D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Yahoo email was Re: bad apple: follow up and fall out

 

On 29/03/13 11:20, Simon Waters wrote:
Agree it looks like bots accessing the web interface, IP addressses typically end 
user like. I had a poke at Yahoo web mail. Nothing immediately obvious, but then I 
agree there is probably some luck involved, although I doubt it is opportunistic 
timing.

My browser did access 45 different hostnames in the page to compose and send an 
email. Some were CDN servers,  fair enough. At least one appeared to be returning 
empty/corrupt responses but presumably not important. The cookies aren't encrypted 
which surprised me (it being easy improvement to add with no/little coding needed), 
but the values may be, or they might be base64 or similar. I'll look closer when I 
get some more time.

The diet thing is I think a distraction, this is all about botnet growing. Mostly I 
get malware free responses suggesting it is a kit looking for vulnerable user agents.

Well I have a Yahoo mail account which I hardly ever use. After reading this thread I decided to remove it.

First problem, finding out how to do this. On the web site I did not find any way to delete my account. Eventually I had to Google to find a Yahoo site that would do this.

I did the necessary and I was told that the account was now disabled. Please note, not deleted or removed but disabled. I was further told that the account would be kept around for 90 days before being deleted. And even then I was told that some of it may be retained, although it did not specify what that was.

So, deleting a Yahoo mail account is not so easy as I think it should be.

Just to check I tried to log on to it today. I was told that it was currently disabled but that I could click on 'the button below' to re-instate it!!

They really don't like to let go do they?

Neil

--
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq