Home page logo

basics logo Security Basics mailing list archives

Re: MSN virus
From: Todd Haverkos <infosec () haverkos com>
Date: Thu, 04 Feb 2010 11:48:30 -0600

xiandu () latech edu writes:


My MSN contacts told me that they obtained a message from me to go to
website although I was not on MSN. I hear it is virus and have no idea
about the nature and removal methods. Could any experts help?


Hi Xian, 

I don't feel expert at this specific issue by any stretch, but a
friend of mine who is a hotmail user also recently had a hotmail
account compromised in what sounds like a similar fashion.  She found
out through friends since all her hotmail contacts had received a
message from her account saying she was out of the country, in
trouble, and needed money. Her account had the password changed and
she was locked out.  I think similar things have targetted facebook

I wasn't able to determine the root cause of her compromise.  It
didn't seem to be malware on her home computer, or a laptop she'd
used, but a relative's computer may have been involved (which wasn't
available for analysis).

She vaguely recalled clicking on an attachment or URL in her email
while using the relative's computer that roused her suspicion, but
that incident preceded the emails went out to all contacts and the
password getting changed by a day or two.  

The good news is that Microsoft was able to get her control of her
account again--it took a few days.  There was some help link on
hotmail where she could report a hijacked account. 

I'm not sure if the thing she clicked on 2 days before the mail went
out _was_ the attack, or if it was an attack on password reset
questions, or brute forcing of bad passwords, malware keylogging
passwords on compromised machines, or some web application based
vulnerability in msn or hotmail themselves... but I'm curious of
others experience of similar issues.

Todd Haverkos, LPT MsCompE

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]