hacker.org

10,000 email accounts cracked.

What's the deal? How'd it happen?
Where did they get posted?
How can we prevent this from happening again?

Anyone able to provide me with information?

S3th wrote:10,000 email accounts cracked.

What's the deal? How'd it happen?
Where did they get posted?
How can we prevent this from happening again?

Anyone able to provide me with information?

Okes first off, nothing of your just provided sentence made any SENSE.
Second, lol.

That's fine, I'll wait for someone that understands English and gets what I mean

S3th wrote:That's fine, I'll wait for someone that understands English and gets what I mean

For starters Liidian, shut the hell up, I haven't seen a sensible post come from you yet.

Now for s3th, where did you here about this. Can you send a link to an article or something? There are many ways to go about cracking webmail. A system's security is only as strong as the weakest point.

http://www.theage.com.au/technology/sec ... -gllm.html

“Over the weekend Microsoft learned that several thousand Windows Live Hotmail customers’ credentials were exposed on a third-party site due to a phishing scheme. As always, upon learning of the issue, we immediately requested that the credentials be removed and launched an investigation to determine the impact to customers."

http://blogs.zdnet.com/igeneration/?p=3015

http://www.lockergnome.com/griffin/2009 ... erto-rico/

A few articles claim SQL, others Phishing.
I was just wondering if anyone has more information, how it was done? How to prevent? And if possible the site where it was all posted, so I can check if any of my email address were leaked.

Well, as for the SQL injection that occurred, They didn't compromise any individual account, nor did they compromise the actually servers. They managed to alter the DNS records to the Puerto Rico based sites of google, yahoo, microsoft, msn, and hotmail. In doing this they were able to have the URLs to the legitimate sites redirected to their own pages. Again no account compromise here, in fact they didn't even get into the servers. (at least that's what the article says)

As for the accounts that were compromised, all phishing. In other words stupid users receiving poorly written email's requesting their information, and being conned into providing it. If you haven't fallen for these scams you shouldn't have a problem.

Now as for preventing this kind of compromise, let's start with malware, keeping the AV up to date is obvious. But also you may want to turn of all scripting from sites that aren't trusted. This will help prevent the unknown loading of malware from the browser, that AV may have definitions for.

Then the phishing part, well I'm sure your familiar with that, No one should ever be asking for your credentials (username and password) so don't give it out. Also, report the sender to their ISP's abuse people. Sure they will just make another account once there's gets deleted but then you do it again, and again, and again. Eventually, if it's occurs enough times from the same IP address or block of IPs they will probably ban the IP. This stuff won't stop them but I should annoy them and help slow them down. Just think if everyone did this every time they received a phishing email. The abuse mail box would overflow.