 sj |
||
|
||
Tech: Virus/Worm that hijacks e-mail account
|
|
|
|||||||
|
Tech: Virus/Worm that hijacks e-mail account |
Share Thread
|
||||||
|
Subject: Tech: Virus/Worm that Sends e-mail to friends From: Joe Offer Date: 30 Jun 11 - 02:29 PM I keep getting suspicious-looking e-mails from friends that include only a link to a questionable-looking site. I'm supposing this must be sent by a worm or virus. These friends have e-mail addresses from providers that have web-based e-mail, so my friends' address books are not stored on their computers. How does this work, and how can my friends get rid of this? -Joe- Here's a sample:
Check out this new website Click Here http://l.livehealthclub.com/i.php?a=l&q=n5ZgpqFlpZdkpOtT7JRen+, etc. ___ This invitation was sent to joeoffer@xxx.com on behalf of Sandy whatshername Privacy Policy Unsubscribe Terms and Conditions |
|
Subject: RE: Tech: Virus/Worm that Sends e-mail to friends From: Joe Offer Date: 30 Jun 11 - 02:36 PM It's discussed in answers.yahoo.com, but there's no definitive answer. The Gmail Forum also has something. Not much at Norton Safe Web - three thumbs-down messages from posters, but nothing from Norton. I'm guessing that once it has done its dirty work and stolen the contents of an address book, there's nothing that can be done ot undo the damage. The e-mails are sent out in my friend's name. They appear like normal e-mails from normal e-mail addresses, but a deeper look at the header details shows they come from another sender. -Joe- |
|
Subject: RE: Tech: Virus/Worm that Sends e-mail to friends From: John MacKenzie Date: 30 Jun 11 - 03:01 PM I banned all G Mail addresses from joining my web site. It is notorious for bugs, and is used by loads of spammers. |
|
Subject: RE: Tech: Virus/Worm that Sends e-mail to friends From: GUEST,999 Date: 30 Jun 11 - 04:19 PM John, Yahoo e-mail is the one that is causing this problem. |
|
Subject: RE: Tech: Virus/Worm that Sends e-mail to friends From: Dave the Gnome Date: 30 Jun 11 - 04:27 PM I am not sure if it was a hack, trojan, virus or spoof but some dodgy links were sent out from one of my addresses. I suspect it was spoofing my address as there was no evidence of tampering with anything else. Recipients names seemed to be pretty random and mainly old but one or two current ones. I guess someone has, at one time, harvested some old addresses. Who knows where from but we all have contact lists all over the place nowadays so, as much as the sites deny it, anyone could sell those lists. Cheers Dave |
|
Subject: RE: Tech: Virus/Worm that Sends e-mail to friends From: GUEST,leeneia Date: 30 Jun 11 - 10:45 PM How exactly does one get a deeper look at header details? |
|
Subject: RE: Tech: Virus/Worm that Sends e-mail to friends From: GUEST Date: 30 Jun 11 - 11:11 PM To: Guest Leeneia
Right Click your mouse (even newer MACs work with a right-mouse-click) and view the header. For ALL of my e-mail - for more than a decade - it is helpful for ALL print-outs to know the "real time, real location, real system.
To: Mr. Joe,
Since opening the experimental "honey-pot" -
This is captured through "wire shark" a GNU program.
