Johnny50

Hi there.

Someone has managed to change my hotmail account password.

This is the second time it has happened.

Is there anything i can do to prevent this, and find out who is doing it ?
I've got nothing of interest in my account, but it's rather annoying.

Thanks
Johnny

StickyMicky

stop haveing a easy to guess secret question??

i used to have "what colour is my car" how daft was that

Mr.Cookie

StickyMicky


Depends was your email addy man_with_blue_car@hotmail.com

Si
Ps blue is a guess folks just incase he's not changed password

Mr.Cookie

Johnny

Do you log into msn anywhere like internet cafe, work where other people can use pc etc etc

Si

lightning101

If you set up another hotmail account - then use a small hack from astalvista.com - you can get into any hotmail account - ALLEGEDLY.

scatter_wrx

Do you use the password reminder (i.e. the Forgotton your password" link)? If you do, then make sure it's not an easy answer to the question.

For example:
Reminder Q: What is the best premiership footie team?
Answer: Chelsea

Anyone would get that right & then be able to change your password!

StickyMicky

mr cookie, no its not

m1ckyowens@hot
etc etc

but theres plenty of people who could easily find out my cars colour (it was my old vectra)

one person who was a regular actualy changed my password while messing about, hes a honest kid, and apoligised and told me (probs read all my **** mails tho )

then he showed me how it was done, i set that secret question a long long time ago when i 1st got online, the problem was all my fackin cars have been white lmao, he told me the new password i thanked him and chanegd the question to sumthing else (whats my first name )
lol

Markus

It's going to be one of a few things

1) you've logged into MSN somewhere and the account has been left logged in and someone has changed it

2) somone has supplied the corect information andcorrect answer to your secret question. Seem to remember they use your birtday or postcode as verification so when you change your details put in a bogus birthday/postcode, obvisouly remembering what you did put in

3) someone is using a hacking prog to get in.

I think 1 and 2 are more likely than 3 though.

ianmiller999

Somebody I know thought it would be funny to mess up my hotmail account before, to the stage where it said that the email address did not exist. But as I knew who had done it, I threatened them with a major beating if they didn't sort it and lo and behold my account worked 5 minutes later.

Never found out how he did it.

ianmiller999

Just found a programme which claims:

Written in Delphi 6, this trojan exploits the MSN Logging feature on MSN 6 Beta (at the time of writing). Once infected, a machine can be connected to with the client, and all conversation logs from any account used at that machine, can be downloaded. In addition to this, the server is totally undetectable, halts many firewall/AV systems, and allows E-Mail and ICQ Notification of the victims IP Address. Also, if the user disables Message logging on this machine, everytime the server receives a signal from the client.

Johnny50

Thanks for all these replys fellas.

Yep, the answer to the secret question aint hard...
But i never log on in a public place...always at work.

Cant be anyone there, i can guarantee that.

I rekon i'll change my secret question to something completely obscure.

THanks again

Johnny

Gedi

Its really not as easy as people think to directly gain access to hotmail (etc) accounts.

We get questions about hacking hotmail quite often both as a hacking magazine and IRC security channels (#hackuk etc....plug heheh) and usually ignore/flame/ban them. But this is deffinitely an exception as your on the other side of the fence.

Accounts are usually compromised via other means like social engineering, not in the way most people think.

On this occasion, (assuming you haven't fallen for SE tricks) I would guess you could be zombied. This is only a guess, as its impossible to say without analysing the machine.

Do you check for outbound connections on your machine?

jason4656

there is only one way as far as i know, it works something like this

1 you go to the page where it says relogin to hotmail, save that page as in ur computer.

you then host a certain type of software setup(wont mention who) which running mdb and asp you can do a little editing of the html and make that page look like the person whos email you want to steal is logging in.

So then the software will generate and send mail using cdonts although the headers are identifiable, most people wont check this so you can make the mail look like it came from anywhere you want.

So you send an email saying, "msn greeting card" something like that, the user clicks on the link, which is actually on ur server(this is osmething you have to disguise, using long folder names i found was best as new ie6 security patches exposes you) then when the user types in their password, its taken, and the page they were previously looking at is deactivated, so if they click the link again to see if anything is suspicious, the page is gone.

I actually tried this(with permission of course) and i did manage with a few goes, to get it to work, however if you dont have web hosting knowledge and some asp/html experience i wouldnt even bother

Gedi

Many many more.

I remember first seeing a variant to that method in either phrack or 2600 in the nid 90's

jason4656

ok then one that works, there are lots of so called keystroke loggers but you have to get someone to accept files over msn or whatever, that way you are in control and unless the person is really clued up, it will work

scunnered

iTrader: (1)

On the mention of keyloggers, could it be possible that your IT dept. has a version of this in place, and one of the IT people might be having a bit of fun at your expense.

R1916v

If th ecompany uses decent weblogging software they won't need keyloggers, ours logs absoutely every click and keyboard press a user does on a website

Scooby96

Do keyloggers record a password if you cutr and paste it into the password field?