[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 27/03/13 23:21, bad apple wrote: > http://www.seguridadseisavi.com/jrohpdvk/xxsjy.ropcs?myoj > > Oh fucking hell, not again... So, just got back in from a job and checked my email: behold, my throwaway yahoo account used for Freecycle, this mailing list and others has once again been spewing spam to valid accounts from my contact list, including here. Lots of bounce messages from the yahoo mail servers and presumably several angry emails to be arriving tomorrow when the recipients get them. Once again, the mails contain obvious malware links. Fantastic. Just as before, this email is accessed purely from my current home workstation and not any of my laptops, phones or other devices and has never been accessed from outside this house. Specifically, this account runs from my main Thunderbird instance on this box only and it doesn't remember the password (manually entered on connect and first send). Following the last occurrence, I habitually change my yahoo password every one month to an uncrackable 30 character random string (mixed case, special characters and digits) kept in a password manager: it has to be copy/pasted because it's way too long to remember. This workstation is still a hardened Debian install - as you guys probably know by now, not only do I seriously know what I'm doing, I'm positively lunatic-level obsessive about security. There is no chance this machine has been compromised, and I've already had it offline since I got back in for a rootkit sweep and a check against my daily tripwire checksums. Nothing at my end, basically. If this box had been compromised there is so much juicy stuff on it that the last thing the attacker would give a shit about is swiping my pointless yahoo password anyway, literally the keys to the kingdom are on this machine (my ssh keys to numerous client sites would be a better target, just for a start). This time it's worse than before: I immediately tried to change my password manually on the yahoo website and there's a new security question that I didn't put there. It accepted my initial password though, which implies my password is unchanged but it's now known to someone else who isn't me - I'll find out for sure when I try and send this email from Thunderbird. So, WTF? -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq