my oldest gmail hacked 1st time in 5 years
 

time to up the passwords.. had an 8char that lasted a while

some IP in ecuador got into my account and was sending all my contacts a pharm link

only way I knew this was I was getting a shitload of undeliverables in my inbox

O well, gfy yourself hacker :321GFY

Probably a keylogger

you got it back yeah ?

happened to another person i know today too. maybe it's not an isolated incident.

metaman has one for sale lol

shit happens :Oh crap

I know someone who had that happen as well. Make sure you have your cell number within Google Gmail and you'll get your account restored when they verify you are the account holder. If you don't have a cell number in there, good luck getting it back.
WG

It can be million tricks how they got in, but try to find out what they used and prevent yourself from such attacks

i think i have it setup.. i went in to check and got hit with this (looks like gmail has its own protection):

This account has been locked down due to unusual account activity. It may take up to 24 hours for you to regain access.

Unusual account activity includes, but is not limited to:

Receiving, deleting, or downloading large amounts of mail via POP in a short period of time.
Sending a large number of undeliverable messages (messages that bounce back).
Using file-sharing or file-storage software, browser extensions, or third party software that automatically logs in to your account.
Leaving multiple instances of your Gmail account open.
Browser-related issues. Please note that if you find your browser continually reloading while attempting to access your Inbox, it?s probably a browser issue, and it may be necessary to clear your browser?s cache and cookies.

Hope you didnt have the password to anything else sat in there.

damn that sucks :(

This makes Meta Man's thread funnier.

Found HIM!

https://gfy.com/showthread.php?t=1019888

:1orglaugh

It sucks indeed...

use RoboForm :thumbsup

Same thing happened to me today too. Fucking hell.

YOU GUYS AREN'T USING INTERNET EXPLORER ARE YOU?

My guess.... Drive-by download keylogger: If you had activated Google Authenticator as soon as it became available [Like I Did], which is free BTW and ran an Intrusion Prevention System such as ThreatFire (also free) ... this wouldn't of happened.

Threatfire protects against known and 0day exploits: http://www.threatfire.com/

Google Authenticator: 2 factor login: http://www.google.com/support/accoun...opic=105628 4

Sometimes Threatfire will alert on false positives, like your web browser and instant messaging program as there is a short training period. (Just look at the .exe trying to communicate with the network and you should be able to tell if it's legit (firefox.exe, icq.exe) or non-legit (ufygsdft.exe, pornodownloder.exe).

When you browse "fucked up websites" use a sandboxing program such as SandBoxie to load a sand-boxed browser that loads in a secure, virtual environment.

http://www.sandboxie.com/ or a HIPS (Host Intrusion Prevention System) such as DefenseWall: http://www.softsphere.com/programs/

But who said you were attacked by a Windows trojan? What if it was a trojan horse on your mobile smartphone you downloaded from a non-legit "app store"... unlikely but that's also an attack vector. #JustSayin'

Crazy, I had it happen to me today too. My entire contact list and basically anyone I've ever sent an email to, got one. Also a pharm link. IP was from France. I was logged into gmail when a few emails were coming back. Immediately, I checked the IP list, saw someone from France had just logged in and I quickly changed the password and logged out. Was able to login fine and looks like it's ok now. Bastards!

Use 2-Step verification. It completely defeats keyloggers, for GMail anyway.

Nope. I'm on a Mac and I never use a phone to check my email.

I checked my Google account and it said there was a login from a mobile user in Sweden.

Is this the same link you guys are seeing?

http://xewopiqi.t35.com/

Poor bastards. I use HIPS at the desktop endpoint and have a SNORT sensor to block and alert me of suspicious activity/traffic on my home network.

Yep, same thing for me. The IP found in my account was in France also through a mobile user. Different sub-domains were used in multiple messages, but same domain.

I guess this is a pretty widespread event then. I wonder if Google knows (or cares) about it.

They don't.

Mine has been hacked to fuckers.....

Bosnia And Herzegovina (77.221.17.199)

so you are not the only one webmaster with the same site spammed? looks like some adult database was compromised, and you guys have same password there and to your emails also, oops ... :2 cents: lets get that crap solved :thumbsup

This seems to be quite huge. I got a quite some random webmasters sending me these type of links "http://daxohazo.t35.com/" so it seems quite some users are affected. Is it only happening to adult webmasters? Maybe some big program's user database has been hacked and these people use the same password for their gmail?

