Escalating Gmail/Spamming Attacks 139
We've been getting submissions about an uptick in compromised Gmail accounts in the last few days, but nothing that could be substantiated. Robert McMillan did a bit of digging and now reports in PC World that "Google is investigating a growing number of reports that hackers are breaking into legitimate Gmail accounts and then using them to send spam messages. The problem started about a week ago but seems to have escalated over the past few days. ... [I]n forum posts, Gmail users note that the hackers appear to be sending spam via Gmail's mobile interface — which gives mobile-phone users a way to check their Gmail accounts — and wonder if there may be a bug in the mobile interface that is allowing criminals to send the spam. ... Google says there's no Gmail bug. ... 'Spammers may sometimes use a mobile interface to access accounts they have already compromised because it's simpler for bots to use this method at large scale.'" Here's how to tell if your Gmail account has been accessed by bad guys, and what to do about it.
Got mine too (Score:5, Informative)
And I had a pretty secure password. Now it is much more secure.
I got lucky, noticed the odd activity (from Texas no less) and jumped all over fixing it.
Re:They have a point (Score:3, Informative)
There's been quite a bit of talk on this lately. See for instance this post at Sophos (not exactly a no-name company) http://www.sophos.com/blogs/sophoslabs/?p=1156 [sophos.com]
Re:Breaking in? (Score:1, Informative)
breaking, or more accurately to break and enter does not actually refer to the process of causing damage to enter a property. It is simply the act of breaking or passing through the defined boundary of a house or property you are not supposed to be in. As such you can break and enter a building by walking through an open door.
Re:This happened to a family member . . . (Score:3, Informative)
On a side note, GMail, by default, does not require an SSL connection. I wonder if anyone who was hacked had their settings set to require that.
This used to be the case, but they've changed now. http://www.wired.com/threatlevel/2010/01/google-turns-on-gmail-encryption-to-protect-wi-fi-users/ [wired.com]
Happened to me last week (Score:4, Informative)
Yeah this happened to me last week and had a secure 8 character password made up of random letters and numbers. I'm not sure if it was a hack or maybe I just got sloppy and used that same password on some other site were I also provided my e-mail and they somehow got it that way. I'm not sure if I had the SSL setting enabled because when I went to set it, neither the http or https radio button was set. I had also just written up an automated perl server monitoring script a few days before that would use the account to send an automated message (via SSL) but that could have been coincidental, who knows? All they did was send Viagra spam to all the contacts. I immediately changed the password and also made the security question/answer nonsense since I can remember my damn password. Only check the mail from my Macbook or iPhone.
Re:Happened to one my accounts as well (Score:4, Informative)
GMail shows a captcha after a few tries.
Re:Breaking in? (Score:3, Informative)
Is that a reference to the antique method of springs and tumblers which can be easily displaced with a pick and a tensioner, or the fact that most residential locks have up to 6 pins cut to one of ten depths (10^6 combinations or less) or the fact that a bump key will open almost any lock that you may encounter?
Re:/me too (Score:3, Informative)
obnoxiously there's no way to report the incident to google. all the help stuff is self-serve and the "send feedback" link is a closed beta.
It's irritatingly hard to find, but there is a way to report it. http://mail.google.com/support/bin/answer.py?hl=en&answer=50270 [google.com] My significant other's account got hijacked yesterday and Google did react less than half an hour after we filled out the form.
Re:This happened to my significant other (Score:3, Informative)
Here's my password: Nicefuckentryyoustupidassholethisisslashdothowstupiddoyouthinkweare?
Which actually means: "I have never read bash.org [bash.org]."
Investigation on Google forums (Score:2, Informative)
Interesting investigation work on the Google forums:
http://www.google.com/support/forum/p/gmail/thread?tid=77127463d8f40cb6&hl=en