Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > I have been hacked !!

Reply
Thread Tools

I have been hacked !!

 
 
Sir Leslie Bottocks
Guest
Posts: n/a
 
      02-09-2013
my yahoo mail,

Recent Login Activity

7:49 PM Browser Mail Access Japan122.209.228.141
7:49 PM Yahoo!Xtra Mobile Logged In Japan122.209.228.141


that weren't me!!!!




 
Reply With Quote
 
 
 
 
EMB
Guest
Posts: n/a
 
      02-10-2013
On 10/02/2013 12:47 p.m., Sir Leslie Bottocks wrote:
> my yahoo mail,
>
> Recent Login Activity
>
> 7:49 PM Browser Mail Access Japan122.209.228.141
> 7:49 PM Yahoo!Xtra Mobile Logged In Japan122.209.228.141
>
>
> that weren't me!!!!


You and a bucketload of other yahoo!Xtra email users over the last week.
There's either a pretty good dictionary attack going on, or someone
isn't admitting that their password database has been compromised.

 
Reply With Quote
 
 
 
 
nospam
Guest
Posts: n/a
 
      02-10-2013
On Sun, 10 Feb 2013 12:47:18 +1300, "Sir Leslie Bottocks"
<(E-Mail Removed)> wrote:

>my yahoo mail,
>
>Recent Login Activity
>
>7:49 PM Browser Mail Access Japan122.209.228.141
>7:49 PM Yahoo!Xtra Mobile Logged In Japan122.209.228.141
>
>
>that weren't me!!!!


So what was your password? Was it simple/ weak? If so, change it to
gibberish, like wkkk#qqq123.
 
Reply With Quote
 
Dave Doe
Guest
Posts: n/a
 
      02-10-2013
In article <(E-Mail Removed)>,
http://www.velocityreviews.com/forums/(E-Mail Removed), Sir Leslie Bottocks says...
>
> my yahoo mail,
>
> Recent Login Activity
>
> 7:49 PM Browser Mail Access Japan122.209.228.141
> 7:49 PM Yahoo!Xtra Mobile Logged In Japan122.209.228.141
>
>
> that weren't me!!!!


http://www.telecom.co.nz/whatsnew/emailservicestatus/

from that page...

Phishing Scam Emails

Feb 10, 2013

Phishing Scam Emails


We are aware some customers may be receiving unsolicited emails. If you
have received any of these emails, we recommend that you delete these
without opening them and under no circumstances should you reply to
these emails with any log on, password or personal information.

Yahoo has confirmed this morning that this issue is now resolved,
however some customers may still receive a bounce-back reply from emails
sent prior to this resolution. We recommend that all affected customers
reset their Xtra email password, which can be done here:

https://selfservice.xtra.co.nz/live/.../?GXHC_GX_jst=
8258c07950ea6165



Alternatively ? if you are a webmail user:
Go to nz.yahoo.com
Log on to your Telecom yahoo!xtra profile
Click on account info under my profile
Enter in your current password
Click on Change or Forgotten password and follow the prompts

If you use an email client like Outlook or Entourage, you should then
update that account with your new password.


--
Duncan.
 
Reply With Quote
 
Donchano
Guest
Posts: n/a
 
      02-10-2013

On Sun, 10 Feb 2013 17:47:12 +1300, EMB <(E-Mail Removed)> shouted
from the highest rooftop:

>On 10/02/2013 12:47 p.m., Sir Leslie Bottocks wrote:
>> my yahoo mail,
>>
>> Recent Login Activity
>>
>> 7:49 PM Browser Mail Access Japan122.209.228.141
>> 7:49 PM Yahoo!Xtra Mobile Logged In Japan122.209.228.141
>>
>>
>> that weren't me!!!!

>
>You and a bucketload of other yahoo!Xtra email users over the last week.
> There's either a pretty good dictionary attack going on, or someone
>isn't admitting that their password database has been compromised.


My email account hasn't been hacked, but then I started using a
independent paid email service (Fastmail.net) shortly after Xtra
stopped providing its own service and sub-contracted out to Yahoo. So
the only address I have that still uses the Xtra domain is the one for
my Xtra account and the Yahoo account associated with it has no
addressbook.

On the other hand, I use extremely robust passwords (12 to 16 random
combinations of upper & lower case letters, numbers and symbols) on
all of my online accounts. So if one of those is compromised it's
pretty serious.

So far I've received eight separate spam emails from friends and one
business whose accounts have been hacked. Five of them from Xtra
addresses, three of them from Yahoo addresses. So it's pretty clear
that it's Yahoo that has allowed the accounts to be hacked - which is
why I wouldn't trust Yahoo with my addressbook.

 
Reply With Quote
 
Gib Bogle
Guest
Posts: n/a
 
      02-10-2013
On 11/02/2013 9:04 a.m., Dave Doe wrote:
> In article <(E-Mail Removed)>,
> (E-Mail Removed), Sir Leslie Bottocks says...
>>
>> my yahoo mail,
>>
>> Recent Login Activity
>>
>> 7:49 PM Browser Mail Access Japan122.209.228.141
>> 7:49 PM Yahoo!Xtra Mobile Logged In Japan122.209.228.141
>>
>>
>> that weren't me!!!!

>
> http://www.telecom.co.nz/whatsnew/emailservicestatus/
>
> from that page...
>
> Phishing Scam Emails
>
> Feb 10, 2013
>
> Phishing Scam Emails


This looks like bs to me. There are always phishing emails, but unless
Buttocks responded to one his password should be safe.

