JackRussell Posted April 7, 2004 Posted April 7, 2004 a friend of mine suddenly found she couldn't access her hotmail account nor the associated msn chat account. Not even her "secret question" worked. She established temporarily a new msn account and went into chat with me to tell me about it. I tried logging into her email from my end and indeed it wasn't working. Then in the middle of the chat, this other guy she knows logs into chat (I know him too, but haven't had much to do with him)... like 10 minutes later he comes back saying he's gotten into her account and changed her password to "123456". He was in chat on her end and not on my end so don't know what exactly he said, but she was under the impression he took advantage of some "loop hole" in msn or hotmail to do that... Suffice it to say, if he were messing with (and using) hacker tools these days it wouldn't surprise me in the least. He's been on her computer before. I'm thinking he's put a key logger on her system at some point and fabricated this whole incident... again it wouldn't surprise me if this guy did something like that "just for fun". Anyone know or heard of "loop holes" in hotmail/msn that would allow someone to just get into anyone's msn account within minutes? Or does the "forgot my password" process eventually give you access even if you don't know the "secret answer"? I don't live near enuf to her that I could just go there any time and check the system out for a keylogger or whatever else... aside from using remote assistance. Share this post Link to post Share on other sites More sharing options...
DraconicPenguin Posted April 7, 2004 Posted April 7, 2004 probably just guessed her password... Share this post Link to post Share on other sites More sharing options...
GTSticky Posted April 7, 2004 Posted April 7, 2004 Probably guessed her password or got on her system while her cookie(s) were still good, then changed the password and secret answer. Have her run http://housecall.trendmicro.com/start_corp.asp and do a full scan with auto clean to be sure. Trend catches some malware and will remove it for her. Share this post Link to post Share on other sites More sharing options...
JackRussell Posted April 7, 2004 Posted April 7, 2004 Have her run http://housecall.trendmicro.com/start_corp.asp and do a full scan with auto clean to be sure. Trend catches some malware and will remove it for her. Thanks. Is that the same-as (or better-than) SpyBot?... not sure if SpyBot is mostly for the adware-flavor or not. Would like to target specifically malicious spyware (like keyloggers that phone home) when I check her system out. What you suggested looks more like what I've got in mind than SpyBot. Probably guessed her password or got on her system while her cookie(s) were still good, then changed the password and secret answer she had a really typical password and I made sure to tell her that (easy target for brute force probably). The dude in question is a chronic prankster of sorts. Share this post Link to post Share on other sites More sharing options...
Cyberbeer Posted April 7, 2004 Posted April 7, 2004 Mighta guessed password. But goto google and do a search for Hotmail Hack tools. A bunch of stuff comes up. This guys an a$$ is all. Give his IP out lol. Share this post Link to post Share on other sites More sharing options...
ravix Posted April 7, 2004 Posted April 7, 2004 Hotmail isn't really subject to "brute force", which is basically a thing of the past. Brute force was big back in the days of earlier unix and linux systems, when the password file wasn't shadowed, and could simply be downloaded and cracked using a program such as jack the ripper. The reason it worked then is that everything was done locally, which is not the case with hotmail. In order to "brute force" hotmail or yahoo, you'd have to send thousands of login queries a second. This would a.) be flagged by the servers and b.) be incredibly slow due to network bandwidth limitations. Basically, this guy either got onto your friends computer (anything is possible if you have local access), guessed an incredibly simple password off the top of his head, or installed a key-logger or some other type of malware on her computer. Have her run a virus scan, and change all her passwords to something hard to guess (ie: 1e3rta), and she should be fine the future. Share this post Link to post Share on other sites More sharing options...
ClayMeow Posted April 7, 2004 Posted April 7, 2004 just have her change her password to letter/number combos. Looks like this guy was just doing it as a prank, and didn't do anything "bad" with her info, so she should be happy it was someone she knew that exposed this problem, and not some stranger who would never have let her known this. I'm not condoning the action of this guy obviously, but i'm what i'm saying is, you're making it out worse than it is. Doesn't seem to me like anyone was "hurt" by this...no charges to credit cards...no sending out emails to people using her account...no never giving her account back. she should be happy. Share this post Link to post Share on other sites More sharing options...
JackRussell Posted April 7, 2004 Posted April 7, 2004 I'm not condoning the action of this guy obviously, but i'm what i'm saying is, you're making it out worse than it is Ya he wouldn't literally cause financial injury or destroy files, but you'd have to know this guy... if he still has something like a key logger in there, then it's not the end of it. He was fun to hang with and all when I knew him, but trust him as far as I can throw him... he's a character. Just today I even changed my passwords just in case I'm next in his self-amusement-hacking as he's seen what my addresses are now through her account. Share this post Link to post Share on other sites More sharing options...
Nerm Posted April 7, 2004 Posted April 7, 2004 if she has a really easy to guess secret question he could have just guessed that and changed her password to whatever he wanted. Most peoples secret question on hotmail is easy to guess especially if you know them, because people are typically computer stupid(lol). Nerm, Stormztech.com Share this post Link to post Share on other sites More sharing options...
JackRussell Posted April 7, 2004 Posted April 7, 2004 if she has a really easy to guess secret question he could have just guessed that and changed her password to whatever he wanted. Most peoples secret question on hotmail is easy to guess especially if you know them, because people are typically computer stupid(lol). She's all thumbs. And I got the impression that her secret question was something real easy to figure out. I'm almost certain I could get in that way myself, but not a hacker bone in this body so I won't anyway thanks for tips on what's possible. Not a subject that interests me usually, so wasn't sure. Share this post Link to post Share on other sites More sharing options...
Cyberbeer Posted April 9, 2004 Posted April 9, 2004 I like to refer to those types as wackers. Real hackers dont do stupid crap like that. I had some guy do that to me once. Took my hotmail account and my Mplayer username. Complete .! Share this post Link to post Share on other sites More sharing options...
Shadowfactor Posted April 11, 2004 Posted April 11, 2004 (edited) gueesed her password or like i have ( i have never doone it ) used a password changer because some guessed my password and chaged it . Edited April 11, 2004 by Shadowfactor Share this post Link to post Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now