> From: "Chris B" <chrisjbrady@...>
> I am a mod. for a number of Yahoo Groups. These are frequently
> spammed by one-liner emails. Clicking on these one-liner links takes
> the user to a rogue website which plants a trojan virus onto the
> user's computer.
> Whilst this is somewhat New Zealand-centric a good (safe) link is
That article describes a popular guess. But it's a wrong guess.
A XSS exploit can steal a cookie but cannot steal password.
But the felons use correct password, as evidenced by "Logged In" lines
in victums' "recent sign-in activity" linked from yahoo's Account Info.
> But it doesn't say what to do if you or someone you know clicks on
> one of these one-liner links; or worse has an email account hacked
> and lots of begging emails sent out to friends with sob stories
> appealing for cash.
1. Change yahoo password.
2. Update Adobe Flash Player and Adobe Reader from adobe.com/downloads
and Java from java.com/download , keep them updated.
Better disable Java in the browser (for example, with QuickJava plugin
for Firefox), use Firefox's built-in PDF viewer instead of Acrobat
and FlashBlock plugin for Firefox.
3. Scan Windows for viruses on every computer where you ever entered
that password. If no malware found then scan with LiveCD or LiveUSB
one-time antivirus scanner (free for personal use) from freedrweb.com
It works outside Windows, thus has the potential to find
malware designed to disable or evade common antiviruses.
After the malware (virus, trojan) found and removed,
change mailbox password again, but not to the previous one.
Never use those old passwords for this mailbox again.
4. If all scans find nothing, repeat download and scan after a week
(there is some hope that antivirus vendors catch up to this malware version).
5. The problem is that exploits attack not only via security holes in
browsers and their plugins. Security holes in Windows are perpetual.
All the efforts of such password-stealing-malware writers are concentrated
on Windows, infrequently they have some luck with a specific unupdated
version (!) of Mac OS X or Android. So, the only way to be reasonably safe
is to use (any) free operating system instead of Windows on the same computer,
Unfortunately, this advice usually falls on deaf ears,
and various excuses are invented to change nothing. You have been warned.
Unfortunately, we all suffer consequences of this deafness:
passwords are stolen not only for such botnet-growing spam and stealing
money, but also for other types of spam, contaminating legitimate websites,
for sale to various enemies including trolls; bots are used for