divalas.vegas

[External Poster]

This posting is from: annie
----------

This is primarily directed to users of Hotmail and Yahoo, but
others should be aware of this too.

This involves some of your personal information leaking out,
which in some cases is potentially embarrassing!

Over the past several days we've been seeing quite a bit of
spam received by the various DLV accounts which has been
sent out in the names of known DLV attendees and users of
the Discussion Forum. The content of this spam is typical,
simple one-liners with a link to porn or drug sites.

However, included with the spam are several addresses in the
"To:" field consisting of names and addresses which are in
the users' address books and contact lists. Yes, for those
of you whose systems are compromised, I and the others who
receive DLV incoming mail can see things like who you have
been corresponding with, what Yahoo groups you're subscribed
to, etc., and, if they know where to look, so can all of
the others who receive these unwanted e-mails!

To the techies among us, this shows the patterns of one of the
variants of the "Hotlan" trojan.

In one particularly troublesome case we investigated, we were
able to solve the issue by taking these steps:

1. Change the Hotmail (or Yahoo) password using a known-clean
computer system, one that is trusted which is not used to
access the Hotmail or Yahoo account.

2. Run an up-to-date malware (anti-virus, anti-trojan, etc.)
scanner on the machine which is normally used to access the
Hotmail (or Yahoo) account.

Please be sure that your security software is up to date and
that you have secure passwords on your various on-line accounts.

----------
(This posting was entered by annie, an external user of MyDLV.)