[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Thu, Mar 28, 2013 at 2:17 AM, Simon Waters wrote: > So unless the Yahoo! certificate is compromised, and routing... > Or someone is permanently inside Yahoo or Yahoo systems stealing bits... > > Maybe they simply don't have the password. > > There are similar reports elsewhere of long unused accounts being > hijacked (although mine is so old it is de-activated). The emails I've > seen are all sent via the webmail interface, maybe Yahoo WebMail simply > has some bug that allows attacker to change some settings and send email > as someone else. Since it looks like a botnet, presumably as long as it > doesn't trigger Yahoo! security action they can poke around. I agree - something fishy is going on at Yahoo that goes beyond people having their passwords keylogged or even cracked. I've seen a lot of spam sent from compromised accounts to people in the account's address book. Most (though not all) of it is from Yahoo accounts. I used to think this was just people with keyloggers, but that fact that you (bad apple) has got your account 'compromised' twice, together with some other anecdotal evidence shows that it isn't that simple. I haven't checked this link, but similar links I've seen recently linked to drive-by-downloads for Android (and weight loss spam when viewed from non-Android browsers). So don't click - unless you know what you're doing. Martijn. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq