Loading ...
Sorry, an error occurred while loading the content.

Re: [Y-Mail] Re: Hot news

Expand Messages
  • Sasafrass452
    Yes, it was spam that appears to be the result of a hackerstealing the member s password. **Sasafrass452** http://www.friendburst.com/Sasafrass452
    Message 1 of 14 , Mar 15, 2013
    • 0 Attachment
      Yes, it was spam that appears to be the result of a hacker stealing the member's password.
      
      **Sasafrass452**
      http://www.friendburst.com/Sasafrass452
      http://thexfactorusa.proboards.com
      http://angiemillerfans.proboards.com
      On 03/14/2013 11:59 PM, kr402 wrote:
       

      This looks like possible spam.

      I didn't click on it.

      If it's a legit link then the person that sent it please include something in your post to tell us what it's about.

      Thanks!


    • Donna Lee
      How do you know he has Windows? Maybe he has a Mac or a Linux system. No web mail application is safe from a hacker. Yahoo is more vulnerable than most! This
      Message 2 of 14 , Mar 15, 2013
      • 0 Attachment
        How do you know he has Windows? Maybe he has a Mac or a Linux system.

        No web mail application is safe from a hacker. Yahoo is more vulnerable than most! This is what happens when you depend on a web mail.

        Donna Ford Lee ♂+♀=♡
        Tulsa, OK

        (\. (\
        ( ^.^)
        o_(")(") HAPPY EASTER

        Sent Via My iPhone

        On Mar 14, 2013, at 11:58 PM, Lena@... wrote:

        > James, password of your mailbox jakk9406@... was stolen
        > with Windows malware (drive-by exploit kit) such as Blackhole
        > by a spammer who uses malware (bot) in another user's Windows
        > (in this case in Brazil) to send spam from your mailbox
        > to all addresses from your address book ("Contacts") and Sent and Inbox folders
        > using the password stolen from you.
        > Change password of this mailbox immediately.
        > Then scan Windows for viruses on every computer where you ever entered
        > that password. If no malware found then scan with LiveCD or LiveUSB
        > one-time antivirus scanner (free for personal use) from freedrweb.com
        > It works outside Windows, thus has the potential to find
        > malware designed to disable or evade common antiviruses.
        > After the malware (virus, trojan) found and removed,
        > change mailbox password again, but not to the previous one,
        > and please tell me the malware name.
        > Never use those old passwords for this mailbox again.
        > If all scans find nothing, repeat download and scan after a week (there is
        > some hope that antivirus vendors catch up to this malware version).
        > Also, update Adobe Flash Player and Adobe Reader from adobe.com/downloads
        > and Java from java.com/download , keep them updated.
        > But exploits attack not only via security holes in browsers and their plugins.
        > Unfortunately, my advice to use any free operating system
        > instead of Windows on the same computer usually falls on deaf ears.
        >
        > Anybody who clicked the link in the spam needs to do the same.
        >
        > The spamming is automated, its main goal is growing the felon's botnet,
        > spreading some bot/trojan (such as ZeuS or SpyEye) for stealing banking
        > passwords, stealing and selling email passwords for spamming via
        > legitimate servers (such spam is much more difficult to filter out),
        > selling all types of passwords to interested unscrupulous people,
        > selling access to zombie in your computer for spamming, attacking websites etc.
        > Such spam also can promote some scam such as "work from home" or
        > weight loss drops, but that's a side benefit for the felon.
        > Nothing found by antivirus scanners is NOT a guarantee that you haven't
        > a trojan/zombie/bot in your Windows, far from it.
        >
        > Lena
      • Sasafrass452
        That s only true to a certain extent.... What is happening here is James system is likely infected, thus allowing the hacker to steal his password. Linux
        Message 3 of 14 , Mar 15, 2013
        • 0 Attachment
          That's only true to a certain extent.... What is happening here is James' system is likely infected, thus allowing the hacker to steal his password. Linux systems don't get viruses, so the only way a Linux user like me could have my Yahoo password stolen is for the hacker to attack Yahoo's servers. And that's far less likely to happen....
          
          **Sasafrass452**
          http://www.friendburst.com/Sasafrass452
          http://thexfactorusa.proboards.com
          http://angiemillerfans.proboards.com
          On 03/15/2013 10:21 AM, Donna Lee wrote:
           

          How do you know he has Windows? Maybe he has a Mac or a Linux system.

          No web mail application is safe from a hacker. Yahoo is more vulnerable than most! This is what happens when you depend on a web mail.

