my oldest gmail hacked 1st time in 5 years

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Intrinsic
    Confirmed User
    • Jun 2008
    • 1589

    #1

    my oldest gmail hacked 1st time in 5 years

    time to up the passwords.. had an 8char that lasted a while

    some IP in ecuador got into my account and was sending all my contacts a pharm link

    only way I knew this was I was getting a shitload of undeliverables in my inbox

    O well, gfy yourself hacker
  • wehateporn
    Promoting Debate on GFY
    • Apr 2007
    • 27176

    #2
    Probably a keylogger

    Comment

    • papill0n
      Unregistered Abuser
      • Oct 2007
      • 15547

      #3
      you got it back yeah ?

      Comment

      • XPays
        Team Player
        • May 2004
        • 13002

        #4
        happened to another person i know today too. maybe it's not an isolated incident.
        InterNext Expo Domain Auction Live Now thru Feb 5
        HuntingMoon GFY Domains Marketplace is LIVE
        XPays always pays! Top Site: * RealJasmine.com * + HotelHeiress® with The Paris Hilton Sex Video
        Insert the HotelHeiress® HD FEED into your members areas
        XPin.com Opening for Pin Partners Soonish
        Mainstream Offers For Emailers and DomainersNONADULT.COM


        Like Us!

        Comment

        • brassmonkey
          Pay It Forward
          • Sep 2005
          • 77396

          #5
          metaman has one for sale lol
          TRUMP 2026 KEKAW!!! - The Laken Riley Act Is Law!
          DACA ENDED - SUPPORT AZ HCR 2060 52R - email: brassballz-at-techie.com

          Comment

          • Dejan
            Confirmed User
            • Apr 2006
            • 8776

            #6
            shit happens
            Convert your East European traffic

            Comment

            • WiredGuy
              Pounding Googlebot
              • Aug 2002
              • 34512

              #7
              I know someone who had that happen as well. Make sure you have your cell number within Google Gmail and you'll get your account restored when they verify you are the account holder. If you don't have a cell number in there, good luck getting it back.
              WG
              I play with Google.

              Comment

              • seeandsee
                Check SIG!
                • Mar 2006
                • 50945

                #8
                It can be million tricks how they got in, but try to find out what they used and prevent yourself from such attacks
                BUY MY SIG - 50$/Year

                Contact here

                Comment

                • Intrinsic
                  Confirmed User
                  • Jun 2008
                  • 1589

                  #9
                  Originally posted by WiredGuy
                  I know someone who had that happen as well. Make sure you have your cell number within Google Gmail and you'll get your account restored when they verify you are the account holder. If you don't have a cell number in there, good luck getting it back.
                  WG
                  i think i have it setup.. i went in to check and got hit with this (looks like gmail has its own protection):

                  This account has been locked down due to unusual account activity. It may take up to 24 hours for you to regain access.

                  Unusual account activity includes, but is not limited to:

                  Receiving, deleting, or downloading large amounts of mail via POP in a short period of time.
                  Sending a large number of undeliverable messages (messages that bounce back).
                  Using file-sharing or file-storage software, browser extensions, or third party software that automatically logs in to your account.
                  Leaving multiple instances of your Gmail account open.
                  Browser-related issues. Please note that if you find your browser continually reloading while attempting to access your Inbox, it?s probably a browser issue, and it may be necessary to clear your browser?s cache and cookies.

                  Comment

                  • ottopottomouse
                    She is ugly, bad luck.
                    • Jan 2010
                    • 13177

                    #10
                    Hope you didnt have the password to anything else sat in there.
                    ↑ see post ↑
                    13101

                    Comment

                    • thickcash_amo
                      Confirmed User
                      • Sep 2009
                      • 3847

                      #11
                      damn that sucks

                      - Skype: jim_3rdshiftvideo
                      Petite18.com, MeanMassage.com
                      TeasePOV.com, SeeMomSuck.com
                      TugPass Network - includes access to 9 Sites
                      Elite Webmasters Earn 70% Revshare!

