seminar on yahoo mail cyber attack
TRANSCRIPT
SEMINAR ON YAHOO MAIL CYBER ATTACK
Submitted to: Submitted by:Sr. Lect. Shikha Maheshwari Rohit kumar mishraSr. Lect. Arihant Jain
Yahoo Mail
Yahoo is the second-largest email service worldwide, after Google's Gmail, according to the research firm comScore.
There are 273 million Yahoo mail accounts worldwide, including 81 million in the U.S.
What happened In Yahoo Mail Cyber Attack
The cyber attack on yahoo was on 30 jan 2014.
The attackers likely targeted third-party databases to obtain customer usernames and passwords.
company said that on 30 jan 2014, a “handful” of its servers were impacted but said there was no evidence of a compromise to user data.
Yahoo Inc. said in a blog post on its breach that "The information sought in the attack seems to be names and email addresses from the affected accounts most recent sent emails."
Company Statement After Accounts were hacked
Reaction Of Yahoo On Attack Yahoo said it is resetting passwords on
affected accounts and has "implemented additional measures" to block further attacks.
The company would not comment beyond the information in its blog post. It said it is working with federal law enforcement.
Continued…
“These attackers had mutated their exploit, likely with the goal of bypassing IDS/IDP or WAF filters”.
This mutation happened to exactly fit a command injection bug in a monitoring script our Sports team was using at that moment to parse and debug their web logs.
What was the Criminals' End-Game?
By reading the recent emails found in the Inbox and Sent mail, the criminals are likely able to determine other places where the Yahoo email user has additional accounts.
Based on our current findings, the list of usernames and passwords that were used to execute the attack was likely collected from a third-party database compromise.
Type Of File Used
The bit.ly URL that is used in the attachment to the affected users.
The attackers have apparently been referencing a non-existent MSNBC news report in the email.
Redirects to a fake MSNBC page that reportedly hijacks your Yahoo Mail account immediately if you are logged in.
Techniques by which cyber attacks are done
Socially engineered Trojans
Unpatched software
Phishing attacks
Socially engineered Trojans Socially engineered Trojans provide the
No. 1 method of attack .
An end-user browses to a website usually trusted - which prompts him or her to run a Trojan.
The user executes the malware, clicking past browser warnings that the program could possibly be harmful.
Countermeasure For Socially engineered Trojans Social engineered Trojans are best
handled through end-user education that's informed by today's threats.
An up-to-date antimalware program can't hurt, but strong end-user education provides better bang for the buck.
Unpatched software
Coming in a distant second is software with known, but Unpatched exploits.
The most common Unpatched and exploited programs are Java, Adobe Reader, and Adobe Flash.
Countermeasure For Unpatched software
Stop what you're doing right now and make sure your patching is perfect.
If you can't, make sure it's perfect around the top most exploited products, including Java, Adobe, browser admins, OS patches, and more.
Phishing attacks
Everything looks great; it even warns the reader not to fall for fraudulent emails. The only thing that gives them away is the rogue link asking for confidential information.
Approximately 70 percent of email is spam.
Countermeasure For Phishing attacks Decreasing risk from phishing
attacks is mostly accomplished through better end-user education -- and with better antiphishing tools.
Make sure your browser has antiphishing capabilities.
Method Used To Hack Yahoo Mail The phishing method was used in
yahoo mail cyber attack .
In general it is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.
Type Of Phishing
Spear phishing
Clone phishing
Whaling
Rogue WiFi (MitM)
Spear phishing
Phishing attempts directed at specific individuals or companies have been termed spear phishing.
Attackers may gather personal information about their target to increase their probability of success.
This technique is, by far, the most successful on the internet today, accounting for 91% of attacks.
Clone phishing
A type of phishing attack whereby a legitimate, and previously delivered, email containing an attachment or link has had its content and recipient address(es) taken and used to create an almost identical or cloned email.
The attachment or link within the email is replaced with a malicious version and then sent from an email address spoofed to appear to come from the original sender.
Whaling
Several recent phishing attacks have been directed specifically at senior executives and other high profile targets within businesses, and the term whaling has been coined for these kinds of attacks.
Rogue WiFi (MitM)
Attackers set up or compromise free Wifi access-points, and configure them to run man-in-the-middle (MitM) attacks, often with tools like sslstrip, to compromise all access point users.
What Yahoo Have Done After Attack
The company has taken a few steps to ensure your security is restored by sending notification e-mails that instruct users who's Yahoo Mail accounts have been broken into to change their passwords.
They asked the users who got in touch with them if they got such an email and clicked on the link.
The Steps To Be Followed When Yahoo Account Has Hacked
If your Yahoo Mail account has been hacked, you should make sure to change log-in credentials.
If you have a similar user name at Gmail or Twitter or any other social networking site, it would be a good idea to change that information as well.
Be wary of any odd e-mails from the Yahoo contacts and never click on any links inside of messages.
THANK YOU