bit-tech.net

Hotmail attack deletes contacts, emails

Hotmail attack deletes contacts, emails

The attack against Hotmail results in outgoing spam and the loss of all contacts and most sent e-mail.

Reports are circulating the web of a Hotmail crack resulting in the loss of saved e-mails and users' entire contacts list, along with spam being sent out from the affected accounts.

Following a tip-off from Spotibot developer Andy Smith - who has first-hand experience of the phenomenon, having provided support to a family member affected by the crack - evidence of a co-ordinated attack against Hotmail users which aims to take over accounts and use them to send out spam for Chinese-based electronics websites has been uncovered.

The first thing a victim is likely to notice is a sudden loss of all sent e-mails - and possibly all e-mails full stop - along with the deletion of their entire contact list, mostly likely as a method to stop users easily warning people that the last message sent from the account was from the spammer behind the attack. So far, the attackers do not appear to be changing account passwords - allowing users to log back in and reclaim their accounts.

The messages sent out take the form of an advert offering iPhones at discounted prices from a variety of websites - all clones of each other, and all using 'junk' gibberish domains. The text of the message is usually a variation on "I ordered one black apple iphone 3gs 16gb from this website [redacted] weeks ago,today I've got it .Amazing,beyond my imagination, it's genuine and as good as I expected,but much cheaper.I'm pleased to share this good news with you! May all goes well for you."

Because the e-mail is sent directly from the affected Hotmail account, it can look extremely genuine - even including the signature set on the account. Strangely, however, there is evidence that the e-mails may be sent manually rather than automatically, with at least one report of a user's surname being misspelled in the outgoing e-mail - despite being correctly entered in the account details.

Microsoft's Windows Live Help site has a number of threads from victims of this attack, but so far there has been no official comment from Microsoft on exactly what is going on. However, Windows Live Help representatives are blaming "a certain Malware[, which] avoids well known anti virus technology" and harvests account details for the attacks - rather than a flaw in the Hotmail platform itself. Representative Angelica A claims that "Microsoft is already investigating to fix this," and points users at a document rather worryingly dated April 2009 - suggesting that these attacks have been going on for quite some time.

The good news for anyone caught out by these Hotmail attacks is that it is possible for Microsoft to recover the deleted contacts list by posting the affected e-mail address along with three of the deleted contact e-mail addresses in the company's Contacts & Address Book forum. The e-mails, sadly, appear harder to restore.

Has anyone here been caught out by the Hotmail crackers, or is Microsoft's explanation that the end user - and their poor anti-virus protection - is to blame for these attacks? Do you believe Microsoft's report that a virus is behind the account hijacking, or is the company attempting to hide a bigger flaw in itsHotmail security model? Share your thoughts over in the forums.

20 Comments

Discuss in the forums Reply
Jamie 3rd February 2010, 15:11 Quote
Hotmail, people still use that?
Redbeaver 3rd February 2010, 15:15 Quote
like a plaque.... yes.....

most ppl use it to get into live messenger. then use gmail or wutever for their "real" emails.
bogie170 3rd February 2010, 15:16 Quote
I do. Its easy. I tried G-mail but my mailbox was constantly full of spam so reverted to hotmail/windows live mail.
proxess 3rd February 2010, 15:19 Quote
Quote:
Originally Posted by bogie170
I do. Its easy. I tried G-mail but my mailbox was constantly full of spam so reverted to hotmail/windows live mail.

Probably if you don't register to funky porn sites that won't happen...

GMail works fine. You can use it in live. I use my old ISP's email account for live tho.
mi1ez 3rd February 2010, 15:24 Quote
Can I blame IE6?

I've always found GMail far and away the best free webmail service (despite the snooping and ads)
msm722 3rd February 2010, 15:41 Quote
Who says "pleased to share this good news with you! May all goes well for you.". Such a failed attempt to sound genuine.

Instantly deleted.
Silver51 3rd February 2010, 15:43 Quote
So you're telling me that the password 'password' isn't secure anymore?