                      Comment

                      • kristin
                        GOO!
                        • Sep 2002
                        • 9768

                        #12
                        This makes Meta Man's thread funnier.
                        Vacares rules.

                        "Usually only fat guys have the kind of knowledge and ability that Kristin has."

                        Comment

                        • Dejan
                          Confirmed User
                          • Apr 2006
                          • 8776

                          #13
                          Found HIM!

                          http://gfy.com/showthread.php?t=1019888

                          Convert your East European traffic

                          Comment

                          • Chosen
                            • Aug 2001
                            • 63151

                            #14
                            It sucks indeed...

                            Comment

                            • HomerSimpson
                              Too lazy to set a custom title
                              • Sep 2005
                              • 13826

                              #15
                              use RoboForm
                              Make a bank with Chaturbate - the best selling webcam program
                              Ads that can't be block with AdBlockers !!! /// Best paying popup program (Bitcoin payouts) !!!

                              PHP, MySql, Smarty, CodeIgniter, Laravel, WordPress, NATS... fixing stuff, server migrations & optimizations... My ICQ: 27429884 | Email:

                              Comment

                              • twistyneck
                                So Fucking Banned
                                • Jan 2002
                                • 4660

                                #16
                                Originally posted by Intrinsic
                                time to up the passwords.. had an 8char that lasted a while

                                some IP in ecuador got into my account and was sending all my contacts a pharm link

                                only way I knew this was I was getting a shitload of undeliverables in my inbox

                                O well, gfy yourself hacker
                                Same thing happened to me today too. Fucking hell.

                                Comment

                                • BradBreakfast
                                  Confirmed User
                                  • Feb 2008
                                  • 415

                                  #17
                                  YOU GUYS AREN'T USING INTERNET EXPLORER ARE YOU?

                                  My guess.... Drive-by download keylogger: If you had activated Google Authenticator as soon as it became available [Like I Did], which is free BTW and ran an Intrusion Prevention System such as ThreatFire (also free) ... this wouldn't of happened.

                                  Threatfire protects against known and 0day exploits: http://www.threatfire.com/

                                  Google Authenticator: 2 factor login: http://www.google.com/support/accoun...&topic=1056284

                                  Sometimes Threatfire will alert on false positives, like your web browser and instant messaging program as there is a short training period. (Just look at the .exe trying to communicate with the network and you should be able to tell if it's legit (firefox.exe, icq.exe) or non-legit (ufygsdft.exe, pornodownloder.exe).

                                  When you browse "fucked up websites" use a sandboxing program such as SandBoxie to load a sand-boxed browser that loads in a secure, virtual environment.

                                  http://www.sandboxie.com/ or a HIPS (Host Intrusion Prevention System) such as DefenseWall: http://www.softsphere.com/programs/

                                  But who said you were attacked by a Windows trojan? What if it was a trojan horse on your mobile smartphone you downloaded from a non-legit "app store"... unlikely but that's also an attack vector. #JustSayin'
                                  Last edited by BradBreakfast; 04-25-2011, 08:35 PM.
                                  GetClicky - The World's Most Advanced Real Time Ajax-based Analytics

                                  Comment

                                  • Houdini
                                    Confirmed User
                                    • Dec 2001
                                    • 1651

                                    #18
                                    Crazy, I had it happen to me today too. My entire contact list and basically anyone I've ever sent an email to, got one. Also a pharm link. IP was from France. I was logged into gmail when a few emails were coming back. Immediately, I checked the IP list, saw someone from France had just logged in and I quickly changed the password and logged out. Was able to login fine and looks like it's ok now. Bastards!

                                    Comment

                                    • Ayden Rush
                                      Registered User
                                      • Mar 2011
                                      • 60

                                      #19
                                      Use 2-Step verification. It completely defeats keyloggers, for GMail anyway.

                                      Comment

                                      • twistyneck
                                        So Fucking Banned
                                        • Jan 2002
                                        • 4660

                                        #20
                                        Originally posted by BradBreakfast
                                        YOU GUYS AREN'T USING INTERNET EXPLORER ARE YOU?

