[svlug] [OT] Mass Yahoo account compromise?

Rick Moen rick at linuxmafia.com
Wed Sep 29 01:13:21 PDT 2010

Quoting Tim Utschig (tim at tetro.net):

> [link purposefully mangled]
> On Fri, Sep 24, 2010 at 12:21:09PM +0000, andrewbfife at yahoo.co.uk wrote
> (to volunteers at lists.svlug.org):
> > hxxp://www.jarn.cpillsx.cxm

[/me quickly checks
http://lists.svlug.org/archives/volunteers/2010q3/date.html ]

I actually hadn't _seen_ that spam sent from Andrew's compromised
yahoo.co.uk account to the Volunteers list, because the spam-rejection
on my own system's MTA is good enough that it didn't get through at all.
Thank you for mentioning it, else I wouldn't have known.

I would actually appreciate it if people would inform me offlist about
any spam successfully reaching SVLUG mailing lists.  (I am not
complaining about your posting, Tim.)

As it happens, on Monday I _did_ see a mail-held notice from Mailman to
the listadmins about what was obviously a spam from Andrew's Yahoo
account, which was held in the admin queue on the Web-Team mailing list
because of 'too many recipients'.  I telephoned Andrew to inform him
that someone had broken into his Yahoo account:  He knew, and is
attempting to re-secure it.  After checking with him that he's OK with
doing so, I set a Moderated flag on all his SVLUG mailing list
memberships, which I said I'd gladly clear as soon as he feels he's back
in control.

FYI, I've just regenerated the Volunteers mailing list archive to omit
the spam, as it's our policy to make sure spammers cannot use SVLUG to
generate Web hits.

More information about the svlug mailing list