Slashdot Mirror

← Back to Stories (view on slashdot.org)

Password Hackers Do Big Business With Ex-Lovers

Posted by ryuzaki0 on from the time-to-get-sneakier dept.

Hugh Pickens writes "The Washington Post reports that disgruntled lovers and spouses considering divorce are flocking to services like YourHackerz.com that boast they have little trouble hacking into Web-based e-mail systems like AOL, Yahoo, Gmail, Facebook and Hotmail. The services advertise openly, and there doesn't appear to be much anyone can do about it because while federal law prohibits hacking into e-mail, without further illegal activity, it's only a misdemeanor, says Orin Kerr, a law professor at George Washington University. 'The feds usually don't have the resources to investigate and prosecute misdemeanors,' says Kerr. 'And part of the reason is that normally it's hard to know when an account has been compromised, because e-mail snooping doesn't leave a trace.' It's not clear where YourHackerz.com is located, but experts suspect that most password hacking businesses are based overseas."

6 of 197 comments (clear)

  1. Blaming the tools, instead of the behaviour... by Cheesetrap · · Score: 2, Informative

    "normally it's hard to know when an account has been compromised, because e-mail snooping doesn't leave a trace."

    Well that's incorrect. I'd be fairly confident that most web-based email services have a way of telling when you logged into your account last (otherwise how would they know when to deactivate your account after X months of inactivity?) - they simply choose not to allow Joe Average to access this information.

  2. Re:RTFS by Jessta · · Score: 2, Informative

    and that's a good point.
    It seems that passwords are kind of a terrible way to secure things.

    Needs more OpenID, client certificates, and HTTPS

    --
    ...and that is all I have to say about that.
    http://jessta.id.au
  3. Re:compromised by moonbender · · Score: 4, Informative

    Google Mail gives you an activity log: http://mail.google.com/support/bin/answer.py?ctx=gmail&answer=45938

    It's pretty damn cool.

    --
    Switch back to Slashdot's D1 system.
  4. Re:So wait... by linhares · · Score: 3, Informative

    until she installs a keylogger. Physical access is game over.

  5. Re:Trivial. by Anonymous Coward · · Score: 3, Informative

    Heh, you're over estimating the level of skill involved.

    There are some interesting discussions of how these services work here:

    crackpal.com
    crackmails.net

  6. Re:So wait... by JSBiff · · Score: 2, Informative

    And of course, this is missing the obvious point that a) most people have never heard of truecrypt, and b) most girlfriends/boyfriends/spouses won't know that such a thing as a keylogger exists. It's true that either situation *could* change (the girlfriend gets a new boyfriend, or just a friend, who teaches her about keyloggers, for example).

    Still, I suspect setting up a TC volume for your email is better than nothing. I've done this on my laptop - mostly just to protect my files in case of theft/loss; I think it's probably pretty good for that particular scenario - I realize that TC won't protect me from a determined or sophisticated person/organization, but should protect against the random thief. But, even against someone like a girlfriend/wife, it provides at least some barrier for them to have to penetrate.