                                        My guess.... Drive-by download keylogger: If you had activated Google Authenticator as soon as it became available [Like I Did], which is free BTW and ran an Intrusion Prevention System such as ThreatFire (also free) ... this wouldn't of happened.

                                        Threatfire protects against known and 0day exploits: http://www.threatfire.com/

                                        Google Authenticator: 2 factor login: http://www.google.com/support/accoun...&topic=1056284

                                        Sometimes Threatfire will alert on false positives, like your web browser and instant messaging program as there is a short training period. (Just look at the .exe trying to communicate with the network and you should be able to tell if it's legit (firefox.exe, icq.exe) or non-legit (ufygsdft.exe, pornodownloder.exe).

                                        When you browse "fucked up websites" use a sandboxing program such as SandBoxie to load a sand-boxed browser that loads in a secure, virtual environment.

                                        http://www.sandboxie.com/ or a HIPS (Host Intrusion Prevention System) such as DefenseWall: http://www.softsphere.com/programs/

                                        But who said you were attacked by a Windows trojan? What if it was a trojan horse on your mobile smartphone you downloaded from a non-legit "app store"... unlikely but that's also an attack vector. #JustSayin'
                                        Nope. I'm on a Mac and I never use a phone to check my email.

                                        Comment

                                        • twistyneck
                                          So Fucking Banned
                                          • Jan 2002
                                          • 4660

                                          #21
                                          I checked my Google account and it said there was a login from a mobile user in Sweden.

                                          Is this the same link you guys are seeing?

                                          http://xewopiqi.t35.com/

                                          Comment

                                          • BradBreakfast
                                            Confirmed User
                                            • Feb 2008
                                            • 415

                                            #22
                                            Poor bastards. I use HIPS at the desktop endpoint and have a SNORT sensor to block and alert me of suspicious activity/traffic on my home network.
                                            GetClicky - The World's Most Advanced Real Time Ajax-based Analytics

                                            Comment

                                            • Houdini
                                              Confirmed User
                                              • Dec 2001
                                              • 1651

                                              #23
                                              Originally posted by twistyneck
                                              I checked my Google account and it said there was a login from a mobile user in Sweden.

                                              Is this the same link you guys are seeing?

                                              http://xewopiqi.t35.com/
                                              Yep, same thing for me. The IP found in my account was in France also through a mobile user. Different sub-domains were used in multiple messages, but same domain.

                                              Comment

                                              • twistyneck
                                                So Fucking Banned
                                                • Jan 2002
                                                • 4660

                                                #24
                                                Originally posted by Houdini
                                                Yep, same thing for me. The IP found in my account was in France also through a mobile user. Different sub-domains were used in multiple messages, but same domain.
                                                I guess this is a pretty widespread event then. I wonder if Google knows (or cares) about it.

                                                Comment

                                                • BradBreakfast
                                                  Confirmed User
                                                  • Feb 2008
                                                  • 415

                                                  #25
                                                  They don't.
                                                  GetClicky - The World's Most Advanced Real Time Ajax-based Analytics

                                                  Comment

                                                  • Darkhorse
                                                    Horsing Around
                                                    • Sep 2002
                                                    • 5879

                                                    #26
                                                    Mine has been hacked to fuckers.....

                                                    Bosnia And Herzegovina (77.221.17.199)
                                                    Last edited by Darkhorse; 04-25-2011, 11:06 PM.

                                                    Comment

                                                    • TeenCat
                                                      Too lazy to set a koala
                                                      • Jan 2007
                                                      • 16139

                                                      #27
                                                      so you are not the only one webmaster with the same site spammed? looks like some adult database was compromised, and you guys have same password there and to your emails also, oops ... lets get that crap solved

                                                      6bot
                                                      / Coming again very soon!
                                                      Svit Zlin Radio 24/7!

