2-Year Hole In Yahoo Open to Spammers

[exfileme]

There's trouble at Yahoo's back door, and spammers aren't really knocking.

2-Year Hole In Yahoo Open to Spammers : Read more

 

[ubernoobie]

Fail yahoo

 

[nukemaster]

What is yahoo?

 

[Guest]

they are way behind the times

 

[tester24]

I don't get once you authenticate does the page go from a secure HTTPS to a regular HTTP. I think google is the only one you can put the S back in and have the page be secure again. But I could be wrong.

 

[Major7up]

I closed my yahoo account back in 2002 after they started charging for POP access and never went back. At the time they said once I cancel that the user ID would never again be able to be used yet someone has taken it and has been using it I discovered recently. Since the ID was my first initial and last name and there is only one other living person who would share that first initial and last name and they are not using it (I have a very unique last name), then some spammer or other unscrupulous person has my ID and probably using it for nefarious purposes. Way to go Yahoo, kicking me is the ass after what, 7 years?

 

[cruiseoveride]

2007? By now there must be 1-click Yahoo hack programs available for n00bs as well.

 

[charlesxuma]

I heard they left it there on purpose just to keep their website activity up.

 

[ravewulf]

I wonder what percentage of spam and the like comes from Yahoo through this exploit

 

[johnny_5]

I use Yahoo mail. Both me and my dad have had our passwords changed on us before. I wonder if this is the reason why. Maybe at some point I'll change to google mail or something, but, what can I say, I'm lazy.

 

[warezme]

I hate Yahoo, but if you have AT&T service you have no choice.

 

[webbwbb]

It sounds like it does not have a check for how many times a user has entered in a wrong password for an account withing a set amount of time. Remember, they did mention that the spammers needed to brute force it.

 

[Guest]

This just in: Yahoo CEO - Carol Bartz - "Yahoo is not an e-mail provider... it's value lies in its pages..."

 

[FUtomNOreg]

Seems like the only thing they kept out of the inner sanctum was Microsoft.

 

[virtualban]

Strange enough, I get less spam on yahoo (personal experience comparison). Maybe spammers were not using yahoo to attack yahoo, or just a coincidence.

 

[virtualban]

Still be best way to avoid spam is to never ever ever give out your address to anybody. You know those massive forwards that people don't even bother to edit previous forwards or put the list in BCC and you or anybody (spammers included) get great edited lists of mail addresses. Basically stop using e-mail 😀.