All the latest UK technology news, reviews and analysis

Yahoo Mail users warned of brute force attacks

by Phil Muncaster

More from this author

19 Sep 2009

Be the first to comment

  • Tweet this
yahoo mail beta
Yahoo Mail users could find their accounts under attack

Yahoo Mail users are being warned that a two-year-old hole in the service could be allowing hackers to gain easy access to their accounts, according to new reports.

Ryan Barnett, director of application security research at Breach Security, said the problem stems from a web application that automates the log-in procedure for the popular webmail service, according to a report in The Register.

However, this web app crucially fails to adhere to the same security checks normally followed by the usual log-in page, enabling "some sort of water tunnel that the bad guys are walking right through”, Barnett is reported as saying.

Hackers are therefore using the unsecure web app to carry out brute force attacks on user passwords – a process whereby they try all possible combinations of letter and numbers to crack the password, and gain entry to the account.

Other security experts are reported as saying that this new revelation confirms what many have suspected for a while – backend applications are a key factor in the increasing success of account hijacking cases targeting all social networks and portal sites.

Once hacked, the accounts can be used to send out spam and malware that stand a better chance of bypassing traditional filters.

Hackers may also choose to use the account details to try to access banking accounts, as many people use the same or similar passwords on multiple accounts.

Yahoo is understood to be investigating the vulnerability.

Do you agree?

 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Programme Director

My Client seeks an experienced Programme Director / Manager...

Senior Business Analyst (Systems Team Lead)

Senior Business Analyst (Systems Team Lead) We are...

Back end Drupal dev-consultancy

Description: Drupal Developer (Back End) -Technical Consultancy...

Business Analyst

A Global Business seeks an experienced Business Analyst...

To send to more than one email address, simply separate each address with a comma.