          Donna Ford Lee ♂+♀=♡
          Tulsa, OK

          (\. (\
          ( ^.^)
          o_(")(") HAPPY EASTER

          Sent Via My iPhone

          On Mar 14, 2013, at 11:58 PM, Lena@... wrote:

          > James, password of your mailbox jakk9406@... was stolen
          > with Windows malware (drive-by exploit kit) such as Blackhole
          > by a spammer who uses malware (bot) in another user's Windows
          > (in this case in Brazil) to send spam from your mailbox
          > to all addresses from your address book ("Contacts") and Sent and Inbox folders
          > using the password stolen from you.
          > Change password of this mailbox immediately.
          > Then scan Windows for viruses on every computer where you ever entered
          > that password. If no malware found then scan with LiveCD or LiveUSB
          > one-time antivirus scanner (free for personal use) from freedrweb.com
          > It works outside Windows, thus has the potential to find
          > malware designed to disable or evade common antiviruses.
          > After the malware (virus, trojan) found and removed,
          > change mailbox password again, but not to the previous one,
          > and please tell me the malware name.
          > Never use those old passwords for this mailbox again.
          > If all scans find nothing, repeat download and scan after a week (there is
          > some hope that antivirus vendors catch up to this malware version).
          > Also, update Adobe Flash Player and Adobe Reader from adobe.com/downloads
          > and Java from java.com/download , keep them updated.
          > But exploits attack not only via security holes in browsers and their plugins.
          > Unfortunately, my advice to use any free operating system
          > instead of Windows on the same computer usually falls on deaf ears.
          >
          > Anybody who clicked the link in the spam needs to do the same.
          >
          > The spamming is automated, its main goal is growing the felon's botnet,
          > spreading some bot/trojan (such as ZeuS or SpyEye) for stealing banking
          > passwords, stealing and selling email passwords for spamming via
          > legitimate servers (such spam is much more difficult to filter out),
          > selling all types of passwords to interested unscrupulous people,
          > selling access to zombie in your computer for spamming, attacking websites etc.
          > Such spam also can promote some scam such as "work from home" or
          > weight loss drops, but that's a side benefit for the felon.
          > Nothing found by antivirus scanners is NOT a guarantee that you haven't
          > a trojan/zombie/bot in your Windows, far from it.
          >
          > Lena


        • lena_kiev
          ... Earlier I gave proof that such spam is sent using stolen password, not cookie. That excludes XSS exploits, so quesses of some security researchers are
          Message 4 of 14 , Mar 15, 2013
          • 0 Attachment
            > From: Donna Lee <donna74128@...>
            >
            > How do you know he has Windows? Maybe he has a Mac or a Linux system.

            Earlier I gave proof that such spam is sent using stolen password, not cookie.
            That excludes XSS exploits, so quesses of some security researchers are wrong.
            Password-stealing trojans are known, for example:
            http://en.wikipedia.org/wiki/Torpig
            http://en.wikipedia.org/wiki/Zeus_%28trojan_horse%29
            The trojans are silently installed with drive-by exploit kits, for example
            http://en.wikipedia.org/wiki/Blackhole_exploit_kit
            These trojans and exploit kits can work under Windows only.
            Therefore, James entered the password in Windows, if not at home then
            at work or at an Internet-cafe. Every time I asked, the password was
            entered in Windows.
          • Donna Lee
            Even a Linux can be compromised. No system is free and clear from a virus. Donna Ford Lee ♂+♀=♡ Tulsa, OK ( . ( ( ^.^) o_( )( ) HAPPY EASTER Sent Via
            Message 5 of 14 , Mar 15, 2013
            • 0 Attachment
              Even a Linux can be compromised. No system is free and clear from a virus. 

              Donna Ford Lee  ♂+♀=♡
              Tulsa, OK 

              (\. (\
              ( ^.^)
              o_(")(") HAPPY EASTER

              Sent Via My iPhone

              On Mar 15, 2013, at 10:41 AM, Sasafrass452 <Sasafrass452@...> wrote:

              That's only true to a certain extent.... What is happening here is James' system is likely infected, thus allowing the hacker to steal his password. Linux systems don't get viruses, so the only way a Linux user like me could have my Yahoo password stolen is for the hacker to attack Yahoo's servers. And that's far less likely to happen....
              **Sasafrass452**
              http://www.friendburst.com/Sasafrass452
              http://thexfactorusa.proboards.com
              http://angiemillerfans.proboards.com

            • Shal Farley
              Sassafrass, ... No, users of any operating system may be phished. And of course a pretty enough Trojan Horse could convince a Linux user to install it. I m not
              Message 6 of 14 , Mar 15, 2013
              • 0 Attachment
                Sassafrass,

                > Linux systems don't get viruses, so the only way a Linux user
                > like me could have my Yahoo password stolen is for the hacker to attack
                > Yahoo's servers. And that's far less likely to happen....

