Yahoo Mail Got Hacked via XSS Vulnerability

Yahoo users 2 nights’ back were hacked by probably the same spammy links route. A number of Yahoo users complained about their accounts being hacked and wrong messages were forwarded. After an investigation, Yahoo officials confirmed that the hacking took place through a spammy link which was mailed by the account holder’s friends who were already affected through this hack.

Shahin Ramezany, a hacker then announced how the hacking took place, in a youtube video he demonstrated this type of hacking can take place in minutes. He also showed a loophole in the Yahoo mail system through which all this happened i.e. The XSS vulnerability. About 400 million users were on risk due to this particular hack. The hacker promised Yahoo to help them out in getting off this particular loophole.

The situation created by the hacks could be demonstrated by this tweet from an actress:

Friends and colleagues, don’t click the link that was sent to you from my Yahoo email account, I was hacked :/ Apologies!

Many tweets like the above one were there on Twitter two nights back if you search Yahoo Hacked on twitter. All were reportedly hacked through some spammy mail; the spammy mail consisted of malicious malware which opened the gate for hacking. Although, this was not the first time Yahoo’s system was breached in July 2012 also Yahoo’s system was hacked by the D33d company. But that was not due to a security loophole, it was a file that was swiped from the Yahoo’s server caused the hack.

But, keeping online messaging and other accounts secure is really difficult especially with the number of hacking taking place these days. So, we advise you to keep different passwords from each individual account you make online and also keep a strong password that you can save in your system too if you can’t remember it. Finally, for all those people whose accounts were hacked much change their passwords as soon as possible to secure their account from the hackers.

Related Posts