PDA

View Full Version : BackDoor Intrusion



sam-c
February 21st, 2015, 10:31 AM
Since 16th of Jan 2015 My Ubuntu Computer has stopped recieving Yahoo e-mail as very Dangerous Bakdoor E-mail Sent in my Name.
Still looking Complete Solution!
:mad:
Many Thanks
Uncle Sam

lisati
February 21st, 2015, 10:38 AM
Change your Yahoo password a.s.a.p. Even if your email address was forged/faked/spoofed, well, it's Yahoo...... :(

sam-c
February 22nd, 2015, 12:31 AM
yes I did of course
Thanks
Uncle Sam

fugu2
February 22nd, 2015, 08:12 AM
If its feasible for you to do, you might consider changing you email address also. If your email address is being forged, it might make it harder for someone to impersonate you (unless they can get your new address).

sam-c
May 5th, 2015, 07:22 PM
What about Snappy Convergence and this Security Problem?

SeijiSensei
May 6th, 2015, 12:17 AM
As far as I can tell, this problem had nothing to do with Ubuntu. It sounds like the OP's email account at Yahoo was hijacked. That's rather common these days.

QIII
May 6th, 2015, 12:21 AM
Agreed, moved.

Sam-c, if you would like to talk about Snappy please start a new thread in security rather than changing the subject of this thread.

Thanks.

monkeybrain20122
May 6th, 2015, 01:21 AM
Yahoo again. Hahahaha. I am trying to get my dad off Yahoo mail and he won't listen, and this is like the nth time I hear that Yahoo's is hacked.

QIII
May 6th, 2015, 01:32 AM
I'm quite sure the OP does not find this a laughing matter. A bit of decorum, please.

sam-c
May 6th, 2015, 07:33 AM
The Reason that I Added Snappy to the Discussion is that to have Convergence From Desktop thru Laptop Tablet down to Small Device to be secure from top to bottom.
It needs easy to use and effective Security. Do not put all the "Blame" on Yahoo! I liked Marks May 2015 Presentation!):P
PS
Yahoo Israel, Ubuntu Israel Google Israel
Not the Same as Global Companies

Copper Bezel
May 7th, 2015, 07:18 AM
Ubuntu can't make Yahoo! mail secure, man. Yahoo! can't make Yahoo! mail secure.

haplorrhine
May 7th, 2015, 03:44 PM
Yahoo and Gmail are popular, but alternatives certainly exist.

[very old thread] https://ubuntuforums.org/showthread.php?t=107369
https://ubuntuforums.org/showthread.php?t=2125263
http://email.about.com/od/freeemailreviews/tp/free_email.htm
http://www.makeuseof.com/tag/3-secure-encrypted-email-providers-online/

portalhavoc
May 7th, 2015, 04:09 PM
I don't use Yahoo Mail but I can help. Have you tried using an alternative email client like Mozilla Thunderbird or something? :?

sam-c
May 8th, 2015, 02:06 AM
Some of the responses are not to the point.
Yes I am using gmail Now.

as I wrote in Feb Since 16th of Jan 2015 My Ubuntu Computer has stopped recieving Yahoo e-mail as very Dangerous Bakdoor E-mail Sent in my Name.
Still looking Complete Solution!
This Cyber Attack offered some money loan. A friend of mine opened the mail and I guess caused it to spread like fire! Yahoo Blocked my Desktop Computer. This is still
Causing a lot of Harm!
Finally I suggested that Snappy needs Protection and A tool To Clean up the Mails.
Thanks
Uncle Sam

Copper Bezel
May 8th, 2015, 04:42 AM
Okay, so you're using Gmail, but aren't receiving any e-mails from Yahoo! addresses, because their servers have blacklisted you? But that still doesn't make any sense - your computer doesn't "receive" e-mail messages if you're using Gmail. The messages are stored on Gmail's server, and you can access them on any computer you can log into Gmail from. If Yahoo! has the ability to blacklist an external account of yours, it would be your Gmail account, having nothing to do with your computer at all. But I've never heard of this kind of blacklisting.

All of the problems you're having are serverside. They don't happen on your computer, and the services don't care what computer you're using.

