Hotmail's "RE HI" malware

[Nords]

My apologies to those of you who've received "RE HI" e-mails from my Nords_Nords address.

Hotmail appears to be susceptible to malware that fills out and activates a user's "vacation reply" setting, causing it to send their spam to an entire contact list. It also creates a new user signature line using the same spam text.

I don't know how it triggered. All my incoming Hotmail goes to a junk folder for screening, unless the sender's e-mail address is already in my "contacts" or "safe" lists. Hotmail's junk folder is supposed to disable links and code and images, so just opening a message to look at its text shouldn't cause the problem. I don't activate junk mail content or click through to spam websites, so I don't know how this attack was started. By the time I saw what was happening the responses were already rolling back in.

It didn't trigger any virus warnings and I don't even know if it was done through my computer or directly on Hotmail's servers. It seems to have happened just once. I've cleared my vacation & signature settings and changed my password, but otherwise I think I'm going to have to wait for virus definitions and Hotmail to catch up to these guys.

Anyone else had this problem? Any other ideas on what else to look for or how to lock the barn door and clean up after it?

 

[Maurice]

No one's buying your excuses, Nords. I think its pretty obvious you needed some extra income to compensate for investment losses so you've decided to become a spammer.

 

[donheff]

Shouldn't have trusted Microsoft.

 

[Ed_The_Gypsy]

Shouldn't have trusted Microsoft.

What he said.

 

[nwsteve]

Nords et al
We recently downloaded a free malware tool that has amazed us just how much junk can get on your machine with what looks like innocent web visits. Most of has been adware but recently captured a trojan keylogger--apparently just before it got imbedded when rebooting
If interested the tool is at www.malwarebytes.org
nwsteve

 

[Nords]

Shouldn't have trusted Microsoft.

What he said.

I'm no Microsoft fanboy but I've had that e-mail address for over seven years, and another Hotmail address for over a decade.

Transferring all that crap over to gmail is easier contemplated than executed...

We recently downloaded a free malware tool that has amazed us just how much junk can get on your machine with what looks like innocent web visits. Most of has been adware but recently captured a trojan keylogger--apparently just before it got imbedded when rebooting If interested the tool is at www.malwarebytes.org nwsteve

Thanks, I'll take a look at it. Gee, with a teenager in the house I don't see how that could possibly be a problem.

The more I read the more it appears to be executed on Hotmail's servers, even managing to get through account passwords. Hotmail has a little 'splainin' & apologizing to do.

 

[Ed_The_Gypsy]

www.malwarebytes.org

never heard of 'em.

 

[Poundkey]

Nords et al
We recently downloaded a free malware tool that has amazed us just how much junk can get on your machine with what looks like innocent web visits. Most of has been adware but recently captured a trojan keylogger--apparently just before it got imbedded when rebooting
If interested the tool is at www.malwarebytes.org
nwsteve

I totally agree. Great tool. The free version seems to be all we need. They also provide updates almost daily.

 

[TromboneAl]

Transferring all that crap over to gmail is easier contemplated than executed...

You could probably do it without transferring anything. I switched from my old Eudora POP account. If I need to find an old email, I just open Eudora and do a search. Ditto with old email addresses.

 

[Nords]

You could probably do it without transferring anything. I switched from my old Eudora POP account. If I need to find an old email, I just open Eudora and do a search. Ditto with old email addresses.

Good point. It's just the whole hassle factor, including another layer of complexity to log in every so often to avoid having the Hotmail account deleted.

I'm probably overvaluing the archives. A few years ago I accidentally deleted an old e-mail archive and I've never missed the decade-old file. But I'm lazy and I hate having to change my deeply-ingrained habits...

I wonder if 10 years from now we'll be kvetching about how miserable gmail has become.

 

[Urchina]

Nords, I got hit with the same malware that you did, and cannot figure out how, either. So I'm going to point the finger at Hotmail as well -- someone hacked their system, maybe? Edited to add: DH just pointed out that my hotmail account is on Microsoft's servers, not mine, and so it's unlikely that anything on my computer caused the security breach.

I downloaded SuperAntiSpyware's free anti-spyware stuff and ran it. It cleared a lot of cookies. I also did a full McAfee security update and download. We didn't find anything other than a bunch of cookies. Who knows.

However, about 1/2 the people in my contacts list don't seem to realize that I'm not a grammatically challenged shill for some website, since I got a lot of hate mail for that spam. Seriously, did people think I sent that crap out?

Blech.

 

[Frugality_of_Apathy]

I had the same thing a month or so ago. some malware got into my hotmail account and started sending out spam to my contacts and others every few hours.

For some reason they recently added a "feature" to hotmail where you can send out a prewritten message at some interval you choose. Had to find this section and delete the automated message. Also changed my password to one using numbers and letters instead of the regular word I had there for the last 12 years.

The only reasons I can imagine they would include such a feature are some executive telling his employees he wants a way to send out a message to everyone once a week saying he's still out on vacation or they just wanted to make spammers' job easier so they could sell hotmail anti-spam features.