So gmail was hacked
Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: So gmail was hacked

  1. #1
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683

    So gmail was hacked

    Hi Guys,

    Got about a 4th mate whos gmail aco**** was compromised. Now they are not network gurus but I did train them to have complex password , more than 10 characters, mixed characters, number etc.

    But they just let me know that two of there accounts was hacked.

    What is the deal here?

    They do not open a mail they are not 100 % sure of the legitamacy. AV running permanently on their PC. Without a keylogger in the background how is this being done.

    Do you guys use Gmail or another service?
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  2. #2
    HYBR|D
    Guest
    There was a unpatched 0-day floating around recently.

    Other then that tell them to change there passwords secret question etc and to check it they have forwarding or pop3 enabled in settings etc.

    also how often do they log into the actual gmail account from https://gmail.google.com ?

    if it's like hotmail/live etc if you don't log into the actual e-mail account they shut the account down and others can re-register the account and get the past owners e-mails.

  3. #3
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Tip....never believe users....they lie. They open stuff and click on links all the time.

    Alot of the new malware is using social engineering and unpatched applications\oses ...just watched a great video on you tube about the varied attack vectors...specifically the Zeus variants

    http://www.youtube.com/watch?v=CzdBCDPETxk

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  4. #4
    Junior Member
    Join Date
    Jul 2010
    Posts
    1

    Thumbs up

    Quote Originally Posted by morganlefay View Post
    Tip....never believe users....they lie. They open stuff and click on links all the time.

    Alot of the new malware is using social engineering and unpatched applications\oses ...just watched a great video on you tube about the varied attack vectors...specifically the Zeus variants

    http://www.youtube.com/watch?v=CzdBCDPETxk

    MLF
    agree with this comment.beware with shortlink at your inbox

  5. #5
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Downloading now, thanks MLF.

    edit: the 0 day attack you are talking about is Adobe reader, right?
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  6. #6
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Yes...adobe is definitely one of them

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  7. #7
    HYBR|D
    Guest
    Quote Originally Posted by morganlefay View Post
    Yes...adobe is definitely one of them

    MLF
    add a little ajax handling into that also.

    also nice Video morgan

  8. #8
    Senior Member SnugglesTheBear's Avatar
    Join Date
    Jun 2010
    Posts
    133
    This 0 day you speak of Hybrid, tell me more. Are you referring to encoding an email with these scripts and gmail renders and runs the script within the email or is it an actual attack on the google servers since they are using AJAX improperly? DETAILS! GIVE THEM TO ME!!!..... please?

  9. #9
    HYBR|D
    Guest

    Smile

    a little bit from column "A"

    there are loads of "fun" 1 can have with badly handled ajax parsing for instance VB3.8.4 has a nifty ajax issue.
    Last edited by HYBR|D; August 30th, 2010 at 01:36 AM.

  10. #10
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Some of these guys save their user / password in a plugin to IE to save these passwords. They say that by doing this to autocomplete their credentials keyloggers cannot get hold of their data.

    Strangely enough only the username / passwords saved here are the accounts that were hacked.

    It is a legitimate plugin so what gives o_0 ...
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

Similar Threads

  1. Gmail Account Hacking Tool
    By MrLinus in forum Miscellaneous Security Discussions
    Replies: 13
    Last Post: August 26th, 2008, 03:16 AM
  2. Use Gmail are a virtual hard drive.
    By SDK in forum General Computer Discussions
    Replies: 0
    Last Post: October 11th, 2004, 06:26 PM
  3. Are Hotmail And Yahoo! Blocking Gmail Invites?
    By yourdeadin in forum AntiOnline's General Chit Chat
    Replies: 12
    Last Post: September 16th, 2004, 11:55 AM
  4. Gmail not secure
    By phunction in forum Web Security
    Replies: 29
    Last Post: September 8th, 2004, 11:47 AM
  5. Gmail flaw -- April 27, 2004
    By MrLinus in forum Web Security
    Replies: 3
    Last Post: April 27th, 2004, 08:51 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •