Sign in / up

back to article Spammers jump on Gmail, Hotmail mass-hack gravy train

This week's airing of some 30,000 compromised Windows Live and Google Mail accounts has coincided with a spike in spam from those two services that promote sketchy electronics dealers, a researcher said. Over the past few days, spam promoting fraudulent electronics stores has increased by as much as 40 per cent, according to …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. Gary 38
    Grenade

    Nothing here move along...

    Runald said. "There are no advanced trojans or anything."

    Well anything is a bit of a misnomer in this context. A SAS blended attack, a bit of spam, a bit of phish and some gravy on the side.

    This is an interesting event. First report was that #10000 Hotmail addresses with the first character being A or B (no case sensistivity since it is a MS product) were published on pastebin.com (if memory serves). Then that spilled over to Gmail, et al. Now how does it go from 10000 to 30000 in a matter of days and that is what is reported.

    This has been a well coordinated and crafty attack. Although there may be common perception in the security arena that phishers are not necessarily that technically astute, there are some people out that that are and this may be some evidence of that.

    The wild wild web is going to get a lot wilder with clouds, SAS, XSS and blended attacks.

    0 0
  2. Winkypop Silver badge
    FAIL

    If it smells like a turd..

    ...and it looks like a turd, and it feels like a turd.....it must be a CHEAP LAPPY!!!

    0 0
  3. Anonymous Coward
    Anonymous Coward

    @Gary 38 Re: Nothing here move along...

    > ..with the first character being A or B (no case sensistivity since it is a MS product)

    Please point me to an "out of the box" unix/linux distribution that has case sensitivity for the local part of an email address.

    0 0
  4. The First Dave

    @Gary 38

    From memory, the spec says that email addresses MUST NOT be case sensitive...

    0 0
  5. Anonymous Coward
    WTF?

    Three comments in

    and already we have microsoft/linux handbags at dawn.

    Can we split el Reg into three please?

    One for microsoft fanbois.

    One for Linux fanbois.

    One for the rest of us.

    0 0
  6. Chris Dickens
    Stop

    Warnings

    Since the providers presumably have these lists can't they just add a warning to the top of any outgoing email from a compromised account stating that it has been compromised and that anything from it should be treated as suspect?

    Leave the message there until all security details have been reset. Not only will it warn other people it might shame those who gave their details to be more careful in the future.

    0 0
  7. matt_lethargic
    Stop

    Linux/MS

    You can hardly turn this into an MS/ linux argument as surely hotmail is an ms product (not that I know for sure) but wouldn't they use exchange (???) and I'd guess that google/gmail would be open source. So in this case wouldnt both camps be to blaime for the original account cracking.

    (waits for flaming!!!)

    0 0
  8. Anonymous Coward
    Anonymous Coward

    Re: Three comments in

    I'm the AC @ 10:06 GMT and I'm definitely not an MS fanboy. I dont use any of their products.

    I as happy as the next person to bash MS, but only when they deserve it. I'm just as happy to defend them from undeserved criticism as in Gary 38's comment.

    0 0
This topic is closed for new posts.

Other stories you might like