                                                      Comment

                                                      • Konda
                                                        ...
                                                        • Apr 2003
                                                        • 2280

                                                        #28
                                                        This seems to be quite huge. I got a quite some random webmasters sending me these type of links "http://daxohazo.t35.com/" so it seems quite some users are affected. Is it only happening to adult webmasters? Maybe some big program's user database has been hacked and these people use the same password for their gmail?

                                                        Comment

                                                        • Darkhorse
                                                          Horsing Around
                                                          • Sep 2002
                                                          • 5879

                                                          #29
                                                          Originally posted by Konda
                                                          This seems to be quite huge. I got a quite some random webmasters sending me these type of links "http://daxohazo.t35.com/" so it seems quite some users are affected. Is it only happening to adult webmasters? Maybe some big program's user database has been hacked and these people use the same password for their gmail?
                                                          Well could be possible, I do use same password (and for gmail) for most programs not all but for the most part I do.

                                                          Comment

                                                          • Konda
                                                            ...
                                                            • Apr 2003
                                                            • 2280

                                                            #30
                                                            Originally posted by Darkhorse
                                                            Well could be possible, I do use same password (and for gmail) for most programs not all but for the most part I do.
                                                            NEVER EVER use the same password for your email that you use on other sites. That is asking for trouble. You never know who has access to the passwords you use at sponsors and other sites.
                                                            Use LastPass and use random passwords for every single site where you create accounts. I don't even know my own gmail passwords, it's some random string.

                                                            Comment

                                                            • taken300
                                                              Confirmed User
                                                              • Oct 2009
                                                              • 989

                                                              #31
                                                              Basically people use "keyloggers" to hack accounts... You need to change your password every after 1 month and use a long and alfanumeric password... I had a chat with a guy who was selling 1000's of gmail and yahoo hacked account password and 100% original. Always give a check to .exe files when you download via internet.
                                                              Search Engine Optimization Services - Mainstream and Adult !!
                                                              Submission to 100 Adult Link Dump Sites- No reciprocal link required
                                                              100 Animoto Videos + Youtube Upload + 1 website link every video = $110

                                                              I*C*Q : 374*04124*3
                                                              S*k*y*p*e : arde*ndo*1
                                                              G*t*a*l*k : seo*joint*@gmail(dot)com
                                                              (remove "*")

                                                              Sex Cams Free Sex Cam Sex Cams

                                                              Comment

                                                              • Darkhorse
                                                                Horsing Around
                                                                • Sep 2002
                                                                • 5879

                                                                #32
                                                                Originally posted by Konda
                                                                NEVER EVER use the same password for your email that you use on other sites. That is asking for trouble. You never know who has access to the passwords you use at sponsors and other sites.
                                                                Use LastPass and use random passwords for every single site where you create accounts. I don't even know my own gmail passwords, it's some random string.
                                                                Ya I know, to late when it happens to you but once is enough of fuckaround to make me not want to do it again.

                                                                lol and now the abusive email replies are coming in from the people these fuckers spammed.
                                                                Last edited by Darkhorse; 04-25-2011, 11:39 PM.

                                                                Comment

                                                                • Konda
                                                                  ...
                                                                  • Apr 2003
                                                                  • 2280

                                                                  #33
                                                                  Originally posted by taken300
                                                                  Basically people use "keyloggers" to hack accounts... You need to change your password every after 1 month and use a long and alfanumeric password... I had a chat with a guy who was selling 1000's of gmail and yahoo hacked account password and 100% original. Always give a check to .exe files when you download via internet.
                                                                  Since it also happened to Mac user and since it seems like many webmasters are affected I don't think it's a keylogger issue. It seems more like some sponsor's user database has been hacked and these users had the same password for their gmail account as they had at that sponsor.

                                                                  Comment

                                                                  • Zyber
                                                                    Confirmed User
                                                                    • Aug 2001
                                                                    • 832

                                                                    #34
                                                                    Also install the newest version of JAVA. Remember to uninstall all the older versions.