Hotmail is okay so long as you set custom spam filter riles, use a serious alpha numeric password and change the secret question to something that can't be answered by someone who's read your Facebook profile.
Arkanrais 3rd February 2010, 15:56 Quote
I had something similar to this a few weeks back after installing chrome. I got spam emails from my own account, which alerted me to the fact, so I checked my settings, and found some "automated holiday email" thing (sends out custom auto replies to people on your contacts if they email you). I changed my password, deleted the custom message, and told people to ignore any of that type of shite and contact me if they got more from me. My password was pretty strong; having upper & lower case letters, numbers and a couple other text things in it (don't know what to call them).
Luckily didn't get my contacts & emails fudged, but that might have been due to fixing the infection within 15 mins.
Haven't had any problems since.
paisa666 3rd February 2010, 16:20 Quote
i got Gmail for tech newsletters and college Info

Hotmail for personal contacts

Yahoo for crap (like hey i want to download this patch, or try this new mp3 player and i need to register, ok, take my yahoo account :P) Oh, and Pr0n ofc :D
proxess 3rd February 2010, 16:33 Quote
@paisa666 - obviously the smartest thing to do is have an independent email account for crap and pr0n! ftw!
Digi 3rd February 2010, 16:49 Quote
I have received a few of these mails from a friend. I replied to him saying ''SPAM!!'' so surely I won't receive anymore. :)
Farfalho 3rd February 2010, 17:22 Quote
Many friends of mine have reported that they got their contacts deleted but this was some time ago, only know MS has something to say about it? One of them was years ago.

I use hotmail and have no problems really, I'm on my second account because the other was filled with litter and registered to a bunch of things that let spam and ad pass by the filters. Set up another account, no ad's or other kind of spam. Gmail isn't so interesting, the GUI isn't that appealing. Nevertheless, both are good email providers
thehippoz 3rd February 2010, 17:38 Quote
from what's described.. it sounds like someone is just playing with their botnet for some scam cash- he probably automates and can make it look more genuine by readin the emails in the account and reproduce the writing style- maybe alot of people in on it too imo
shanky887614 3rd February 2010, 18:22 Quote
Quote:
Originally Posted by Silver51
So you're telling me that the password 'password' isn't secure anymore?

Hotmail is okay so long as you set custom spam filter riles, use a serious alpha numeric password and change the secret question to something that can't be answered by someone who's read your Facebook profile.


well for facebook mine is blank no one will relalise its me becasue it has a different name to here and email

for the spam thing if you use soemthing lie google you can create spam account easily for example my email could be

john@btinternet.com

and the spam accould could be 123456@yahoo.co.uk

and as a reset question why not do something like "what is your hobby" answer papercraft (no one will guess that and dont try it on my email if you ever find it out i havent set one)
Matticus 3rd February 2010, 22:37 Quote
Quote:
Originally Posted by Redbeaver
like a plaque.... yes.....

most ppl use it to get into live messenger. then use gmail or wutever for their "real" emails.

This!

I only ever get spam in my gmail spam folder, never inbox. My hotmail is set only to receive emails from known contacts, the rest in spam.

Also I am not retarded enough to click on crap.
Faulk_Wulf 4th February 2010, 01:12 Quote
Quote:
Originally Posted by Jamie
Hotmail, people still use that?

What else would I use? I use MSN messenger, not AIM/Yahoo. And I have had this same account for the last 7 years of my life. It'd be more of a pain to change my e-mail then it would be to restore the contacts in my cellphone.

I can check it anywhere and I don't get nearly as much spam as I did when I tried Gmail.

*shrug* Each their own I'm sure, but Hotmail works for me.
KayDat 4th February 2010, 04:30 Quote
Hotmail is shutting down and deleting any emails and contacts if you don't forward this message!

Was anyone reminded of those dumb chain emails when they first read this article? Kinda ironic if you ask me.
javaman 4th February 2010, 05:22 Quote
Quote:
Originally Posted by proxess
@paisa666 - obviously the smartest thing to do is have an independent email account for crap and pr0n! ftw!

Same here.

hotmail = friends/hotmail
gmail 1 = junk
gmail 2 = back up for uni/job related stuff
yahoo = yahoo answers and messanger

yahoo gets hit with so much spam its scary. all in junk folder tho. hotmail gets the least but it lets the most through into the inbox. gmail is by far the best for spam.

In all honest who cares what one you use? You click compose, enter address, type titel and message then click send. does it matter if your address it @hotmail or @yahoo or @gmail?
Xir 4th February 2010, 09:55 Quote
I use Hotmail as a "Nirvana" account, which I use in the dark corners of the web.
Hotmail filters our a serious amount of spam, their filters seem to be quite good ;-)
fodder 4th February 2010, 12:33 Quote
This has been going on since at least 2008. I have two contacts that are always suffering with it, who don't get why a good anti-spyware/malware is essential.

Hotmail is great at filtering spam, as is Gmail. I still use my Hotmail, but as a secondary account for onliine stores etc. Gmail is my primary, I switched because windows mobile started to force me to use the web interface instead of integrating it into outlook. Now I use an Android phone and it is pretty damn perfect.
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.



Discuss in the forums