Hotmail warning - SV650.org

25-02-07, 12:38 PM

All,

Please be sure that hotmail passwords (and therefore all MSN Live services) are secure. It appears that there is a way to brute force a password for an MSN Passport.

How do I know this?

Well, no-one knows my hotmail password, and it changes pretty frequently (as do all my passwords). The hotmail password is changed on average once a month. My password is also reasonably secure, and is only used for hotmail (it's the only Live service I use). An exmaple of my password is "51fDvhFg". No, this isn't my current password, nor was it my old one, just an example.

Right, so my account is secure yes? So why did I just get a postmaster notification saying that I'd sent someone an email, and it failed, when I never sent it. In fact, I don't even know the address it was supposed to be sent to. So someone has been in my account sending mails.

I'm still in the middle of working out exactly what's happened, and the implications of it. There is a chance that this was just an attack on me, and the people with the knowledge have no intention of distributing it. There's also a chance that my account was hit randomly.

If it is the latter, be on your toes folks, make sure you do what you can to secure your account. My immediate thoughts are that if it was someone targetting me on purpose, they wouldn't of been stupid enough to send a mail to an account that doesn't exist.

I'll update this thread whenever I find anything out.

25-02-07, 01:54 PM

i think it is more likely that your personal machine has some kind of computer virus that hijacked your hotmail when you login and obtained your account information. keep your machine update with all the security patches and make sure your anti virus software is up to date. and don't download softwares from third party sources or warz stuff.
This is nothing new, if you check a lot of your junk mails, there are a lot of legit email addresses being used without the owner of the address even knowing it, you usually find out when you get a email bounce message. Another thing is, i always have an email address only used for register with different kind of services. Dispite all the effort you put in to tick the box "not to share your detail with third parties " when you register to a site or a service, your email address always ends up at some wrong hand, which they use to send junk email with.

25-02-07, 01:58 PM

Quote:

Originally Posted by Baph

So someone has been in my account sending mails.

Not necessarily true.

Much more likely that someone has harvested your email address from the Inbox of a recipient of an email from you and then used your email address in "From" and "Reply to" fields.

It's a fairly common occurrence, unfortunately, and nothing you can do about it as the insecurity is on someoen else's machine.

25-02-07, 02:00 PM

I very much doubt someone has compromised your account.

It sounds like a spammer sent an email with the SMTP from: field with your email address in. Essentually spoofing an email from you.

Its a very common occurrence, I wouldn't panic.

Dan

25-02-07, 02:02 PM

Quote:

Originally Posted by KrZ

i think it is more likely that your personal machine has some kind of computer virus that hijacked your hotmail when you login and obtained your account information. keep your machine update with all the security patches and make sure your anti virus software is up to date. and don't download softwares from third party sources or warz stuff.

Somehow I don't think so.

My work IT policy means that my machine is scanned for viruses & adware/malware etc every night. It also updates the definitions for those apps on demand. The manufacturers release an update, we get the update a few mins later. Firewall rules are also so strict that everything (incoming & outgoing) has to be explicitly allowed by user intervention. Windows updates are checked daily & installed where needed.

My job means that I have to keep on top of all security alerts that could possibly affect us. That means I find out about vulnerabilities in applications/services usually before it's mainstream knowledge on sites like secunia.org. Because of this, my home system is actually tighter than my work computer.

But thanks for the thought.

Dan, SMTP spoofing to/from a MSN Live passport? The ones where they don't allow SMTP access? Everything goes through a HTTP front end.

25-02-07, 02:04 PM

Quote:

Originally Posted by Jabba

Not necessarily true.

Much more likely that someone has harvested your email address from the Inbox of a recipient of an email from you and then used your email address in "From" and "Reply to" fields.

It's a fairly common occurrence, unfortunately, and nothing you can do about it as the insecurity is on someoen else's machine.

A possability that I hadn't thought about actually. Dan, I now see you could be meaning this as well.

Hmm, more digging around following the information I have about servers, to see if anything I can see from the mail is an open relay etc...

TY for that

25-02-07, 03:16 PM

Quote:

Originally Posted by Baph

A possability that I hadn't thought about actually. Dan, I now see you could be meaning this as well.

Hmm, more digging around following the information I have about servers, to see if anything I can see from the mail is an open relay etc...

TY for that

It doesn't have to be an open relay, just one of an ISP of a compromised computer.

See the email you just sent yourself, for proof.

Dan

25-02-07, 06:23 PM

Quote:

Originally Posted by Sudoxe

It doesn't have to be an open relay, just one of an ISP of a compromised computer.