Since it is "my dime" ... in "my home" (sort of) ... in the USA (God Bless America) it is similar over-hearing a conversation, by a phone-addict in the local grocery store. Look Into "WIRE SHARK" - it beats the "Facebook" "Myspace" "roll-over-cookie" that Susan loves so well. |
|
Subject: RE: Tech: Virus/Worm that Sends e-mail to friends From: Joe Offer Date: 30 Jun 11 - 11:12 PM It varies from one e-mail program to another, leeneia. I have Hotmail, and I can click on the bar at the top of the e-mail to get more information about the sender. If I right-click on the title of the e-mail in the list of e-mail messages in Hotmail, I can choose "view message source," and that will give me full information. 999, this problem seems to exist with all the major web-based e-mail providers - yahoo, gmail, hotmail, etc. -Joe- |
|
Subject: RE: Tech: Virus/Worm that Sends e-mail to friends From: Jim Dixon Date: 01 Jul 11 - 12:33 AM Something once hijacked my entire contact list and sent everyone an email that appeared to come from me, although, of course, I hadn't authorized it. The email was very brief; it recommended that people buy a certain stock, and gave a web address. When I checked the site myself the next day, the web site apparently had been shut down. The email contained several spelling and grammar errors, which immediately made some of my friends suspicious. Besides, recommending stocks is something I would never do. I don't think anybody was fooled. A few people contacted me to warn me that they had received a suspicious email that appeared to come from me. I was surprised, though, how few replies I got. Maybe most of my friends never saw the email because it was caught by their spam filters. Actually, the same thing happened twice. The first time, I did nothing about it. The second time, I changed my password, but I kept my email address. It never happened again. I think that was over a year ago. A friend of mine had something similar happen to her, but in her case, all her friends got an email saying she was stranded in Europe without any money and asked people to transfer money to her account. Of course it was an account that didn't really belong to her. (Now that's nasty.) As soon as she learned about it, she notified her email provider. (I think it was hotmail.) Without asking her, the provider immediately shut down her email account. That meant she couldn't even access her own address book. She lost all the email addresses and other data she had stored there, as well as her history of sent and received emails. She had no backup. She couldn't even send out a follow-up email telling people to disregard the bogus one. If you ask me, the cure was worse than the disease. Did you know you can back up (export) your address book? I recommend it. |
|
Subject: RE: Tech: Virus/Worm that Sends e-mail to friends From: EBarnacle Date: 01 Jul 11 - 12:46 AM All of the above but include Facebook among the vulnerable sites where your friends can get hacked quite easily. |
|
Subject: RE: Tech: Virus/Worm that Sends e-mail to friends From: Sawzaw Date: 01 Jul 11 - 12:56 AM If the spam is from a Yahoo account, Yahoo email logins can be read from the cookies on your browser if you don't sign out from Yahoo email. I just discovered this today after receiving spam from my Grandson's yahoo email account. When you sign out, the cookie is deleted. If you don't, it can be read when you go to another website or page. There is a script designed to specifically do this. You click on a link in an email, maybe even from a friend that had his login stolen, go to another site and GOTCHA. I understand Yahoo could pervent this bt encoding the cookie somehow but they have known about it for months and have not corrected the flaw This may apply to other web mail sites or even bank accounts but I am not certain yet. Bottom line is don't click on links, even in friendly emails or open suspicious emails. |
|
Subject: RE: Tech: Virus/Worm that Sends e-mail to friends From: nickp Date: 01 Jul 11 - 05:06 AM Had a similar issue with Hotmail. Changing my password cured it. Nick |
|
Subject: RE: Tech: Virus/Worm that Sends e-mail to friends From: EBarnacle Date: 01 Jul 11 - 01:03 PM With Hotmail, you can also raise your security level. This will mean that you will miss out on interesting e-mails but you will also miss out on having your info stolen. |
|
Subject: RE: Tech: Virus/Worm that Sends e-mail to friends From: GUEST,jacob88 Date: 12 Jul 11 - 03:38 AM I've tracked it too... IP address: 209.190.88.118 Host of this IP: mta6.livehealthclub.com Organization: Astute Software ISP: eNET City: Mumbai Country: India State: Maharashtra Timezone: Asia/Calcutta Local Time: 12.07.2011 12:51:19 |
|
