cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
vofsanity2
Recognised Expert
637 Views
Message 1 of 12

Help from users with compromised accounts

 

I am investigating how two yahoo.co.uk accounts were compromised in the latest round of hacked accounts (2/5/2013).

I would like to know if any users with compromised accounts have found that when they go into the "Sign-in and Security" section of their account information and they click on "Manage Apps and Website Connections" they find entries there that they have no knowledge of setting up. In particular is "Yahoo Mobile" allowed to access the account even although a mobile device has never been used with the account.

 

Other disturbing items were also found but for the moment let us keep it simple.

Note this is only visible in later versions than Classic Mail and BT Yahoo Mail appears to have similar characteristics but has no interface to access this information.

 

I am aware of the large thread on hacked accounts but no mention of this has appeared there.

Many thanks in advance. 

 

Two further points about these accounts.

 

1. Both had been updated from Classic Mail without the user being aware of this.

2. Both had been set to stay logged in for two weeks.

 

Both these accounts have now (10/05/2013) received an email appearing to be from "Yahoo!" with the title

"The Yahoo! Mail app, now for iPhone".  The email is bogus and based on the links within it looks like an attempt to re compromise them. 

Again it would be nice to get some feedback from users with compromised accounts.

0 Ratings
Reply
11 REPLIES 11
632 Views
Message 2 of 12

Re: Help from users with compromised accounts

OMG. I wonder if this Yahoo Mail App  is one of the "enhanced product features (such as applications to handle attachments) that you may find useful." at 2.6 here

0 Ratings
Reply
627 Views
Message 3 of 12

Re: Help from users with compromised accounts

Thought I'd check this, on one of the secondaries that is being forced to upgrade before we can look at the Mail - even though it's before June 3  Smiley Mad

 

No sign of a Sign in and Security link to see if there is a hint of a Yahoo App and a default login of 2 weeks

 

NoSignInSec.jpg

0 Ratings
Reply
628 Views
Message 4 of 12

Re: Help from users with compromised accounts

Just surmising here, but June 3 (death of Classic Mail) fast approches:

 

Circumstantial evidence begins to hint that it is only the updated mail platform that is vulnerable to this hack (Yahoo Mobile Mail App backdoor?). If it turns out that some App or "enhanced product feature" that accompanies the new mail platform that is being forced upon us on June 3 is the backdoor to the breach, and that the Classic Mail interface is "safe" then BT will be knowingly exposing all those customers who still use Classic to a security weakness and potential compromising of our personal data come June 3

 

I think we need some guarantees from BT - urgently please - about this scenario.

 

This gets more and more serious and stressful as June 3 approaches. If BT can't reassure me, we'll have to quickly abandon all our BT mail addresses before June 3, and that will be a right pita, I can tell you, at a very crucial time for us, when emails are flying all over the place for a major event. (More on those pro-active counter-measures in another post when I have time)

 

Does anyone know of any Classic Mail users who have had their accounts hacked? (If so, that would scupper my theory perhaps)

 

 

0 Ratings
Reply
Johnoo
Expert
618 Views
Message 5 of 12

Re: Help from users with compromised accounts

I am still using Classic Mail & my account was compromised on the 15th March.

Hence Classic mail accounts are at risk.

This mess is being made worse by BT not giving a honest/finite Press release

0 Ratings
Reply
Distinguished Sage
Distinguished Sage
619 Views
Message 6 of 12

Re: Help from users with compromised accounts

Rather than everything being spread over two posts and things being repeated would it not be better to keep every thing re hacked email on the one post at 

 

http://community.bt.com/t5/Other-BB-Queries/BT-email-accounts-hacked/td-p/796762

 

then we would only have to look in one place for what is happening if anything!!

0 Ratings
Reply
614 Views
Message 7 of 12

Re: Help from users with compromised accounts


@Johnoo wrote:

I am still using Classic Mail & my account was compromised on the 15th March.

Hence Classic mail accounts are at risk.

This mess is being made worse by BT not giving a honest/finite Press release


Thanks Johnoo. I won't waste more time considering that theory then.

 

I quite agree with you about BT aggravating the trouble in which we customers find ourselves. It's a sorry state of affairs that BT is happy to sit back and watch their customers shooting in the dark and micturating in the moving air.

0 Ratings
Reply
vofsanity2
Recognised Expert
550 Views
Message 8 of 12

Re: Help from users with compromised accounts


@gg30340 wrote:

Rather than everything being spread over two posts and things being repeated would it not be better to keep every thing re hacked email on the one post at 

 

http://community.bt.com/t5/Other-BB-Queries/BT-email-accounts-hacked/td-p/796762

 

then we would only have to look in one place for what is happening if anything!!


I started this thread to get help with my investigation into finding how and when these accounts were compromised. It is important that it contains information relevant to the problem. The main thread is useful for general news but is not specifically geared to get to the root cause.  Note my post in the main thread that shows from BTs /Yahoos terms and conditions that compromised accounts are the users responsibility (Message 580 3/5/2013)

0 Ratings
Reply
vofsanity2
Recognised Expert
548 Views
Message 9 of 12

Re: Help from users with compromised accounts


@FloFosterJenkins wrote:

@Johnoo wrote:

I am still using Classic Mail & my account was compromised on the 15th March.

Hence Classic mail accounts are at risk.

This mess is being made worse by BT not giving a honest/finite Press release


Thanks Johnoo. I won't waste more time considering that theory then.

 


It is important to bear in mind that it is likely that accounts are being compromised in more than one way.

One of the things I am trying to find out is were these two accounts changed from Classic Mail to a later version before or after being compromised.

0 Ratings
Reply
Distinguished Sage
Distinguished Sage
545 Views
Message 10 of 12

Re: Help from users with compromised accounts

I understand and commend your action. I just hope that the thread doesn't become overloaded with informtion that is not relevant and the relevant stuff becomes lost in the amount of posts, as can often happen. Good luck with your quest.

0 Ratings
Reply