Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Hotmail's "RE HI" malware
Old 04-22-2009, 01:39 AM   #1
Moderator Emeritus
Nords's Avatar
 
Join Date: Dec 2002
Location: Oahu
Posts: 26,616
Hotmail's "RE HI" malware

My apologies to those of you who've received "RE HI" e-mails from my Nords_Nords address.

Hotmail appears to be susceptible to malware that fills out and activates a user's "vacation reply" setting, causing it to send their spam to an entire contact list. It also creates a new user signature line using the same spam text.

I don't know how it triggered. All my incoming Hotmail goes to a junk folder for screening, unless the sender's e-mail address is already in my "contacts" or "safe" lists. Hotmail's junk folder is supposed to disable links and code and images, so just opening a message to look at its text shouldn't cause the problem. I don't activate junk mail content or click through to spam websites, so I don't know how this attack was started. By the time I saw what was happening the responses were already rolling back in.

It didn't trigger any virus warnings and I don't even know if it was done through my computer or directly on Hotmail's servers. It seems to have happened just once. I've cleared my vacation & signature settings and changed my password, but otherwise I think I'm going to have to wait for virus definitions and Hotmail to catch up to these guys.

Anyone else had this problem? Any other ideas on what else to look for or how to lock the barn door and clean up after it?
__________________

__________________
*
*

The book written on E-R.org, "The Military Guide to Financial Independence and Retirement", on sale now! For more info see "About Me" in my profile.
I don't spend much time here anymore, so please send me a PM. Thanks.
Nords is offline   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 04-22-2009, 06:52 AM   #2
Full time employment: Posting here.
 
Join Date: Oct 2007
Location: New York
Posts: 898
No one's buying your excuses, Nords. I think its pretty obvious you needed some extra income to compensate for investment losses so you've decided to become a spammer.
__________________

__________________
Money's just something you need in case you don't die tomorrow.
Maurice is offline   Reply With Quote
Old 04-22-2009, 07:51 AM   #3
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
donheff's Avatar
 
Join Date: Feb 2006
Location: Washington, DC
Posts: 8,643
Shouldn't have trusted Microsoft.
__________________
Every man is, or hopes to be, an Idler. -- Samuel Johnson
donheff is online now   Reply With Quote
Old 04-22-2009, 08:31 AM   #4
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Ed_The_Gypsy's Avatar
 
Join Date: Dec 2004
Location: the City of Subdued Excitement
Posts: 5,293
Quote:
Originally Posted by donheff View Post
Shouldn't have trusted Microsoft.
What he said.
__________________
my bumpersticker:
"I am not in a hurry.
I am retired.
And I don't care how big your truck is."
Ed_The_Gypsy is offline   Reply With Quote
Old 04-22-2009, 07:09 PM   #5
Thinks s/he gets paid by the post
 
Join Date: Jun 2004
Location: E. Wash
Posts: 1,057
Nords et al
We recently downloaded a free malware tool that has amazed us just how much junk can get on your machine with what looks like innocent web visits. Most of has been adware but recently captured a trojan keylogger--apparently just before it got imbedded when rebooting
If interested the tool is at www.malwarebytes.org
nwsteve
__________________
nwsteve is offline   Reply With Quote
Old 04-22-2009, 07:48 PM   #6
Moderator Emeritus
Nords's Avatar
 
Join Date: Dec 2002
Location: Oahu
Posts: 26,616
Quote:
Originally Posted by donheff View Post
Shouldn't have trusted Microsoft.
Quote:
Originally Posted by Ed_The_Gypsy View Post
What he said.
I'm no Microsoft fanboy but I've had that e-mail address for over seven years, and another Hotmail address for over a decade.

Transferring all that crap over to gmail is easier contemplated than executed...

Quote:
Originally Posted by nwsteve View Post
We recently downloaded a free malware tool that has amazed us just how much junk can get on your machine with what looks like innocent web visits. Most of has been adware but recently captured a trojan keylogger--apparently just before it got imbedded when rebooting If interested the tool is at www.malwarebytes.org nwsteve
Thanks, I'll take a look at it. Gee, with a teenager in the house I don't see how that could possibly be a problem.