                No, users of any operating system may be phished. And of course a pretty
                enough Trojan Horse could convince a Linux user to install it. I'm not
                saying that these relate to James' case, but they are other ways for
                your password to be stolen.

                Linux and other unix-based systems /do/ get viruses and other malware,
                but they don't get the ones that are designed for Windows (and to date
                that's been nearly all of them). The current Mac OS is unix based, and a
                large number of Mac users were compromised a year or two ago by a
                malware exploit of the Java engine in them.

                The Android operating system is also Linux-based, and due to the
                popularity of these phones (outselling desktop computers by far) there
                is an increasing recognition of emerging exploits for them as well.

                -- Shal
              • adeomus ********
                this Hot news garbage has been a deluge on the groups, as well as subject lines with the sender s name on them . when in doubt, spam em out. and never click
                Message 7 of 14 , Mar 15, 2013
                • 0 Attachment

                  this "Hot news" garbage has been a deluge on the groups, as well as subject lines with the sender's name on them .

                  when in doubt, spam em out.
                  and never click !

                  adds

                  ..But magic has a habit of lying low, 
                  like a rake in the grass.

                  ~Terry Pratchett
                  ~














                  --- On Thu, 3/14/13, kr402 <kr402@...> wrote:

                  From: kr402 <kr402@...>
                  Subject: [Y-Mail] Re: Hot news
                  To: Y-Mail@yahoogroups.com
                  Received: Thursday, March 14, 2013, 11:59 PM



                  This looks like possible spam.

                  I didn't click on it.

                  If it's a legit link then the person that sent it please include something in your post to tell us what it's about.

                  Thanks!



                • adeomus ********
                  Lena, may i please share this info with my groups members ? ( and, if yes, can i use your name ?) this spam is pandemic on yahoo groups right now. thank you !
                  Message 8 of 14 , Mar 15, 2013
                  • 0 Attachment

                    Lena, may i please share this info with my groups' members ?
                    ( and, if yes, can i use your name ?)

                    this spam is pandemic on yahoo groups right now.
                    thank you !
                    adds

                    ..But magic has a habit of lying low, 
                    like a rake in the grass.

                    ~Terry Pratchett
                    ~














                    --- On Fri, 3/15/13, Lena@... <Lena@...> wrote:

                    From: Lena@... <Lena@...>
                    Subject: [Y-Mail] James, your password was stolen
                    To: Y-Mail@yahoogroups.com, "James" <jakk9406@...>
                    Received: Friday, March 15, 2013, 12:58 AM

                    James, password of your mailbox jakk9406@... was stolen
                    with Windows malware (drive-by exploit kit) such as Blackhole
                    by a spammer who uses malware (bot) in another user's Windows
                    (in this case in Brazil) to send spam from your mailbox
                    to all addresses from your address book ("Contacts") and Sent and Inbox folders
                    using the password stolen from you.
                    Change password of this mailbox immediately.
                    Then scan Windows for viruses on every computer where you ever entered
                    that password. If no malware found then scan with LiveCD or LiveUSB
                    one-time antivirus scanner (free for personal use) from freedrweb.com
                    It works outside Windows, thus has the potential to find
                    malware designed to disable or evade common antiviruses.
                    After the malware (virus, trojan) found and removed,
                    change mailbox password again, but not to the previous one,
                    and please tell me the malware name.
                    Never use those old passwords for this mailbox again.
                    If all scans find nothing, repeat download and scan after a week (there is
                    some hope that antivirus vendors catch up to this malware version).
                    Also, update Adobe Flash Player and Adobe Reader from adobe.com/downloads
                    and Java from java.com/download , keep them updated.
                    But exploits attack not only via security holes in browsers and their plugins.
                    Unfortunately, my advice to use any free operating system
                    instead of Windows on the same computer  usually falls on deaf ears.

                    Anybody who clicked the link in the spam needs to do the same.

