All the latest UK technology news, reviews and analysis

Fears over new Hotmail hack

by James Middleton

12 Sep 2001

Be the first to comment

  • Tweet this

Another method of hacking Hotmail has been discovered this week, allowing attackers to evade the service's filter system and execute JavaScript commands in the victim's inbox.

A Netherlands coder, going by the name of ObLiviON, revealed that, by adding JavaScript to the 'From' field of an email, the code will not be picked up by Hotmail filters, which are geared to block potentially dangerous code in the 'Subject' line and message body.

Further reading

The hack works in such a way that all a victim has to do is view their Inbox for the code to be executed. An attack could be crafted to steal a user's login information, redirect a viewer's browser, run another program on a remote server or perform a more malicious and damaging attack.

Hotmail was forced to close another security hole about two weeks ago and has battled with the JavaScript security menace in the past. In 1998 the company began filtering scripts from the message body when it emerged that they could be malicious.

But on numerous occasions since, hackers have found ways of evading the filters, such as embedding code in HTML 'IMG' tags.

Information on the hack can be found here.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

A Microsoft logo

Microsoft posts critical Internet Explorer patch with February fixes

Related white papers

Related articles

Related jobs

Today's top stories

Google logo

Google’s Motorola acquisition cleared by European and US competition authorities

Asus Transformer Prime vs Apple iPad 2

Apple iPad 2 vs Asus Transformer Prime head-to-head review

Apple logo

Apple commissions independent inspection of Foxconn iPhone and iPad factories

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Desktop Support Manager

Desktop Support Manager 3 month contract - to start...

Programme Manager / 45k ++ Benefits / London

/ Programme Manager / 45k / Significant benefits / London...

Automation Test Manager Selenium London 75k

Automation Test Manager Selenium London 75k Automation...

Mitel 3300 Engineer

Mitel 3300 Engineer Key skills Mitel 3300...

To send to more than one email address, simply separate each address with a comma.