Yahoo email sending spam - virus?

Hey guys,

Lately I noticed a lot of yahoo users got hit by a lot of spam.   The email sends out from their account to all the yahoo address book recepients.  The user where the email came from doesn't have any viruses.  The AV software installed with latest definition and nothing cought up in quarantine.  

Can that be yahoo servers itself got hacked or could it be something on the recepient side?

Does anyone have same problems?
LVL 17
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

It's probably just someone spoofing email addresses as it's not that tough for spammers to do this.
Tiras25Author Commented:
But besides that all the recepients addresses from the senders address book are also there..
Davis McCarnOwnerCommented:
I saw this too, last week, with a GMail user.  Neither of her machines were infested AND all of the spam showed in her Sent Items folder at GMail.  My conclusion was that somebody had cracked her GMail password then used her account.  I had her change that password.
Normally, too, if GMail, HotMail, or Yahoo emails are sent using SMTP, those sent items do not appear in the web interface.
10 Holiday Gifts Perfect for Your Favorite Geeks

Still have some holiday shopping to do for the geeks in your life? While toys, clothing, games, and gift cards are still viable options for your friends and family, there’s more reason than ever to consider gadgets and software.

Shalom CarmelCTOCommented:
Either the yahoo account got hacked, or it is a new CSRF attack.
Has it happened again after passwords were changed?

Davis McCarnOwnerCommented:
Spammer do get email lists (from virueses diging addresses from mailboxes) and then permutate users X domains
There was 2 people you do not know whose virus infection turned into your grief.
BTW Yahoo has very well tuned spam filter...
hi! there this essentially happens when some of Yahoo! user clicks an alluring  link (in Yahoo! Mail/Messenger/Homepage..) , which takes them transparently and stealthily to some webpage having scripts to hijack/steal user cookies! (bunch of techniques involving cross-site scripting makes this possible)
*I wont elaborate more on stealing techniques on This Public forum!*

As its not involving any malware being downloaded into your system,hence none of the Antivirus SW will detect/object ! Those link mostly come in form of or such sort of free web hosting service address.

Once they get your passwords/user id, the bots log in using your credentials and propagate the same/similar link to everyone in your address book, many  users again click the link and this cycle continues!

So! moral of the story Never/Ever click any suspicious link even if it comes from a trusted friend! Never enter your credential in any other site except those of Yahoo!

The first and only remedy/solution is change your password promptly and make sure you never revert back to old passwords!

Hope this helps you in some way.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
& yes do not add/reply to new friend request from someone you are not very sure you know !
bbaoIT ConsultantCommented:
is Tiras25, the author. still here?
Tiras25Author Commented:
Hey bubao,
Still here! what's up?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.