                    The spamming is automated, its main goal is growing the felon's botnet,
                    spreading some bot/trojan (such as ZeuS or SpyEye) for stealing banking
                    passwords, stealing and selling email passwords for spamming via
                    legitimate servers (such spam is much more difficult to filter out),
                    selling all types of passwords to interested unscrupulous people,
                    selling access to zombie in your computer for spamming, attacking websites etc.
                    Such spam also can promote some scam such as "work from home" or
                    weight loss drops, but that's a side benefit for the felon.
                    Nothing found by antivirus scanners is NOT a guarantee that you haven't
                    a trojan/zombie/bot in your Windows, far from it.

                    Lena

                    The spam sent via your mailbox to the [Y-Mail] group:

                    > X-Received: from [177.40.140.151] by web140406.mail.bf1.yahoo.com via HTTP; Thu, 14 Mar 2013 19:08:55 PDT
                    > X-Mailer: YahooMailWebService/0.8.137.519
                    > Message-ID: <1363313335.29411.YahooMailNeo@...>
                    > To: Wes Vetter <sangecko@...>,
                    >   William Boshell <williamboshell@...>,
                    >   Y Mail group <Y-Mail@yahoogroups.com>, Y Mail FAQ <ymailfaq@...>,
                    >   Yahoo Widgets <widgets-support@...-inc.com>,
                    >   Yahoo Reminder <reminders@...>
                    > From: James <jakk9406@...>
                    > Date: Thu, 14 Mar 2013 19:08:55 -0700 (PDT)
                    > Subject: Hot news
                    >
                    > h**p://www.sv90p**ey.de/ozfxhlg/kgw?vssygulqsbogsy


                    ------------------------------------

                    ***
                    DISCLAIMER : Please note that this is a discussion group only. We do not provide official support.
                    YAHOO MAIL OFFICIAL CUSTOMER SUPPORT is  available at : http://is.gd/54K8A
                    ***Yahoo! Groups Links

                    <*> To visit your group on the web, go to:
                        http://groups.yahoo.com/group/Y-Mail/

                    <*> Your email settings:
                        Individual Email | Traditional

                    <*> To change settings online go to:
                        http://groups.yahoo.com/group/Y-Mail/join
                        (Yahoo! ID required)

                    <*> To change settings via email:
                        Y-Mail-digest@yahoogroups.com
                        Y-Mail-fullfeatured@yahoogroups.com

                    <*> To unsubscribe from this group, send an email to:
                        Y-Mail-unsubscribe@yahoogroups.com

                    <*> Your use of Yahoo! Groups is subject to:
                        http://docs.yahoo.com/info/terms/

                  • lena_kiev
                    ... Yes, anybody may forward anything I post on this group and groups for moderators (YGOG, GMF, EL-M, LH, fEG, MaM). ... Felons get paid per install (PPI):
                    Message 9 of 14 , Mar 16, 2013
                    • 0 Attachment
                      > From: adeomus ******** <carpediemadeomus@...>
                      >
                      > Lena, may i please share this info with my groups' members ?
                      > ( and, if yes, can i use your name ?)

                      Yes, anybody may forward anything I post on this group
                      and groups for moderators (YGOG, GMF, EL-M, LH, fEG, MaM).

                      > this spam is pandemic on yahoo groups right now.

                      Felons get paid "per install" (PPI): every trojan installation
                      (in victims' Windowses) gets them money. The last link
                      "The commercialization of malware distribution: Pay per install" on
                      http://en.wikipedia.org/wiki/Malware#External_links
                      Supply of losers who click links in spam
                      (and never think to use anything but Windows)
                      is endless.

                      The next step will be contamination of often visited pages on legitimate
                      websites (using FTP passwords stolen from webmasters), so the
                      "click suspicious link" step will be unnecessary anymore,
                      using Windows will be enough. Security holes in Windows are perpetual,
                      antivirus vendors lost in the war.

                      Lena
                    • Sasafrass452
                      Yes, since most viruses are for window$, Linux systems are generally unaffected. But as you pointed out, Android systems are being increasingly targeted. Since
                      Message 10 of 14 , Mar 16, 2013
                      • 0 Attachment
                        Yes, since most viruses are for window$, Linux systems are generally unaffected. But as you pointed out, Android systems are being increasingly targeted. Since I don't have a phone or tablet, I'm safe.... for now.
                        
