Yahoo and Hotmail Users Targeted by Complex E-mail Attacks
Recently, security researchers at the security firm Trend Micro unveiled a new series of targeted phishing attacks on the users of Microsoft Yahoo Mail and Hotmail services.
In the Hotmail attacks, users were targeted through phishing e-mails that took advantage of a flaw in Microsoft's e-mail service to compromise their contacts list and facilitate rogue forwarding settings.
This method, of inserting a rogue e-mail forwarding address, enables cybercrooks to read all of their victims' personal and confidential e-mails and was also utilized in the Gmail spear phishing attacks.
According to a security researcher, users are strongly recommended to regularly check their forwarding settings for any e-mail ids, which they don't identify. If some address is found, it's a positive indication that the account has been hacked and they should instantly modify their passwords, as reported by Softpedia on June 3, 2011.
Unluckily, Yahoo Mail users were also attacked by the campaign that tried to steal users' cookies to gain access to their private e-mail accounts. During the attack, cybercrooks dispatched Yahoo Mail users an e-mail enclosing 2 attachments, one being a malware ridden document and the second one being a faulty cross-site scripting exploit, eventually rendering the attack ineffective.
Commenting on the matter, Nart Villeneuve, Senior Threat Researcher at Trend Micro stated that, the varied series of attacks against e-mail services shows that the crooks are finding novel and progressively complex techniques to gain access to users' e-mail accounts and access their private details, as reported by CRN on June 3, 2011.
He further added that, these events show that besides targeted attacks that direct users towards malware ridden attachments, generally PDF and .DOC files, crooks are trying to exploit flaws in famous web mail services to hack webmail accounts, to view details and to access information to plan future attacks.
Interestingly, Trend Micro's report of attacks on Hotmail and Yahoo comes few days after Google notified regarding a series of attacks on its Gmail service, which attacked the accounts of both government personnel as well as political activist groups.
Villeneuve stated that, although there was resemblance in the attacks, Gmail could not find proof directly associating the Hotmail and Yahoo Mail operations to the Gmail case, as reported by V3 on June 3, 2011.
Related article: Yahoo Gets “Yam”med by a Worm
» SPAMfighter News - 14-06-2011