Subject: RE: Tech: Virus/Worm that Sends e-mail to friends From: JohnInKansas Date: 12 Jul 11 - 04:31 PM Restating some general principles: It's unlikely you have a "virus/worm that sends e-mail to friends." If someone gets your contact list, they can send emails to everyone you know - pretending that they com from you; but they don't have to be sent from your computer. The real danger for your computer is that there's might be a worm/virus on your computer that allows someone to look at (and usually to record elsewhere) everything on your computer and everything your computer does. If someone is sending emails with your name on them to people on your contact list, it is possible that they've placed a "spyware" infection on your computer, but that's not the only place they can get your contacts. Most email services keep your contacts and your email on their servers. Someone can hack into the server that has all your information and get everything that's there, about you and about everybody else using that service, Because there's lots of information on the servers, and probably pitifully little of real interest on your computer, it has become much more "popular" to attack the servers than to try to suck up the thousands of individual users needed to get the same information. Since attacks on individual users and on mass servers are both still fairly common, you do need to maintain good malware protection on your own computer, keep it updated, schedule it to run frequently, and if your program can, set it for "real time scans" of all incoming stuff. It's fair to expect servers to have better protections than you can get, and most of them do; but it would be difficult to name any major service/server that has not experienced successful penetrations and loss of data. (When Sony says "nothing valuable was taken" they mean nothing valuable to them. Your stuff that was there is apparently "not very valuable.") Unfortunately, once "they" have your contact list, and possibly some or all of your passwords, etc., you can't erase their copies or get them back. You probably will want to change all your passwords and may want to switch to a different email account. If you change email, people getting the strange stuff should be able to block any new incoming from your old one, but that depends on: 1. They know they need to do it. 2. They're interested/concerned enough to do it. 3. They can figure out how to do it on their own computers. 4. They get it done. Don't count on any of the above, although you can "encourage" significant contacts. At a second level of attack, you could have malware on your computer that allows someone else to "take over" the computer and to do anything on it that you can do. This probably would be necessary for someone to send emails to people in your contact list from your computer. Machines infected with such "bots" are usually assembled into groups to form "botnets" that can be activated (by a single command sent simultaneously to all the "bots") to follow preloaded instructions for mass DDoS attacks on individual servers. A particular danger is that many fairly large (>100,000 computers) are controlled by "botmasters" too young to have developed "moral values." Steve Gibson identified one 13 year old "botmaster" running about 100,000 "slave bot" machines somewhere around 30 years ago, IIRC. It doesn't really matter what's on your computer, since the "botmasters" are only interested in whether they can control it to attack someone else, with a minor concern about whether your computer and connection are "fast enough" to be worth adding to their "net." Removal, or even detection, of botware can be quite diffult. Some can be detected by AV programs, but detection is often only by observing changes in your computer's behavior. If there's a real reason to suspect such an infection you probably need expert help, or you can reformat and start from scratch. (Having just done a start-over for other reasons, I can report that it went quickly. Only about 37 hours to get almost everything back onto the replacement C:\ drive. No matter how good your backups are, the stuff has to be copied at a rate your machinery can handle.) John |
|
Subject: RE: Tech: Virus/Worm that Sends e-mail to friends From: SINSULL Date: 13 Jul 11 - 09:19 AM Shades of the Love Virus which when opened not only sent itself on to your entire mail list but attached itself to jpeg files so that it replicated itself. I received some strange stuff too, Joe, from Jacqui. Before opening, I checked with her and it was a virus. |
|
Subject: RE: Tech: Virus/Worm that Sends e-mail to friends From: JohnInKansas Date: 13 Jul 11 - 09:45 AM More cute than particularly usefull (or necessary), perhaps some would like to try this Security Quiz. The first 8 questions really are things you should know, although we'll not flog anyone who isn't sure of them. The last couple may require some guesswork, unless you watch a lot of the news, but the answers are actually pretty widely known and may be "revealing" to some who won't believe them. Note that each "page" of the quiz gives the answer to the preceding question, but it's a bit "separated" from the rest and you may have to look to see where the answers are being displayed, especially if you're not working at full screen. John |
| Share Thread: |