The more I read the more it appears to be executed on Hotmail's servers, even managing to get through account passwords. Hotmail has a little 'splainin' & apologizing to do.
__________________
*
*

The book written on E-R.org, "The Military Guide to Financial Independence and Retirement", on sale now! For more info see "About Me" in my profile.
I don't spend much time here anymore, so please send me a PM. Thanks.
Nords is offline   Reply With Quote
Old 04-22-2009, 08:01 PM   #7
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Ed_The_Gypsy's Avatar
 
Join Date: Dec 2004
Location: the City of Subdued Excitement
Posts: 5,293
never heard of 'em.
__________________
my bumpersticker:
"I am not in a hurry.
I am retired.
And I don't care how big your truck is."
Ed_The_Gypsy is offline   Reply With Quote
Old 04-22-2009, 10:36 PM   #8
Recycles dryer sheets
 
Join Date: Apr 2006
Location: Hardscrabble Texas
Posts: 372
Quote:
Originally Posted by nwsteve View Post
Nords et al
We recently downloaded a free malware tool that has amazed us just how much junk can get on your machine with what looks like innocent web visits. Most of has been adware but recently captured a trojan keylogger--apparently just before it got imbedded when rebooting
If interested the tool is at www.malwarebytes.org
nwsteve
I totally agree. Great tool. The free version seems to be all we need. They also provide updates almost daily.
__________________
.....#.....
Poundkey is offline   Reply With Quote
Old 04-23-2009, 10:20 AM   #9
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
TromboneAl's Avatar
 
Join Date: Jun 2006
Posts: 11,197
Quote:
Transferring all that crap over to gmail is easier contemplated than executed...
You could probably do it without transferring anything. I switched from my old Eudora POP account. If I need to find an old email, I just open Eudora and do a search. Ditto with old email addresses.
__________________
Al
TromboneAl is offline   Reply With Quote
Old 04-23-2009, 10:09 PM   #10
Moderator Emeritus
Nords's Avatar
 
Join Date: Dec 2002
Location: Oahu
Posts: 26,616
Quote:
Originally Posted by TromboneAl View Post
You could probably do it without transferring anything. I switched from my old Eudora POP account. If I need to find an old email, I just open Eudora and do a search. Ditto with old email addresses.
Good point. It's just the whole hassle factor, including another layer of complexity to log in every so often to avoid having the Hotmail account deleted.

I'm probably overvaluing the archives. A few years ago I accidentally deleted an old e-mail archive and I've never missed the decade-old file. But I'm lazy and I hate having to change my deeply-ingrained habits...

I wonder if 10 years from now we'll be kvetching about how miserable gmail has become.
__________________
*
*

The book written on E-R.org, "The Military Guide to Financial Independence and Retirement", on sale now! For more info see "About Me" in my profile.
I don't spend much time here anymore, so please send me a PM. Thanks.
Nords is offline   Reply With Quote
Old 04-23-2009, 10:16 PM   #11
Full time employment: Posting here.
Urchina's Avatar
 
Join Date: Feb 2008
Location: Central Coast, California
Posts: 891
Nords, I got hit with the same malware that you did, and cannot figure out how, either. So I'm going to point the finger at Hotmail as well -- someone hacked their system, maybe? Edited to add: DH just pointed out that my hotmail account is on Microsoft's servers, not mine, and so it's unlikely that anything on my computer caused the security breach.

I downloaded SuperAntiSpyware's free anti-spyware stuff and ran it. It cleared a lot of cookies. I also did a full McAfee security update and download. We didn't find anything other than a bunch of cookies. Who knows.

However, about 1/2 the people in my contacts list don't seem to realize that I'm not a grammatically challenged shill for some website, since I got a lot of hate mail for that spam. Seriously, did people think I sent that crap out?

Blech.
__________________
"You'd be surprised at how much it costs to look this cheap." -- Dolly Parton
Urchina is offline   Reply With Quote
Old 04-24-2009, 10:33 AM   #12
Full time employment: Posting here.
Frugality_of_Apathy's Avatar
 
Join Date: Jul 2008
Posts: 622
I had the same thing a month or so ago. some malware got into my hotmail account and started sending out spam to my contacts and others every few hours.

For some reason they recently added a "feature" to hotmail where you can send out a prewritten message at some interval you choose. Had to find this section and delete the automated message. Also changed my password to one using numbers and letters instead of the regular word I had there for the last 12 years.

The only reasons I can imagine they would include such a feature are some executive telling his employees he wants a way to send out a message to everyone once a week saying he's still out on vacation or they just wanted to make spammers' job easier so they could sell hotmail anti-spam features.
__________________

__________________
Frugality_of_Apathy is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
tiny button fix: "Save" edited comment sometimes = "Vote Now" ladelfina Forum Admin 0 09-24-2008 02:22 AM
"Gut feel" versus "evidence-based" medicine Buckeye Health and Early Retirement 10 11-08-2007 11:21 AM
My "Core Plus" Strategy - Feedback on the "Plus" part? milmoose Young Dreamers 24 11-01-2006 10:41 AM
Book reports: "Blink" & "Tipping Point" Nords Other topics 2 12-04-2005 05:15 PM

 

 
All times are GMT -6. The time now is 12:42 PM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.