Slashdot Mirror

← Back to Stories (view on slashdot.org)

Widespread Compromise Of Yahoo-Backed Email In New Zealand

Posted by timothy on from the spam-is-best-in-sushi dept.

First time accepted submitter Bitsy Boffin writes "Xtra, the largest ISP in New Zealand, which outsources email provision to Yahoo, has in the last two days been subject to a widespread email compromise, causing potentially thousands of accounts to send spam messages to every address in their webmail address books. Discussion at Geekzone centers around this potentially being a continuation of the Yahoo XSS exploit. While Telecom NZ, the owners of Xtra internet service provider indicate that the problem was "resolved", reports of spam from its members continue unabated. Telecom NZ are advising those affected to change their passwords."

14 of 47 comments (clear)

  1. bellsouth.net accounts too by Anonymous Coward · · Score: 2, Informative

    I have a bellsouth.net dsl account email address and I have seen spam originating from my own account sent to all addresses in my contact list. Something majorly borked at yahoo.

  2. Re:DID NOT NO DINOS HAD YAHOO !! by viperidaenz · · Score: 2

    We only have one dinosaur here.

  3. remember! by Anonymous Coward · · Score: 5, Funny

    Remember, the original concept of the internet as a peer to peer network was a bad idea. Centralizing to just a handful of services is a good idea, and we should all use the cloud for everything, because that has no drawbacks.

  4. Related to huge spike of spam? by Smurf · · Score: 2

    I wonder if it's a coincidence that in the last three or four days I started to receive a lot more spam to my Yahoo mail address. By "a lot more" I mean three or four times more than what I was receiving a week ago each day.

    I don't have any relation with anyone in New Zealand, so my guess is that it's indeed just a coincidence. But still the timing makes me wonder.

    1. Re:Related to huge spike of spam? by viperidaenz · · Score: 5, Insightful

      or the New Zealand Yahoo is not the only one compromised, just the only one to admit it.

    2. Re:Related to huge spike of spam? by bill_mcgonigle · · Score: 2

      or the New Zealand Yahoo is not the only one compromised, just the only one to admit it.

      Two of my friends on Facebook were talking about spam originating from their Yahoo! accounts yesterday and I received a spam from a third (or, I should say one made it through my spam filter). None of them have any ties to New Zealand, as far as I know.

      --
      My God, it's Full of Source!
      OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
    3. Re:Related to huge spike of spam? by TheGratefulNet · · Score: 4, Funny

      > Once in the yahoo proverbial back door, I wouldn't be surprised if they got more. I don't know what yahoo's architecture is like though.

      sounds, to me, like you work there.

      --

      --
      "It is now safe to switch off your computer."
    4. Re:Related to huge spike of spam? by hawguy · · Score: 2

      or the New Zealand Yahoo is not the only one compromised, just the only one to admit it.

      Two of my friends on Facebook were talking about spam originating from their Yahoo! accounts yesterday and I received a spam from a third (or, I should say one made it through my spam filter). None of them have any ties to New Zealand, as far as I know.

      My Yahoo account was hacked a month or so ago - I had a 12 character password including mixed case (in non-obvious places), digits and a special symbol, so i don't think the password was brute forced... I think they have a bigger problem than they have admitted.

    5. Re:Related to huge spike of spam? by pepty · · Score: 3, Informative

      They didn't get your password, a service Yahoo set up for developers conveniently allows hackers to get your session cookie. For whatever reason, they haven't patched it.

  5. Re:DID NOT NO DINOS HAD YAHOO !! by LordLucless · · Score: 2

    Lucky you; we've got 226 over here.

    --
    Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
  6. Additional Media Article, Confirms Compromise by Bitsy+Boffin · · Score: 4, Informative

    http://www.stuff.co.nz/technology/digital-living/8287236/Xtra-email-accounts-compromised

    The company initially blamed a deluge of compromised accounts on a successful phishing attack, saying customers were tricked into clicking on scam emails, but has now acknowledged a "second attack" that was outside customers' control.

    "We understand from our own technical investigations that the security of some YahooXtra email customer accounts may have been compromised, making it possible for emails to be sent from these accounts without the customers' knowledge," the company said in a statement.

    --
    NZ Electronics Enthusiasts: Check out my Trade Me Listings
  7. Re:Spoofing sender e-mail address by Bitsy+Boffin · · Score: 4, Informative

    The headers of all these SPAM messages indicate traversal from the Yahoo SMTP servers, and the SPAM were targetted specifically at people in the victim's address book. It wasn't a simple Joe Job.

    --
    NZ Electronics Enthusiasts: Check out my Trade Me Listings
  8. It's the XSS flaw still active by NewtonsLaw · · Score: 5, Interesting

    I got hit by this last week and blogged about it, griping that surely a company with the resources of Yahoo should be able to fix such a critical flaw faster than seems to be the case.

    It would appear that Yahoo is happy to announce "fixexd" while the hackers simply exploit yet another hole in the company's shaky cloud.

    Tragic.

    Would Google be so lax in sorting out what is clearly a very critical issue that is affecting a large (and rapidly growing) number of users?

  9. The nice thing about outsourcing... by sdnoob · · Score: 4, Insightful

    is that you have someone else to blame when things go wrong.

    The bad thing about outsourcing....

    when things do go wrong, there's usually more than enough blame to go around, and you look bad too anyway.