Massive number of Yahoo email accounts compromised

18 points

13 years ago

Many complaints are showing up on Twitter [1] about compromised Yahoo! mail accounts. I received a propagation attempt email today from a friend with a Yahoo! account. The payload was a URL presumably pointing to a malicious web page.

Apparently there is another method to compromise an account besides the malicious web page, as people are reporting old, unused accounts being used to send the emails containing the malicious URLs.

An article today on the UK-based PC Pro site titled "One in ten emails from BT accounts is malicious" [2] discusses the current rash of account compromises on Yahoo! as Yahoo! is the provider for email services offered by BT to its customers.

This is not the first time Yahoo! mail has suffered a compromise recently. An article last January describes an ongoing campaign targeting Yahoo! mail accounts: "How Yahoo allowed hackers to hijack my neighbor's e-mail account (Updated)" [3]

Two articles appeared two weeks ago about Yahoo's email woes, one was: "Yahoo Mail reportedly loses key customer following mass hack attack". [4]

[1] https://twitter.com/search/?q=yahoo%20hacked

[2] https://news.ycombinator.com/item?id=5897030

[3] http://arstechnica.com/security/2013/01/how-yahoo-allowed-hackers-to-hijack-my-neighbors-e-mail-account/

[4] http://arstechnica.com/security/2013/05/yahoo-mail-reportedly-loses-key-customer-following-mass-hack-attack/

11 comments