ihug email system hacked ??

Forums › One New Zealand (including Vodafone, WxC, Farmside) › ihug email system hacked ??

1101

3122 posts

Uber Geek

#159752 11-Dec-2014 17:04

Has the ihug email system been hacked ?

https://community.vodafone.co.nz/t5/My-Vodafone-more/email-ihug/m-p/169494

This looks exactly like whats happended to one of my customers. Lots of bouncebacks , laptop is clean (or an undectable virus). no obvious sign of spam email beinmg sent from laptop.
I now have another customer, ihug/voda just informed them their a/c has been spamming.
About to check that one soon, I'll bet its also clean

Andib

1363 posts

Uber Geek

ID Verified

Trusted

#1195696 11-Dec-2014 17:20

Typically due to insecure passwords.
The server isn't hacked just poor security on the end users part and spammers are using their SMTP address

<#
.DISCLAIMER
Anything I post is my own and not the views of my past/present/future employer.
#>

bizdiag

3 posts

Wannabe Geek

#1195997 12-Dec-2014 07:33

Crap - there is no such thing as a 100% secure password! Also how does that explain the 1000's of yahoo xtra customers that got hijacked a while back? Telecom had no hesitation in blaming Yahoo's poor security for that - not the accountholders

Jaxar

383 posts

Ultimate Geek

#1196041 12-Dec-2014 09:02

bizdiag: Crap - there is no such thing as a 100% secure password! Also how does that explain the 1000's of yahoo xtra customers that got hijacked a while back? Telecom had no hesitation in blaming Yahoo's poor security for that - not the accountholders

You are trying to relate to vaguely related things as if they are the same. The problem the OP is describing is a problem I dealt with multiple times a week working frontline support over 3 different ISP's. It in no way explains Spark's Yahoo problems. It doesn't try to because they are not related.

To OP.

The bad news about this type of problem is that the issue may not be with your customer. It may be that their email address is being spoofed elsewhere as the reply email address on spam being sent. As the bounce back emails are technically legitimate emails being sent back and under normal circumstances conveying important information to the sender naturally Vodafone's spam blocker does not stop the emails.

Please note: I have a professional bias towards Vodafone.

Zeon

3916 posts

Uber Geek

Trusted

#1196074 12-Dec-2014 09:43

Goes to show how those poorer email providers don't have basic things in place to stop spoofing such as SPF.....

Speedtest 2019-10-14

keewee01

1737 posts

Uber Geek

Trusted

#1196079 12-Dec-2014 09:48

Zeon: Goes to show how those poorer email providers don't have basic things in place to stop spoofing such as SPF.....

Poorer email providers? iHug is owned by Vodafone!

1101

3122 posts

Uber Geek

#1196100 12-Dec-2014 10:09

Andib: Typically due to insecure passwords.
The server isn't hacked just poor security on the end users part and spammers are using their SMTP address

Ive got to call BS :-)
If an email server is so decrepid that it cant spot dictionary attacks or hundreds of consecutive failed logins.......

And yet, Voda allowed them to reset the pass to one of the more shockingly insure passwords Ive seen, despite voda knowing the spam issues
with this account. This a/c had been temp disabled by voda for spamming (wasnt just spoofs)
Not just voda, other ISP's allow stupid email passwords .

I now have more info , so is looking more likely to be an issue with the users (same email a/c on multiple PC's and other issues I wont mention)
:-(

But anyway, just asking if any other ihug email users have had similar issues in the past few weeks.
probably all a co-incidence .

sorry if the thread got out of hand Demeter .

Demeter

709 posts

Ultimate Geek

Trusted

One NZ

#1196110 12-Dec-2014 10:15

Before this thread gets out of hand with misinformation:

1. Customer has a malware script on their machine which has hijacked their email client
2. Due to the large number of messages to invalid addresses, the account is disabled to prevent logins. Yes, we do actually monitor our SMTP server for these things and prevent offending accounts from running rampant.
3. This is not a Vodafone issue, merely a lack of proper security on the customer's end. The problem goes away when the customer gets their PC sorted.
4. In no way related to the Yahoo issue, at all.

AliExpress

Shop now on AliExpress (affiliate link).

bizdiag

3 posts

Wannabe Geek

#1196114 12-Dec-2014 10:24

BS indeed. First sensible post so far. Ihug is clearly just a pain in the arse for Voda, as is obvious from these security failures and the conspicuous absence of name IHUG from any of the services promoted on their website

Jaxar

383 posts

Ultimate Geek

#1196115 12-Dec-2014 10:25

My bad. I missed the line where it was actively VF who identify the issue as spam being sent and simply saw that the OP saying the computers were clean. Clearly they were not.

bizdiag: BS indeed. First sensible post so far. Ihug is clearly just a pain in the arse for Voda, as is obvious from these security failures and the conspicuous absence of name IHUG from any of the services promoted on their website

How do you go from saying the post is sensible to linking the issue to iHug? The post clearly states the customers computer was infected. iHug branding being missing isn't a conspicuous absence VF have not kept the brand of any company they have purchased, like BellSouth or TelstraClear.

Please note: I have a professional bias towards Vodafone.

1101

3122 posts

Uber Geek

#1196130 12-Dec-2014 11:02

I have yet to see ANY evidence of virus infections on the PC's
Everyone is jumping to conclusions(incl me) and mixing up & misreading replies

mrfte

83 posts

Master Geek

#1196137 12-Dec-2014 11:09

bizdiag: BS indeed. First sensible post so far. Ihug is clearly just a pain in the arse for Voda, as is obvious from these security failures and the conspicuous absence of name IHUG from any of the services promoted on their website

Issue has been explained clearly in 4 points. Not sure what else needs to be done. Rest is upto people's imagination I guess.

keewee01

1737 posts

Uber Geek

Trusted

#1196151 12-Dec-2014 11:37

1101: I have yet to see ANY evidence of virus infections on the PC's
Everyone is jumping to conclusions(incl me) and mixing up & misreading replies

What have you used to look? Are you relying solely on a desktop AV product, or have you downloaded and run some of the deep scanners, something like ComboFix?

bizdiag

3 posts

Wannabe Geek

#1197082 13-Dec-2014 22:03

Imagination? I prefer to deal in facts - real ones, not the pseudo type offered up by those with vested interests

xpd

Geek @ Coastguard NZ
13765 posts

Uber Geek

Retired Mod

ID Verified

Trusted

Lifetime subscriber

#1197127 14-Dec-2014 07:41

bizdiag: Imagination? I prefer to deal in facts - real ones, not the pseudo type offered up by those with vested interests

You appear to have a real issue with Vodafone/IHUG.

Gavin / xpd / FastRaccoon / Geek of Coastguard New Zealand

LinkTree