                                                                    Many drive-by installs happen directly through your browser - even if you don't click to download anything.

                                                                    So update Java, and remove old versions
                                                                    http://www.java.com/en/download/help/java_update.xml

                                                                    Comment

                                                                    • TeenCat
                                                                      Too lazy to set a koala
                                                                      • Jan 2007
                                                                      • 16139

                                                                      #35
                                                                      people, as written before, it is not about your computers security, but it is hacked database sure, as many times in the past and many times in the future. no more doubt are needed, you just have to be more careful in choosing your passwords ... have luck and go through this drama everyone

                                                                      6bot
                                                                      / Coming again very soon!
                                                                      Svit Zlin Radio 24/7!

                                                                      Comment

                                                                      • Zyber
                                                                        Confirmed User
                                                                        • Aug 2001
                                                                        • 832

                                                                        #36
                                                                        You might already have a root kit hidden on your computer, so better to get rid of that first!

                                                                        Comment

                                                                        • TeenCat
                                                                          Too lazy to set a koala
                                                                          • Jan 2007
                                                                          • 16139

                                                                          #37
                                                                          shame is that those companies who are hacked will never ever say that they got hacked and some time they do not care, i have reported some dangerous security holes to some companies in the past, but only one says thanks and some even dont fucking care and keep the holes opened ... dont trust anyone, trust yourself and do your best to keep safe, use different passwords to anywhere where its needed to be safe ... just wanted to say, have a nice day and surf safe everyone

                                                                          6bot
                                                                          / Coming again very soon!
                                                                          Svit Zlin Radio 24/7!

                                                                          Comment

                                                                          • PSD
                                                                            PornSiteDomains.com
                                                                            • Oct 2002
                                                                            • 1265

                                                                            #38
                                                                            Got the same spam, from the looks of the people in the To field it looks like at least some of the spam is to the list of affiliates that Mark Bauman of NA mistakenly put in the To field instead of the BCC field of the email he sent out when he departed NA over two years ago - that and the From shows Mark Bauman - probably forged.
                                                                            PornSiteDomains.com

                                                                            Comment

                                                                            • Vjo
                                                                              So Fucking Banned
                                                                              • Oct 2002
                                                                              • 6082

                                                                              #39
                                                                              Originally posted by Zyber
                                                                              Also install the newest version of JAVA. Remember to uninstall all the older versions.

                                                                              Many drive-by installs happen directly through your browser - even if you don't click to download anything.

                                                                              So update Java, and remove old versions
                                                                              http://www.java.com/en/download/help/java_update.xml
                                                                              Good info, thanks

                                                                              I checked this page for older versions:

                                                                              http://www.java.com/en/download/uninstall.jsp

                                                                              and indeed I have one from 2007 on there. Look in Settings/Control Panel/Programs and Features to see if any old versions of Java exist or go to the above page and it will tell you:

                                                                              "We have detected the following old versions of Java that are installed on your system:

                                                                              * Java(TM) SE Runtime Environment 6 Update 1

                                                                              These should be removed to ensure your system security."

                                                                              Cool beans.
                                                                              Last edited by Vjo; 04-26-2011, 01:53 AM.

                                                                              Comment

                                                                              • Dejan
                                                                                Confirmed User
                                                                                • Apr 2006
                                                                                • 8776

                                                                                #40
                                                                                yup mine got hacked too
                                                                                Mobile Malaysia (115.133.10.67) 9:18 am (3 hours ago)

                                                                                probably some programs db got hacked... had the same password for gmail and some sponsor sites....
                                                                                Convert your East European traffic

                                                                                Comment

                                                                                • miroz
                                                                                  Confirmed User
                                                                                  • Aug 2006
                                                                                  • 387

                                                                                  #41
                                                                                  I've got the same problem.
                                                                                  Someone had access using mobile agent from India, Czech and Thailand during 5 minutes.
                                                                                  TommyPimp.com - my favorite celebrity program
                                                                                  Buy traffic

                                                                                  Comment

                                                                                  • miroz
                                                                                    Confirmed User
                                                                                    • Aug 2006
                                                                                    • 387

                                                                                    #42
                                                                                    Is this problem only with Gmail accounts?
                                                                                    TommyPimp.com - my favorite celebrity program
                                                                                    Buy traffic

                                                                                    Comment

                                                                                    • Darkhorse
                                                                                      Horsing Around
                                                                                      • Sep 2002
                                                                                      • 5879

                                                                                      #43
                                                                                      Originally posted by miroz
                                                                                      Is this problem only with Gmail accounts?
                                                                                      Looks that way so far.

