 SnowymIRC unix.ro UnderNetPremium
join:2003-04-05
Kailua, HI
kudos:5
 ·RoadRunner Cable
 ·Clearwire Wireless
| reply to MGD
Re: Hotmail hacked? said by MGD:There is something else at work here, and it may involve direct scripting exploits at their end, or insecure session cookies that can be hijacked. It could also be as fundamental as a common list of fairly uncommon passwords, or even common ones for that matter.
I suppose it wouldn't be too difficult to query a few hundred thousand hotmail accounts in a day using one less login attempt than would trigger an account lockout with hotmail, or anyone else. |
MGDPremium,MVM
join:2002-07-31
kudos:9 | Yes, they could run consecutive scripts after a wait time from multiple IPs and over time go through a load of passwords. I am not sure what the account lock out settings are for Hotmail.
They can also accrue the contacts in each account to provide a never ending pool of addresses. nwrickert  's phishing scenario is also valid, as I am sure they are not limiting themselves to a single vector. The issue for Live Help though is that there are such a wide range of victims that their error is just assuming that every compromised account report equals a victim who was conned out of their password or has an infected machine.
Many of the reports also describe an after effect of a malfunctioning account. Presumably the operation of sending spam to batches of a half dozen addresses at a time, and the addition of a spam signature is also a scripted event.
Though there are a considerable amount of similar reports over a long period, I do not see any reports of the known method of compromise, or detailed analysis. Clearly though, the purpose is identical, and the accounts appear "borrowed".
MGD |
