PDA

View Full Version : OT Computer Virus Warning...



Martin Shupe
03-08-2003, 1:41 PM
Today I tried to log on to AOL, and found my account had been blocked by AOL. I was instructed to call an 888 phone number to talk to an AOL rep.

Turns out my account had been hacked, then they had used my account to spam 965 people with a Viagra ad. They gave me a new, temporary password, and told me to log in and change my password immediately. I looked in my "sent mail", and was able to see the spam that was sent in my name. Now I hate spam as much as the next guy, so to think that my email address was at the top of a spam email makes my blood boil. If I could ever get a hold of this creep, he would never do this to me again.

I am running Norton antivirus, and it updates automatically, so I can't figure out how this happened.

Can one of you folks that knows more about computers explain this to me? How did he get my password? How often should I change my password?

Thanks!

Jason Roehl
03-08-2003, 3:01 PM
Sounds like he hacked into your account at AOL, not your home computer, which is why Norton AV couldn't have done anything. He could have been in Timbuktu for all you know. It stinks, but there is probably not much you could have done. Could even have been a security problem at AOL, and they've just got too much egg on their face or pride to own up to it.

Jason

Dave Arbuckle
03-08-2003, 6:25 PM
Without seeing originals of the e-mails sent, this is all guesswork. What part of the story you've given doesn't make much sense.

I just logged onto my e-mail to see the latest pile of garbage dumped. Here are four "From" addresses:

Ewyzo88m7OP9cg6@netscape.net
dilawar2@catherineirishman19.com
blondell_tumbaga@lendingchoices.net
simplenews@deepinformation.com

Of them, maybe the 4th one is a real address. catherineirishman19.com is not even a registered domain name. The netscape one, I would bet does not exist.

What a lot of people don't understand is that the "From" address is not necessarily where the e-mail came from. There is a technical method (that varies according to your e-mail system) to see the routing of the e-mail, which can get you closer to knowing where the mail is from.

The thing that doesn't make sense, is AOL's techs thinking your account was "hacked" (for whatever definition of hack they happen to be using). General opinion doesn't assign a whole lot of clue to AOL, but this is unusual. I guess in theory a spammer could use a found AOL password to log on and send mail, but that would be about the stupidest thing ever. They have their own mail servers that are a lot faster.

All in all, Martin, I would clock this up to cluelessness at AOL's abuse desk. A good ISP (like Hampton Roads, I'll bet), would have looked at headers, and if the mail didn't actually originate with you they would have either ignored it or helped the sender discover where it actually did come from.

Dave

Dave Hammelef
03-08-2003, 6:43 PM
But Dave,
He said the messages were in his Sent box. Which from my VARY limited knowledge means they had to be sent from his address. I know of spam that puts false address in the from window, But they do not put mail in your sent box. (Do they).

Dave

Dave Arbuckle
03-08-2003, 11:34 PM
Duhhh. No, Dave, I completely spaced over that. My assumption was that was he was referring to was bounces, the words "sent mail" apparently not being clear enough for me. (insert whichever of the little smiley guys means embarassed here)

I'm surprised in this day that a spammer would bother cracking an account to run their spew.

Dave

Dave Hammelef
03-09-2003, 3:13 PM
Originally posted by Dave Arbuckle
....

I'm surprised in this day that a spammer would bother cracking an account to run their spew.

Dave

Me to. I would almost think kids but the topics dont sound like someone just messing around. Very odd.

Dave

Keith Outten
03-09-2003, 5:16 PM
I remember a post recently where someone admitted to using the same password on all of their accounts. Let me tell you why this is a very bad idea. If the malicious little cracker that used Martins AOL account had used it for breaking into someones network instead of spamming then Martin would have been visited by the FBI.

This kind of thing happens to us at HRO and I have had to get involved to help keep my members out of trouble, most of the time it is their children who do things they shouldn't do based on their friends giving them bad advice but sometimes their account passwords are cracked. Crackers know that every web server you connect to and every email message contains the IP address of your ISP, read this carefully people...I just told you that everywhere you go on the Internet you are tracked by the server logs. These logs maintain the exact IP address and the exact time that you connected, this is one way it is possible to track what people do on the Net.

If I crack Martins account and login to AOL and then do my dirty deed it will be Martins account that they end up at when they trace the IP address back to his ISP. The ISP then searches his logs and gives the FBI Martins phone number and address when the FBI shows up at their office with a warrant.

Martin then needs an attorney to help get him out of the trouble he is in, remember that cracking into a network is a felony and this is why the FBI is gets involved.

We have never allowed any of our members to use cute little passwords, dogs name, pet name's for the wife or husband, their SSN, their home address or any password that doesn't use a combination of letters and numbers. This is a real pain but we do this to protect our members. Most ISP's don't care and they will let you do anything to get their monthly fee!

Is your Internet Provider is one of those really big guys...do the people who work for them sell your information to their friends? Your ISP has access to your passwords, credit card numbers, etc, and can easily copy all of your email to anyone they want to, its illegal but it is done.

I could write a book here but you get the message I hope. I have been an Internet Provider for eight years and you wouldn't believe the things I have seen. The majority of the people who use the Internet don't even know how to protect themselves or their credit card information. Like anything else the Net can be safe if you learn to protect yourself !!!

I have saved every member of my network that has had a warrant served except one...he got a fifteen year stretch in a federal penitentiary and there was nothing I could do to help the young man.

Tony Falotico
03-09-2003, 6:24 PM
Did he do something wrong to deserve the 15 yrs or was it a bum rap?

Keith Outten
03-09-2003, 7:26 PM
Nope! I wasn't a bum rap the guy was guilty and got caught.

Another one of my members was caught and they had him dead in their sights...but it turns out that he was in Panama when his room mate used his computer to do the dirty deed. Since he was in the Army it was easy for him to prove he was out of the country. I don't know what happened to his room mate but I would bet the farm that he is doing very hard time as the military has a very short fuse when enlisted men get caught doing things they shouldn't.