You're also confused about Snappy. It's a blend of Ubuntu, nothing more or less, and the only difference from the .deb-based Ubuntu is in how packages are installed, run, and sandboxed. Right now, Snappy only exists for Ubuntu Server. It does not have anything to do with how your home computer communicates with the servers at Gmail or Yahoo!.

lisati
May 8th, 2015, 06:20 AM
If an undesirable email has gone out in your name and which claims to be from your Yahoo email address, it doesn't automatically mean that your Yahoo account was compromised. It's quite possible (and surprisingly easy if you know how) for the sender details to be forged, faked and spoofed. The best way of determining if this has happened is by an analysis of the headers of the offending message(s).

Copper Bezel
May 8th, 2015, 07:14 PM
Yeah, but he said his "computer" no longer "receives" messages from Yahoo!. I don't know what that means without further explanation, but that seems to be the problem he's trying to solve, not the original compromised account or spoofed e-mail.

sam-c
May 10th, 2015, 08:10 PM
I installed Wiley
Thanks
Uncle Sam

lisati
May 10th, 2015, 09:17 PM
Yeah, but he said his "computer" no longer "receives" messages from Yahoo!. I don't know what that means without further explanation, but that seems to be the problem he's trying to solve, not the original compromised account or spoofed e-mail.


I installed Wiley
Thanks
Uncle Sam

Just a thought: it has been a while since I've set it, but there is an option within Yahoo mail's system that needs to be set to allow POP/IMAP access on your computer via an email client such as Thunderbird. I've also heard in the past that Yahoo sometimes liked people to have paid accounts for it to work.

SeijiSensei
May 11th, 2015, 02:51 PM
If an undesirable email has gone out in your name and which claims to be from your Yahoo email address, it doesn't automatically mean that your Yahoo account was compromised. It's quite possible (and surprisingly easy if you know how) for the sender details to be forged, faked and spoofed. The best way of determining if this has happened is by an analysis of the headers of the offending message(s).

That's certainly true, but much less common now that Yahoo uses DMARC. Messages that simply forge the From: header will fail because they won't have a correlated entry at Yahoo.

As someone who manages listservers, I've had a number of subscribers with Yahoo accounts that have been compromised. Usually the purpose is to grab the victim's address book and spam them with messages forged as From: the victim. Servers that don't rely on DMARC checks will deliver those.

There used to be step-by-step videos at YouTube presenting methods to hijack Yahoo accounts. I don't know if there are any that still work.

sam-c
July 1st, 2015, 08:00 PM
Well this may Answer some of the FAQ's
I have Been to Cyber Security Conferences and it is Quite Clear that Around DEC 2014 and Jan 2015 There were International Cyber Attacks on Practically Anything Weak Spots.
Again My Yahoo Mail after being Infected was Blocked as it was spreading the Virus Offering A small amount of Money.
Using gmail only partly solved Problem.
My websites are still suffering
Uncle Sam

CharlesA
July 3rd, 2015, 11:55 AM
Well this may Answer some of the FAQ's
I have Been to Cyber Security Conferences and it is Quite Clear that Around DEC 2014 and Jan 2015 There were International Cyber Attacks on Practically Anything Weak Spots.
Again My Yahoo Mail after being Infected was Blocked as it was spreading the Virus Offering A small amount of Money.
Using gmail only partly solved Problem.
My websites are still suffering
Uncle Sam

How were you using yahoo mail? Was it set as a relay so any mail sent from your server would have to go thru it?

If that was the case, they could have blacklisted your IP for spam, but we'd need more info to know for sure.

Have you contacted yahoo support?

CitadelUniversal
July 3rd, 2015, 01:42 PM
Well this may Answer some of the FAQ's
I have Been to Cyber Security Conferences and it is Quite Clear that Around DEC 2014 and Jan 2015 There were International Cyber Attacks on Practically Anything Weak Spots.
Again My Yahoo Mail after being Infected was Blocked as it was spreading the Virus Offering A small amount of Money.
Using gmail only partly solved Problem.
My websites are still suffering
Uncle Sam


This is not helpful? How are you accessing Yahoo Mail is it through Thunderbird or online - if its via web browser then it could be the plugins that you've downloaded some like for example on google chrome some extensions were removed due to key loggers, malware and other malicious software. Have you tried looking at https://help.ubuntu.com/community/Antivirus plus https://www.getsafeonline.org/protecting-yourself/viruses-and-spyware/