Hacked
April 19, 2010 8:39 PM Subscribe
Gmail was hacked, sending an email to hundreds of contacts. This means that gmail has blocked me from sending emails to people. From my googling it seems to be 24-48 hours which would be insanely inconvenient. I changed my password and everything, anything I can do but wait it out?
Is making a new gmail account out of the question? Export all your contacts to the new account.
posted by contessa at 9:00 PM on April 19, 2010
posted by contessa at 9:00 PM on April 19, 2010
You are not alone.
I recently got a spam email from a long-time Metafilteran I'd sent an email to at a gmail account long ago, and I know he did not intentionally send it; jessamyn was on the list of other recipients.
posted by jamjam at 9:36 PM on April 19, 2010
I recently got a spam email from a long-time Metafilteran I'd sent an email to at a gmail account long ago, and I know he did not intentionally send it; jessamyn was on the list of other recipients.
posted by jamjam at 9:36 PM on April 19, 2010
I'd bet good money that all the hacking is related to this data breach at Google. My account was hacked, too. Fortunately, I caught it just moments into the hack—they had only gotten through the As in my contacts list.
posted by ocherdraco at 10:15 PM on April 19, 2010
posted by ocherdraco at 10:15 PM on April 19, 2010
My account was hacked Friday before last, and an online acquaintance's the following week. My Blackberry ended up saving me- thankfully I hadn't turned off sent message notifications like I'd been planning to and saw the flood of confirmations.
posted by Merzbau at 10:22 PM on April 19, 2010
posted by Merzbau at 10:22 PM on April 19, 2010
As a Gmail user, I'd be grateful if those of you whose accounts have been misused would answer one question: was your password based on a dictionary word, or two dictionary words, or a dictionary word and a number under 3 digits, with or without substitutions such as 0 for O and 5 for S?
Reason I ask is that I've recently been made aware of a number of password cracks against the Hotmail and Yahoo accounts of several friends and friends of friends; so I'm currently working on the assumption that there's a fair bit of cracker-bot activity happening at the moment.
I'd like to know if I, as a user of strong randomly-generated passwords, have any particular reason to be concerned about the security of my own Gmail account.
posted by flabdablet at 11:09 PM on April 19, 2010
Reason I ask is that I've recently been made aware of a number of password cracks against the Hotmail and Yahoo accounts of several friends and friends of friends; so I'm currently working on the assumption that there's a fair bit of cracker-bot activity happening at the moment.
I'd like to know if I, as a user of strong randomly-generated passwords, have any particular reason to be concerned about the security of my own Gmail account.
posted by flabdablet at 11:09 PM on April 19, 2010
It may be insanely inconvenient for you, but people will understand.
posted by rhizome at 11:39 PM on April 19, 2010
posted by rhizome at 11:39 PM on April 19, 2010
Mine was not a dictionary word. It was something like this:
Original word: Euripides
Phonetic word: Yourippadees
Final password: Y0ur1pp4d33s
However, I was a bad computer user and had used the password on a number of other sites. So it's possible that the password was hacked from one of them. But given the sudden spate of hacked Gmail accounts, my money is on a hack in Google's password system itself.
posted by ocherdraco at 11:45 PM on April 19, 2010
Original word: Euripides
Phonetic word: Yourippadees
Final password: Y0ur1pp4d33s
However, I was a bad computer user and had used the password on a number of other sites. So it's possible that the password was hacked from one of them. But given the sudden spate of hacked Gmail accounts, my money is on a hack in Google's password system itself.
posted by ocherdraco at 11:45 PM on April 19, 2010
I'd bet good money that all the hacking is related to this data breach at Google. My account was hacked, too. Fortunately, I caught it just moments into the hackâthey had only gotten through the As in my contacts list.
I think that's extreemly unlikely, anyone can download the source code to manage passwords in Linux, but that doesn't make Linux unsafe. The only value for Google in keeping that code secret is to prevent other people from making money off their work, the "security through obscurity" aspect is unlikely to be a major part of it.
posted by delmoi at 12:48 AM on April 20, 2010
I think that's extreemly unlikely, anyone can download the source code to manage passwords in Linux, but that doesn't make Linux unsafe. The only value for Google in keeping that code secret is to prevent other people from making money off their work, the "security through obscurity" aspect is unlikely to be a major part of it.
posted by delmoi at 12:48 AM on April 20, 2010
I had a similar breach this weekend - caught while it was in the 'J's.
I am fairly careful and that password was similar to Ocherdraco's (but not as long, BUT had non-alphanumeric).
Either I logged in from an infected machine (possible), a site that I used that password on was compromised and then that list of uid/passwords was tried on Google (I don't think I used that exact password elsewhere, but maybe), or Google themselves was compromised (seems very unlikely). So I don't know.
I do know that in my case they did not shut out my account, but they DID delete all the messages in question from my sent folder, basically while I was watching - this to me indicates some sort of culpability on their part.
I have heard this story a LOT lately, seemingly always about Gmail. It could be that Gmail is widestspread, so whatever database of uid/pw that has been compromised was tried against that biggest pool. Could be that whatever silent zombot has been collecting gmail passwords just phoned home. Could be that Google themselves have been sacked, in which case we are all fucked.