                        **Sasafrass452**
                        http://www.friendburst.com/Sasafrass452
                        http://thexfactorusa.proboards.com
                        http://angiemillerfans.proboards.com
                        On 03/15/2013 02:46 PM, Shal Farley wrote:
                         

                        Sassafrass,

                        > Linux systems don't get viruses, so the only way a Linux user
                        > like me could have my Yahoo password stolen is for the hacker to attack
                        > Yahoo's servers. And that's far less likely to happen....

                        No, users of any operating system may be phished. And of course a pretty
                        enough Trojan Horse could convince a Linux user to install it. I'm not
                        saying that these relate to James' case, but they are other ways for
                        your password to be stolen.

                        Linux and other unix-based systems /do/ get viruses and other malware,
                        but they don't get the ones that are designed for Windows (and to date
                        that's been nearly all of them). The current Mac OS is unix based, and a
                        large number of Mac users were compromised a year or two ago by a
                        malware exploit of the Java engine in them.

                        The Android operating system is also Linux-based, and due to the
                        popularity of these phones (outselling desktop computers by far) there
                        is an increasing recognition of emerging exploits for them as well.

                        -- Shal


                      • Shal Farley
                        Lena, ... I think that s not next , but an ongoing alternate attack method. I m thinking of the major problem a while back when some of the heavily used ad
                        Message 11 of 14 , Mar 16, 2013
                        • 0 Attachment
                          Lena,

                          > The next step will be contamination of often visited pages on legitimate
                          > websites (using FTP passwords stolen from webmasters), so the
                          > "click suspicious link" step will be unnecessary anymore,

                          I think that's not "next", but an ongoing alternate attack method. I'm thinking of the major problem a while back when some of the heavily used ad vendors were caught supplying ads with exploit code to major websites -- including Yahoo.

                          -- Shal
                        • adeomus ********
                          thank you so very much, Lena ! I will pass along all your valuable info. Adds ... magic has a habit of lying low, like a rake in the grass. ~Terry Pratchett~
                          Message 12 of 14 , Mar 16, 2013
                          • 0 Attachment

                            thank you so very much, Lena !
                            I will pass along all your valuable info.

                            Adds


                            ... magic has a habit of lying low, 
                            like a rake in the grass.

                            ~Terry Pratchett
                            ~














                            --- On Sat, 3/16/13, Lena@... <Lena@...> wrote:

                            From: Lena@... <Lena@...>
                            Subject: Re: [Y-Mail] Lena// password was stolen
                            To: Y-Mail@yahoogroups.com
                            Received: Saturday, March 16, 2013, 3:17 AM

                            > From: adeomus ******** <carpediemadeomus@...>
                            >
                            > Lena, may i please share this info with my groups' members ?
                            > ( and, if yes, can i use your name ?)

                            Yes, anybody may forward anything I post on this group
                            and groups for moderators (YGOG, GMF, EL-M, LH, fEG, MaM).

                            > this spam is pandemic on yahoo groups right now.

                            Felons get paid "per install" (PPI): every trojan installation
                            (in victims' Windowses) gets them money. The last link
                            "The commercialization of malware distribution: Pay per install" on
                            http://en.wikipedia.org/wiki/Malware#External_links
                            Supply of losers who click links in spam
                            (and never think to use anything but Windows)
                            is endless.

                            The next step will be contamination of often visited pages on legitimate
                            websites (using FTP passwords stolen from webmasters), so the
                            "click suspicious link" step will be unnecessary anymore,
                            using Windows will be enough. Security holes in Windows are perpetual,
                            antivirus vendors lost in the war.

                            Lena


                            ------------------------------------

                            ***
                            DISCLAIMER : Please note that this is a discussion group only. We do not provide official support.
                            YAHOO MAIL OFFICIAL CUSTOMER SUPPORT is  available at : http://is.gd/54K8A
                            ***Yahoo! Groups Links

                            <*> To visit your group on the web, go to:
                                http://groups.yahoo.com/group/Y-Mail/

                            <*> Your email settings:
                                Individual Email | Traditional

                            <*> To change settings online go to:
                                http://groups.yahoo.com/group/Y-Mail/join
                                (Yahoo! ID required)

                            <*> To change settings via email:
                                Y-Mail-digest@yahoogroups.com
                                Y-Mail-fullfeatured@yahoogroups.com

                            <*> To unsubscribe from this group, send an email to:
                                Y-Mail-unsubscribe@yahoogroups.com

                            <*> Your use of Yahoo! Groups is subject to:
                                http://docs.yahoo.com/info/terms/

                          Your message has been successfully submitted and would be delivered to recipients shortly.