• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Just FYI: getting reports of possible hacked emails

Fullmetal Chocobo

Fullmetal Chocobo

Moderator<br>Distributed Computing
Moderator
I've been getting quite a few reports of people getting links via email from people they know, and of course they click on the link. So I have several machines infected with several backdoors and trojans.

Just seems odd that I'm getting several on one day. Accounts that the emails were received from include yahoo and hotmail.

One email has the originating IP as '78.186.118.66' which goes to a ISP out of Turkey (Turk Telekom).
 
Last edited:
I've gotten spam from one of my friends on 2 different accounts with just a link. One was to gmail which I almost never get spam in!
i reported it so we'll see what happens. it appears to be the same thing as you mentioned since it was from a hotmail account.
 
Chiefcrowe said:
I've gotten spam from one of my friends on 2 different accounts with just a link. One was to gmail which I almost never get spam in!
i reported it so we'll see what happens. it appears to be the same thing as you mentioned since it was from a hotmail account.
Click to expand...

In the emails, it was just a single link in the email, one linking to "orethagulke4036 . angelfire . com" and another linking to "www . prn4 . healthxpills . com"

DO NOT FOLLOW THE ABOVE LINKS!! the healthxpills did result in infection of the machine that opened the link.
 
yup, that's the one i got. Horrible!

do you think this means that the sender's machine is infected or it's from some spambots?
 
Fullmetal Chocobo said:
I've been getting quite a few reports of people getting links via email from people they know, and of course they click on the link. So I have several machines infected with several backdoors and trojans.

Just seems odd that I'm getting several on one day. Accounts that the emails were received from include yahoo and hotmail.

One email has the originating IP as '78.186.118.66' which goes to a ISP out of Turkey (Turk Telekom).
Click to expand...

Are you saying that emails are actually coming from those accounts or is it that "reply to:" address simply has those users email address inserted?

-KeithP
 
Chiefcrowe said:
yup, that's the one i got. Horrible!

do you think this means that the sender's machine is infected or it's from some spambots?
Click to expand...

It appears to be the result of the online email / webmail accounts being hacked (or at least in some way messed with). If the link is clicked, it results in the machine (possibly?) being infected. I have not had any local machines send out infected emails, so thus far it only appears to be yahoo and hotmail at this time.

On the other hand, I haven't seen any official news regarding this, so these might be isolated incidents. However, I just did find out about another case, once again from yahoo, that sent out the same message (healthxpills).

I would send an email to whoever you receive the email from and advise them of the email you received, and have them change their passwords. And I would go ahead and scan your machine with MBAM (Malware Bytes) and Super Anti Spyware. That's what I've been using, and they seem to work very well together.
 
KeithP said:
Are you saying that emails are actually coming from those accounts or is it that "reply to:" address simply has those users email address inserted?

-KeithP
Click to expand...

They were actually sent from the hotmail account. I confirmed this because all of the messages are still in the "sent" folder of the account.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top