It could be confirmation bias, too.
posted by dirtdirt at 6:21 AM on April 20, 2010
I am fairly careful and that password was similar to Ocherdraco's (but not as long, BUT had non-alphanumeric).
Either I logged in from an infected machine (possible), a site that I used that password on was compromised and then that list of uid/passwords was tried on Google (I don't think I used that exact password elsewhere, but maybe), or Google themselves was compromised (seems very unlikely). So I don't know.
I do know that in my case they did not shut out my account, but they DID delete all the messages in question from my sent folder, basically while I was watching - this to me indicates some sort of culpability on their part.
I have heard this story a LOT lately, seemingly always about Gmail. It could be that Gmail is widestspread, so whatever database of uid/pw that has been compromised was tried against that biggest pool. Could be that whatever silent zombot has been collecting gmail passwords just phoned home. Could be that Google themselves have been sacked, in which case we are all fucked.
It could be confirmation bias, too.
posted by dirtdirt at 6:21 AM on April 20, 2010
i've heard that the current rash of gmail 'hackings' aren't straight-up password hacks.
supposedly the hackers are getting folks to click on a link that, if you also have a gmail window open, will flood that window (via javascript?) with requests to send messages.
just something else to be careful about when clicking on links.
posted by noloveforned at 6:29 AM on April 20, 2010
supposedly the hackers are getting folks to click on a link that, if you also have a gmail window open, will flood that window (via javascript?) with requests to send messages.
just something else to be careful about when clicking on links.
posted by noloveforned at 6:29 AM on April 20, 2010
Good point, delmoi. (I suppose it's a good thing that for me "good money" is only about $20.)
posted by ocherdraco at 8:17 AM on April 20, 2010
posted by ocherdraco at 8:17 AM on April 20, 2010
i've heard that the current rash of gmail 'hackings' aren't straight-up password hacks.
supposedly the hackers are getting folks to click on a link that, if you also have a gmail window open, will flood that window (via javascript?) with requests to send messages.
That may be true in some cases, but when my Gmail account was hacked in late March, I was camping in the mountains and nowhere near a computer. There was no clicking on my end while a Gmail window was open.
They also set up a vacation responder so that when my contacts replied with a "Hey, why are you spamming me," they'd get the original spam email (peddling "electronical Laptops") as a vacation response.
posted by mudpuppie at 9:27 AM on April 20, 2010
supposedly the hackers are getting folks to click on a link that, if you also have a gmail window open, will flood that window (via javascript?) with requests to send messages.
That may be true in some cases, but when my Gmail account was hacked in late March, I was camping in the mountains and nowhere near a computer. There was no clicking on my end while a Gmail window was open.
They also set up a vacation responder so that when my contacts replied with a "Hey, why are you spamming me," they'd get the original spam email (peddling "electronical Laptops") as a vacation response.
posted by mudpuppie at 9:27 AM on April 20, 2010
Interesting -- I noticed on some news site the other day that there had been some major Gmail infiltration over the weekend, and this AskMe prompted me to change my (horrible, dictionary-word and long-standing) password to something longer and alphanumeric. (The advice I saw somewhere a while back was to think of some easily-memorised sentence and convert the initials of the words to a password, e.g.: "Tivalasvegas is one cool, witty and hot guy, am I rite?" --> Ti1cwahgaIr.)
So, if one hasn't been gmail-hacked yet, and has changed one's password in the last few days: is it safe now?
posted by tivalasvegas at 9:38 AM on April 20, 2010
So, if one hasn't been gmail-hacked yet, and has changed one's password in the last few days: is it safe now?
posted by tivalasvegas at 9:38 AM on April 20, 2010
As a data point, my Gmail was hacked on Sunday and sent out about a hundred emails (including one to Jessamyn). My password was two initials and a date (ie fb20-04-10, but not that obviously). I thought it was related to Opera Mini - because according to the Gmail IP check the person that accessed my account did it from a Romanian mobile. I suspect OM would have suddenly become appealing to hackers since it was launched on iPhone last week.
posted by featherboa at 11:05 AM on April 20, 2010
posted by featherboa at 11:05 AM on April 20, 2010
Mine also showed a Romanian mobile IP (alas, before I was in a place where I could note it, my own sessions had deleted the address).
posted by ocherdraco at 12:03 PM on April 20, 2010
posted by ocherdraco at 12:03 PM on April 20, 2010
Um, yeah. A couple days later, and I've been hacked too.
Anybody figured out what this is yet?
I changed my password when it was sending out mail somewhere in the Cs, and it stopped. Will it start back up later?
Romanian-accessed here too.
posted by functionequalsform at 10:47 AM on April 22, 2010
Anybody figured out what this is yet?
I changed my password when it was sending out mail somewhere in the Cs, and it stopped. Will it start back up later?
Romanian-accessed here too.
posted by functionequalsform at 10:47 AM on April 22, 2010
Strong random password or crappy memorable one, functionequalsform?
posted by flabdablet at 8:33 AM on April 24, 2010
posted by flabdablet at 8:33 AM on April 24, 2010
« Older Why isn't Final Cut Pro 6 asking me to change... | Not much of a view, but a hell of a ride Newer »
This thread is closed to new comments.
I trust you changed your password to something robust enough that this won't happen to you again.
posted by flabdablet at 8:48 PM on April 19, 2010 [1 favorite]