Slashdot Mirror

← Back to Stories (view on slashdot.org)

Widespread Compromise Of Yahoo-Backed Email In New Zealand

Posted by timothy on from the spam-is-best-in-sushi dept.

First time accepted submitter Bitsy Boffin writes "Xtra, the largest ISP in New Zealand, which outsources email provision to Yahoo, has in the last two days been subject to a widespread email compromise, causing potentially thousands of accounts to send spam messages to every address in their webmail address books. Discussion at Geekzone centers around this potentially being a continuation of the Yahoo XSS exploit. While Telecom NZ, the owners of Xtra internet service provider indicate that the problem was "resolved", reports of spam from its members continue unabated. Telecom NZ are advising those affected to change their passwords."

8 of 47 comments (clear)

  1. remember! by Anonymous Coward · · Score: 5, Funny

    Remember, the original concept of the internet as a peer to peer network was a bad idea. Centralizing to just a handful of services is a good idea, and we should all use the cloud for everything, because that has no drawbacks.

  2. Re:Related to huge spike of spam? by viperidaenz · · Score: 5, Insightful

    or the New Zealand Yahoo is not the only one compromised, just the only one to admit it.

  3. Additional Media Article, Confirms Compromise by Bitsy+Boffin · · Score: 4, Informative

    http://www.stuff.co.nz/technology/digital-living/8287236/Xtra-email-accounts-compromised

    The company initially blamed a deluge of compromised accounts on a successful phishing attack, saying customers were tricked into clicking on scam emails, but has now acknowledged a "second attack" that was outside customers' control.

    "We understand from our own technical investigations that the security of some YahooXtra email customer accounts may have been compromised, making it possible for emails to be sent from these accounts without the customers' knowledge," the company said in a statement.

    --
    NZ Electronics Enthusiasts: Check out my Trade Me Listings
  4. Re:Spoofing sender e-mail address by Bitsy+Boffin · · Score: 4, Informative

    The headers of all these SPAM messages indicate traversal from the Yahoo SMTP servers, and the SPAM were targetted specifically at people in the victim's address book. It wasn't a simple Joe Job.

    --
    NZ Electronics Enthusiasts: Check out my Trade Me Listings
  5. It's the XSS flaw still active by NewtonsLaw · · Score: 5, Interesting

    I got hit by this last week and blogged about it, griping that surely a company with the resources of Yahoo should be able to fix such a critical flaw faster than seems to be the case.

    It would appear that Yahoo is happy to announce "fixexd" while the hackers simply exploit yet another hole in the company's shaky cloud.

    Tragic.

    Would Google be so lax in sorting out what is clearly a very critical issue that is affecting a large (and rapidly growing) number of users?

  6. Re:Related to huge spike of spam? by TheGratefulNet · · Score: 4, Funny

    > Once in the yahoo proverbial back door, I wouldn't be surprised if they got more. I don't know what yahoo's architecture is like though.

    sounds, to me, like you work there.

    --

    --
    "It is now safe to switch off your computer."
  7. The nice thing about outsourcing... by sdnoob · · Score: 4, Insightful

    is that you have someone else to blame when things go wrong.

    The bad thing about outsourcing....

    when things do go wrong, there's usually more than enough blame to go around, and you look bad too anyway.

  8. Re:Related to huge spike of spam? by pepty · · Score: 3, Informative

    They didn't get your password, a service Yahoo set up for developers conveniently allows hackers to get your session cookie. For whatever reason, they haven't patched it.