 
Reply With Quote
 
Dave Doe
Guest
Posts: n/a
 
      02-10-2013
In article <kf90ik$7b6$(E-Mail Removed)>, (E-Mail Removed), Gib
Bogle says...
>
> On 11/02/2013 9:04 a.m., Dave Doe wrote:
> > In article <(E-Mail Removed)>,
> > (E-Mail Removed), Sir Leslie Bottocks says...
> >>
> >> my yahoo mail,
> >>
> >> Recent Login Activity
> >>
> >> 7:49 PM Browser Mail Access Japan122.209.228.141
> >> 7:49 PM Yahoo!Xtra Mobile Logged In Japan122.209.228.141
> >>
> >>
> >> that weren't me!!!!

> >
> > http://www.telecom.co.nz/whatsnew/emailservicestatus/
> >
> > from that page...
> >
> > Phishing Scam Emails
> >
> > Feb 10, 2013
> >
> > Phishing Scam Emails

>
> This looks like bs to me. There are always phishing emails, but unless
> Buttocks responded to one his password should be safe.


Indeed it's quite incorrectly titled - poor stuff from Xtra/Telecom.

But then who'd expect them to fess up.

--
Duncan.
 
Reply With Quote
 
Gib Bogle
Guest
Posts: n/a
 
      02-10-2013
On 11/02/2013 9:11 a.m., Donchano wrote:

>
> On the other hand, I use extremely robust passwords (12 to 16 random
> combinations of upper & lower case letters, numbers and symbols) on
> all of my online accounts. So if one of those is compromised it's
> pretty serious.
>
> So far I've received eight separate spam emails from friends and one
> business whose accounts have been hacked. Five of them from Xtra
> addresses, three of them from Yahoo addresses. So it's pretty clear
> that it's Yahoo that has allowed the accounts to be hacked - which is
> why I wouldn't trust Yahoo with my addressbook.
>


http://thenextweb.com/insider/2013/0...-fix-old-flaw/
 
Reply With Quote
 
John Little
Guest
Posts: n/a
 
      02-11-2013
Gib Bogle wrote:

> http://thenextweb.com/insider/2013/0...-still-seeing-

accounts-hacked-via-xss-exploit-amid-reports-yahoo-failed-to-fix-old-flaw/

My reading of that article was that Yahoo still has an XSS flaw, and that is
being exploited. However, the main breach occurred in June last year, an
SQL injection attack which netted 450,000 or so accounts and passwords. It
would seem the bad guys have been quietly cracking and harvesting address
books since then.

One of my daughters had an old Yahoo account from when she was a little
girl, with "pretty princess" in the user name (despite her father's strident
republicanism "kings and queens are bad people"). Naturally when she got
older she moved to a less embarrassing moniker, but the old account was
still there and it's address book started being spammed yesterday. There's
no way an XSS vulnerability can affect an account that's not used (but of
course the phishing e-mails entice people to a site that exploits the XSS
thing.)

I'm annoyed with myself that I wasn't aware of the scope of the breach in
June, and the desirability of changing any Yahoo account password, even for
an ancient unused account.

Regards, John Little
 
Reply With Quote
 
EMB
Guest
Posts: n/a
 
      02-11-2013
On 11/02/2013 9:11 a.m., Donchano wrote:
>
> On Sun, 10 Feb 2013 17:47:12 +1300, EMB <(E-Mail Removed)> shouted
> from the highest rooftop:
>
>> On 10/02/2013 12:47 p.m., Sir Leslie Bottocks wrote:
>>> my yahoo mail,
>>>
>>> Recent Login Activity
>>>
>>> 7:49 PM Browser Mail Access Japan122.209.228.141
>>> 7:49 PM Yahoo!Xtra Mobile Logged In Japan122.209.228.141
>>>
>>>
>>> that weren't me!!!!

>>
>> You and a bucketload of other yahoo!Xtra email users over the last week.
>> There's either a pretty good dictionary attack going on, or someone
>> isn't admitting that their password database has been compromised.

>
> My email account hasn't been hacked, but then I started using a
> independent paid email service (Fastmail.net) shortly after Xtra
> stopped providing its own service and sub-contracted out to Yahoo. So
> the only address I have that still uses the Xtra domain is the one for
> my Xtra account and the Yahoo account associated with it has no
> addressbook.


Ditto.
> On the other hand, I use extremely robust passwords (12 to 16 random
> combinations of upper & lower case letters, numbers and symbols) on
> all of my online accounts. So if one of those is compromised it's
> pretty serious.


Me too - but mine is 17 characters as anything less than 16 is
vulnerable to a rainbow tables attack. I still changed it though.

> So far I've received eight separate spam emails from friends and one
> business whose accounts have been hacked. Five of them from Xtra
> addresses, three of them from Yahoo addresses. So it's pretty clear
> that it's Yahoo that has allowed the accounts to be hacked - which is
> why I wouldn't trust Yahoo with my addressbook.
>

I've received a couple, and had close to 100 forwarded to me by users at
work suffering from confucsion at them.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Have I been Hacked??????? David Carter ASP .Net 5 01-24-2005 02:15 PM
Article: Windows Forensics: Have I been Hacked? BleepingComputer.com Computer Support 7 02-22-2004 04:58 PM
been hacked and have some questions kaigler Computer Support 5 02-22-2004 04:49 AM
Re: Could I have been hacked? Stephen K. Gielda Computer Security 0 08-07-2003 08:52 PM
Have I been hacked? Don Andrews Computer Security 5 07-22-2003 09:37 AM



Advertisments