Loading ...
Sorry, an error occurred while loading the content.

Re: [Y-Mail] Y-Mail Account Hacking and One-liner Emails

Expand Messages
  • lena_kiev
    ... Right. ... Wrong. ... That article describes a popular guess. But it s a wrong guess. A XSS exploit can steal a cookie but cannot steal password. But the
    Message 1 of 2 , Mar 16, 2013
    View Source
    • 0 Attachment
      > From: "Chris B" <chrisjbrady@...>
      >
      > I am a mod. for a number of Yahoo Groups. These are frequently
      > spammed by one-liner emails. Clicking on these one-liner links takes
      > the user to a rogue website which plants a trojan virus onto the
      > user's computer.

      Right.

      > This is actually a piece of XLS or Javascript

      Wrong.

      > Whilst this is somewhat New Zealand-centric a good (safe) link is
      > here.
      >
      > http://www.iitp.org.nz/newsletter/article/414?utm_source=index

      That article describes a popular guess. But it's a wrong guess.
      A XSS exploit can steal a cookie but cannot steal password.
      But the felons use correct password, as evidenced by "Logged In" lines
      in victums' "recent sign-in activity" linked from yahoo's Account Info.

      > But it doesn't say what to do if you or someone you know clicks on
      > one of these one-liner links; or worse has an email account hacked
      > and lots of begging emails sent out to friends with sob stories
      > appealing for cash.

      1. Change yahoo password.

      2. Update Adobe Flash Player and Adobe Reader from adobe.com/downloads
      and Java from java.com/download , keep them updated.
      Better disable Java in the browser (for example, with QuickJava plugin
      for Firefox), use Firefox's built-in PDF viewer instead of Acrobat
      and FlashBlock plugin for Firefox.

      3. Scan Windows for viruses on every computer where you ever entered
      that password. If no malware found then scan with LiveCD or LiveUSB
      one-time antivirus scanner (free for personal use) from freedrweb.com
      It works outside Windows, thus has the potential to find
      malware designed to disable or evade common antiviruses.
      After the malware (virus, trojan) found and removed,
      change mailbox password again, but not to the previous one.
      Never use those old passwords for this mailbox again.

      4. If all scans find nothing, repeat download and scan after a week
      (there is some hope that antivirus vendors catch up to this malware version).

      5. The problem is that exploits attack not only via security holes in
      browsers and their plugins. Security holes in Windows are perpetual.
      All the efforts of such password-stealing-malware writers are concentrated
      on Windows, infrequently they have some luck with a specific unupdated
      version (!) of Mac OS X or Android. So, the only way to be reasonably safe
      is to use (any) free operating system instead of Windows on the same computer,
      for example:
      http://en.wikipedia.org/wiki/GhostBSD
      http://en.wikipedia.org/wiki/PCLinuxOS
      http://en.wikipedia.org/wiki/Linux_Mint
      http://en.wikipedia.org/wiki/Ubuntu_%28operating_system%29
      Unfortunately, this advice usually falls on deaf ears,
      and various excuses are invented to change nothing. You have been warned.
      Unfortunately, we all suffer consequences of this deafness:
      passwords are stolen not only for such botnet-growing spam and stealing
      money, but also for other types of spam, contaminating legitimate websites,
      for sale to various enemies including trolls; bots are used for
      attacking websites...
    Your message has been successfully submitted and would be delivered to recipients shortly.