that a virus/trojan might be primarily responsible for compromised passwords to yahoo accounts. Can anyone confirm?
     
  8. Counsellor
    Original Member

    Counsellor Gold Member

    Messages:
    1,221
    Likes Received:
    1,619
    Status Points:
    1,120
    Well, I don't know about the rest, but I always used "Bob" as the password. Lately, though, I've become more security conscious, so I'm spelling it backwards.
     
    mynameismud, kellio, RedTape and 2 others like this.
  9. viguera
    Original Member

    viguera Gold Member

    Messages:
    4,737
    Likes Received:
    6,913
    Status Points:
    4,745
    Well I've seen emails from people that I "know" that include links to malware, and they generally are followed by the obligatory "my account was hacked don't click on that link!" email.

    My guess is that a lock out due to failed logins might not extend beyond the web interface for the app. Maybe someone is exploiting the yahoo messenger API or some other way to access the account that's not locked automatically when you put in the incorrect password a few times.

    Chances are though that it's more than likely an old social engineering trick. People click on a link they saw online on facebook or received in an email that contains an exploit of some kind and they have their passwords saved or remembered by their browser. The malware doesn't take more than a second to grab that info and send it somewhere, and all the post-exploit processing takes place elsewhere. Maybe a compromised machine blasts out requests to login and compose the emails to everyone, and the cycle just starts anew.
     
    Gargoyle likes this.
  10. RedTape
    Original Member

    RedTape Silver Member

    Messages:
    200
    Likes Received:
    212
    Status Points:
    385
    I'd throw an extra "o" in there as well. It may be harder to remember, but using a bob where a boob might serve you better can put your identity at risk, you know.
     
    HaveMilesWillTravel likes this.
  11. Gargoyle
    Original Member

    Gargoyle Milepoint Guide

    Messages:
    22,014
    Likes Received:
    96,541
    Status Points:
    20,020
    just make sure you don't get confused and type boob upside down and get something stinky that you sticks to your shoe.
     
    HaveMilesWillTravel likes this.
  12. LIH Prem
    Original Member

    LIH Prem Gold Member

    Messages:
    2,666
    Likes Received:
    5,833
    Status Points:
    4,070
    My friend forwarded me one that was sent from my (long dormant) yahoo account. You can see your login history there, and they got in via the mobile site in Poland. I changed the password to a strong, randomly generated one.

    -David
     
  13. Jaimito Cartero
    Original Member

    Jaimito Cartero Silver Member

    Messages:
    595
    Likes Received:
    848
    Status Points:
    770
    I used to have only a 6 character password for all my email accounts and hadn't changed them for 5-10 years. Decided to be proactive, and change to a much harder one.

    I get 3-4 emails a day with such links, and ignore them, as I have for the last 15 years.
     
  14. HaveMilesWillTravel
    Original Member

    HaveMilesWillTravel Gold Member

    Messages:
    12,504
    Likes Received:
    20,199
    Status Points:
    16,520
    So the question is - was your old password guessable or did they somehow manage to get in without even knowing the password - Dropbox-style.. If the latter, a stronger password wouldn't help, but it would be very, VERY bad for Yahoo.

    I have an old Yahoo account that I only use for junk mail (give the address wherever I have provide one but really don't want to). It has a strong password (never changed in 15 years) and so far seems fine.

    On strong passwords... Some to look at: http://www.grc.com/haystack.htm
     
    mynameismud likes this.
  15. LIH Prem
    Original Member

    LIH Prem Gold Member

    Messages:
    2,666
    Likes Received:
    5,833
    Status Points:
    4,070
    To answer the real question. I have no idea how they got in. I don't think anybody knows this yet as that hasn't been disclosed for this recent occurrence.

    No, it was not a dictionary word, but it was not what one would consider to be strong by today's standards either.

    -David
     

Share This Page