Brute Force Attacks Target Yahoo! Mail Accounts

According to the security experts, attackers are targeting Yahoo for the past two years, i.e. 2007 and 2008, successfully cracking account passwords through automated password cracking programs, commonly known as "brute-force attacks". These attacks are launched on authentication application based on Yahoo Web services, supposedly used by ISPs as well as third-party Internet applications.

Brute force password attacks have been taking place for long. These attacks typically signify the least sophisticated method of hacking accounts.

Ryan Barnett, director of application security research at Breach Security, figured out that the flaw exists in a Web application that automatically starts the process of logging in to the extensively used webmail services. Due to its failure in carrying out a range of security checks followed by the login page typically used by Yahoo! Mail users, it is giving a backdoor entry to hackers for infringing users' accounts, as reported by The Register on September 18, 2009.

Once the accounts are breached, it becomes simple for spammers to boost their spam campaigns, as spam filters usually don't block the webmail services. Not only this, criminals can use these breached accounts to break into more lucrative accounts, such as the ones used for financial services like bank accounts.

Barnett further said that it is well known that spammers look for the most overt Web interface for launching brute force assaults. Most of the webmail service providers track the number of login attempts made, reported techtarget.com on September 15, 2009.

He also said that once the accounts are breached, spammers exploit them in conducting malicious activities, such as such as acquiring account holder's personal details.

The method also allows spammers to identify with geographic locations of their activities, which makes their spam campaigns appear more real and appealing.

Barnett noted that gauging the size of brute force assaults is quite difficult, but they are
continuously going on. The attackers do not consider single user account. As the online
authentication application is not equipped with anti-automation defense, automated scripts are set up by the attackers to cycle through possible usernames and common passwords.

To conclude, Barnett said that what attackers are sending is just a snippet of data, which is yet another strategy employed by spammers to boost their campaigns.

Related article: Brit Computer Users Third-Most Targeted by Cyber Criminals, Says Report

» SPAMfighter News - 10/9/2009