See the email you just sent yourself, for proof.

Dan

I know how the system works (having worked as an ICT tech inc Windows & Linux in the past, and system admin etc), but 9/10 it's an open relay. I always add open relays to blacklists where possible to make life harder for the spammers

Pyzor is starting to go downhill, because spammers have started fighting back, adding legitimate domains to the Pyzor blacklist, which means that eventually administrators/tech's drop the Pyzor blacklist.

Didn't work btw

not received

25-02-07, 10:51 PM

Quote:

Originally Posted by Jabba

Not necessarily true.

Much more likely that someone has harvested your email address from the Inbox of a recipient of an email from you and then used your email address in "From" and "Reply to" fields.

It's a fairly common occurrence, unfortunately, and nothing you can do about it as the insecurity is on someoen else's machine.

Let me see... I've had a hotmail address, about 11 years... and this is the most common thing I've had happen. Happens about twice a year, but now I have the junk mail filter set on full so I imagine I still get it. I just don't notice anymore.

26-02-07, 03:13 PM

My mates hotmail account was hacked into last week, wednesday i think, they got in, and changed all his passwords, profile everything. And now hotmail wont help him get it back, so hes lost all his email adress, msn address and contacts etc.

my ebay was also hacked a few years back, whoever did it put bids in for loads of gay stuff, like A$$ dills, and bondage gear, lukily i didnt win any of it

25-02-07, 12:38 PM	#1
Baph Guest Posts: n/a	Hotmail warning All, Please be sure that hotmail passwords (and therefore all MSN Live services) are secure. It appears that there is a way to brute force a password for an MSN Passport. How do I know this? Well, no-one knows my hotmail password, and it changes pretty frequently (as do all my passwords). The hotmail password is changed on average once a month. My password is also reasonably secure, and is only used for hotmail (it's the only Live service I use). An exmaple of my password is "51fDvhFg". No, this isn't my current password, nor was it my old one, just an example. Right, so my account is secure yes? So why did I just get a postmaster notification saying that I'd sent someone an email, and it failed, when I never sent it. In fact, I don't even know the address it was supposed to be sent to. So someone has been in my account sending mails. I'm still in the middle of working out exactly what's happened, and the implications of it. There is a chance that this was just an attack on me, and the people with the knowledge have no intention of distributing it. There's also a chance that my account was hit randomly. If it is the latter, be on your toes folks, make sure you do what you can to secure your account. My immediate thoughts are that if it was someone targetting me on purpose, they wouldn't of been stupid enough to send a mail to an account that doesn't exist. I'll update this thread whenever I find anything out.

25-02-07, 01:54 PM	#2
KrZ Guest Posts: n/a	Re: Hotmail warning i think it is more likely that your personal machine has some kind of computer virus that hijacked your hotmail when you login and obtained your account information. keep your machine update with all the security patches and make sure your anti virus software is up to date. and don't download softwares from third party sources or warz stuff. This is nothing new, if you check a lot of your junk mails, there are a lot of legit email addresses being used without the owner of the address even knowing it, you usually find out when you get a email bounce message. Another thing is, i always have an email address only used for register with different kind of services. Dispite all the effort you put in to tick the box "not to share your detail with third parties " when you register to a site or a service, your email address always ends up at some wrong hand, which they use to send junk email with. Last edited by KrZ; 25-02-07 at 02:00 PM.

25-02-07, 02:00 PM	#4
Sudoxe Guest Posts: n/a	Re: Hotmail warning I very much doubt someone has compromised your account. It sounds like a spammer sent an email with the SMTP from: field with your email address in. Essentually spoofing an email from you. Its a very common occurrence, I wouldn't panic. Dan

26-02-07, 03:13 PM	#10
Marshall Guest Posts: n/a	Re: Hotmail warning My mates hotmail account was hacked into last week, wednesday i think, they got in, and changed all his passwords, profile everything. And now hotmail wont help him get it back, so hes lost all his email adress, msn address and contacts etc. my ebay was also hacked a few years back, whoever did it put bids in for loads of gay stuff, like A$$ dills, and bondage gear, lukily i didnt win any of it

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Headers in Hotmail	gettin2dizzy	Idle Banter	6	18-03-09 10:02 PM
Is Hotmail down or do I have a problem here?	SV-net	Idle Banter	6	25-11-08 12:22 AM
is hotmail down again ?????	mike_avfc	Idle Banter	8	02-08-08 11:02 PM
hotmail virus?	hovis	Idle Banter	4	27-07-07 04:33 PM
hotmail help needed	CoolGirl	Idle Banter	2	06-05-06 04:18 PM