Well could be possible, I do use same password (and for gmail) for most programs not all but for the most part I do.

NEVER EVER use the same password for your email that you use on other sites. That is asking for trouble. You never know who has access to the passwords you use at sponsors and other sites.
Use LastPass and use random passwords for every single site where you create accounts. I don't even know my own gmail passwords, it's some random string.

Basically people use "keyloggers" to hack accounts... You need to change your password every after 1 month and use a long and alfanumeric password... I had a chat with a guy who was selling 1000's of gmail and yahoo hacked account password and 100% original. Always give a check to .exe files when you download via internet.

Ya I know, to late when it happens to you but once is enough of fuckaround to make me not want to do it again.

lol and now the abusive email replies are coming in from the people these fuckers spammed.

Since it also happened to Mac user and since it seems like many webmasters are affected I don't think it's a keylogger issue. It seems more like some sponsor's user database has been hacked and these users had the same password for their gmail account as they had at that sponsor.

Also install the newest version of JAVA. Remember to uninstall all the older versions.

Many drive-by installs happen directly through your browser - even if you don't click to download anything.

So update Java, and remove old versions :)
http://www.java.com/en/download/help/java_update.xml

people, as written before, it is not about your computers security, but it is hacked database sure, as many times in the past and many times in the future. no more doubt are needed, you just have to be more careful in choosing your passwords ... have luck and go through this drama everyone :thumbsup

You might already have a root kit hidden on your computer, so better to get rid of that first!

shame is that those companies who are hacked will never ever say that they got hacked and some time they do not care, i have reported some dangerous security holes to some companies in the past, but only one says thanks and some even dont fucking care and keep the holes opened ... dont trust anyone, trust yourself and do your best to keep safe, use different passwords to anywhere where its needed to be safe ... just wanted to say, have a nice day and surf safe everyone :thumbsup

Got the same spam, from the looks of the people in the To field it looks like at least some of the spam is to the list of affiliates that Mark Bauman of NA mistakenly put in the To field instead of the BCC field of the email he sent out when he departed NA over two years ago - that and the From shows Mark Bauman - probably forged.

Good info, thanks :thumbsup

I checked this page for older versions:

http://www.java.com/en/download/uninstall.jsp

and indeed I have one from 2007 on there. Look in Settings/Control Panel/Programs and Features to see if any old versions of Java exist or go to the above page and it will tell you:

"We have detected the following old versions of Java that are installed on your system:

* Java(TM) SE Runtime Environment 6 Update 1

These should be removed to ensure your system security."

Cool beans.

yup mine got hacked too
Mobile Malaysia (115.133.10.67) 9:18 am (3 hours ago)

probably some programs db got hacked... had the same password for gmail and some sponsor sites.... :Oh crap

I've got the same problem.
Someone had access using mobile agent from India, Czech and Thailand during 5 minutes.

Is this problem only with Gmail accounts?

Looks that way so far.

Happened to me yesterday too, same thing pharm....

Did you have there 2674 webmasters contact list by a chance?

I just found out I had the same thing happen to me. Fucking t35.com thing. I am thinking it was with my phone but I dont know. I ran ccleaner on my home computer and going to see if that kills it. I changed my password on gmail afterwards.

Well yeah im on a mac.. wow didnt realize it was affecting so many others, yes and t35.com as well, what the hell

maybe this has something to do with the PSN hack? i dont have a PS3 but might have checked my email on it some time

Interesting... However if you search for keyloggers for mac or windows or linux.. You can find any number.. And also when people add or download some freely available program and run it.. most of cases these programmes carry active virus.

Some filthy bastard from China hacked my oldest gmail account about 6 months ago. Fortinutely it was used purely for signing up for automotive message boards, gaming boards, and other hobby related stuff. I was quite shocked when I logged in, and among the 50,000,000,000 spam emails was a warning, "omg lol u hacked sry bro".

I make new gmail accounts all the time though, i prefer fresh ones. Damn chinese guy can have it.