April 6th, 2004 07:31 PM
Account hijacked 2x in 1 week
My hotmail account was hijacked ( this is not a please help me get the password to " blank " account ) - password and secret question changed - after I recently opened it... So, I opened a new account, this one with the answer to the secret question and the personal access data inaccurate so to keep out anyone that knows me personally.... And that account was hijacked also... But this is only in Hotmail.. my other web based email accounts I've had for years are un-molested..
What I have done:
Now I run a stand alone desktop, I live alone, and no-one can have access to my pc without me knowing it, and no-one has for months. There is no way someone can see see my key strokes thru the window, and I do not, and have never kept passwords on a post-it note anywhere, and I always use passwords that have #s,_, etc w/ no personal relevency... If anyone were splicing into my phone line I'd know it.
Now, mentioning key stokes, I use AV and a firewall up-dated almost everyday and run every day. I put the computer down, and in safe-mode ran my just that minute up-dated AV (AVG) on the system... nothing, no loggers, no trojans, back doors, worms, virii, etc.. No alerts from the firewall for known or unknown progs trying to access the internet in anyway ( ZA configured so nothing has permission to connect w/o request )
One potentail weakness I'm aware of is that I use MSN to chat with friends in different countries... However, my AV checks all files DLed this way as soon as they arrive. I only use MSN with my contacts, I never waste time in chat rooms...
I know there used to be progs for brute-force/dictionary attacks on Hotmail, but to my knowledge non of these types of attack is effective since Hotmail, Yahoo and other web-based email carriers implimented the policy of temporary account access disabling after x# of failed password attempts... The only other thing I can think is there is some form of a page redirect tool being used, but wouldn't that still entail access to my IP session(s) while I connected to my account, and thus my other webased email accounts, etc?
So finally, does anyone have an idea how someone could be doing this to me? Have I missed some obvious "Doh!" type of detail here, or is there some new Hotmail (/Yahoo/Aim/ etc) hacker program out there? What havn't I done, what could I do to to prevent this?