                                                                                      Comment

                                                                                      • D Ghost
                                                                                        null
                                                                                        • May 2006
                                                                                        • 9820

                                                                                        #44
                                                                                        Happened to me yesterday too, same thing pharm....

                                                                                        Comment

                                                                                        • Cyber Fucker
                                                                                          Hmm
                                                                                          • Sep 2005
                                                                                          • 12642

                                                                                          #45
                                                                                          Did you have there 2674 webmasters contact list by a chance?

                                                                                          Comment

                                                                                          • PornHustler
                                                                                            Confirmed User
                                                                                            • May 2009
                                                                                            • 456

                                                                                            #46
                                                                                            I just found out I had the same thing happen to me. Fucking t35.com thing. I am thinking it was with my phone but I dont know. I ran ccleaner on my home computer and going to see if that kills it. I changed my password on gmail afterwards.
                                                                                            Contact ICQ: 570768377
                                                                                            Sub 1:440 Blog Converting Sponsor

                                                                                            Comment

                                                                                            • Intrinsic
                                                                                              Confirmed User
                                                                                              • Jun 2008
                                                                                              • 1589

                                                                                              #47
                                                                                              Well yeah im on a mac.. wow didnt realize it was affecting so many others, yes and t35.com as well, what the hell

                                                                                              maybe this has something to do with the PSN hack? i dont have a PS3 but might have checked my email on it some time

                                                                                              Comment

                                                                                              • taken300
                                                                                                Confirmed User
                                                                                                • Oct 2009
                                                                                                • 989

                                                                                                #48
                                                                                                Originally posted by Konda
                                                                                                Since it also happened to Mac user and since it seems like many webmasters are affected I don't think it's a keylogger issue. It seems more like some sponsor's user database has been hacked and these users had the same password for their gmail account as they had at that sponsor.
                                                                                                Interesting... However if you search for keyloggers for mac or windows or linux.. You can find any number.. And also when people add or download some freely available program and run it.. most of cases these programmes carry active virus.
                                                                                                Search Engine Optimization Services - Mainstream and Adult !!
                                                                                                Submission to 100 Adult Link Dump Sites- No reciprocal link required
                                                                                                100 Animoto Videos + Youtube Upload + 1 website link every video = $110

                                                                                                I*C*Q : 374*04124*3
                                                                                                S*k*y*p*e : arde*ndo*1
                                                                                                G*t*a*l*k : seo*joint*@gmail(dot)com
                                                                                                (remove "*")

                                                                                                Sex Cams Free Sex Cam Sex Cams

                                                                                                Comment

                                                                                                • PenisFace
                                                                                                  Confirmed User
                                                                                                  • Oct 2003
                                                                                                  • 3774

                                                                                                  #49
                                                                                                  Some filthy bastard from China hacked my oldest gmail account about 6 months ago. Fortinutely it was used purely for signing up for automotive message boards, gaming boards, and other hobby related stuff. I was quite shocked when I logged in, and among the 50,000,000,000 spam emails was a warning, "omg lol u hacked sry bro".

                                                                                                  I make new gmail accounts all the time though, i prefer fresh ones. Damn chinese guy can have it.
                                                                                                  Need custom blog posts or articles? Hit me up: Blog And Article Writer

                                                                                                  Yes, I can do any kind of custom orders, too!

                                                                                                  ICQ: 641204000

                                                                                                  Comment

                                                                                                  Working...