Tuesday, November 27, 2012

Email Hacking Yahoo: I always tell my clients to use gmail and this is another reason why

hacking yahoo
Hey, Yahoo is a great email service, no doubt about it. Yes, I have some email account there but not my main ones.

Just keep in mind that Yahoo it is owned by Microsoft - so that tells you something - right? Gmail offers more features to manage your email. Plus, most important to me and my clients, it offers free email forwarding. To do that in Yahoo you're gonna have to pay a subscription.

Gmail also also you to receive email from multiple account in one place for free. But i don't want to rant about how I enjoy email today. I just want to share this news story about someone hacking yahoo accounts (see below). Be safe.

Steu


An internet hacker has offered to sell code that will allow a person to hijack Yahoo email accounts.

The hacker, said to be an Egyptian who goes by the username TheHell, has offered an exploit for the price of $700 on an underground cyber crime community called Darkode.

It works when AN unsuspecting email user clicks on a malicious hyperlink, sent in an email. By clicking on the link they unwittingly allow a cyber attacker access to their Yahoo Mail account.


'After the victim clicks the link, he will be redirected to the email page again,' a YouTube video advertising the hack said.
Online security blogger Brian Krebs noticed the publicity from the suspected hacker last week.

The exploit 'targets a “cross-site scripting” (XSS) weakness in yahoo.com that lets attackers steal cookies from Yahoo! Webmail users,' he explained in a blog posting on his website Krebs on Security.  

'Such a flaw would let attackers send or read email from the victim’s account. In a typical XSS attack, an attacker sends a malicious link to an unsuspecting user; if the user clicks the link, the script is executed, and can access cookies, session tokens or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page,' he added.

Krebs informed Yahoo about the intended attack and the internet company said their security team is responding by fixing any potential vulnerabilities. 

'Fixing it is easy,' Ramses Martinez, Yahoo director of security told Krebs. 
'Once we figure out the offending URL, we can have new code deployed in a few hours.'

Krebs informed Yahoo about the intended attack and the internet company said their security team is responding by fixing any potential vulnerabilities.
'Fixing it is easy,' Ramses Martinez, Yahoo director of security told Krebs. 
'Once we figure out the offending URL, we can have new code deployed in a few hours.'

Read more: http://www.dailymail.co.uk/news/article-2238959/Millions-Yahoo-Mail-accounts-vulnerable-email-hijacking.html#ixzz2DRXqJjkj


--------------------------------------------------------------------------------------------------
Steu Mann is an SEO Specialist. He has been successfully working with online technology since 1997. Follow him on Twitter at @EzWebManifest. If you enjoyed this article, you can subscribe to receive Free Web Site Tune Up Tips in the future.

No comments:

Post a Comment