Gmail hacked?

Cheetah Designs · 14 Nov 2010 at 21:43

Just got home from a restaurant to find a load of Mail Delivery Failures for an email I never sent to a load of email addresses:

Code:

Delivery to the following recipient failed permanently:

     **some email**

Technical details of permanent failure: 
Message rejected.  See http://mail.google.com/support/bin/answer.py?answer=69585 for more information.

----- Original message -----

MIME-Version: 1.0
Received: by 10.216.231.160 with SMTP id l32mr5668317weq.98.1289768783312;  Sun, 14 Nov 2010 13:06:23 -0800 (PST)
Received: by 10.216.35.202 with HTTP; Sun, 14 Nov 2010 13:06:23 -0800 (PST)
Date: Sun, 14 Nov 2010 21:06:23 +0000
Message-ID: <[email protected]>
Subject: Hi
From: **me**
To: **load of emails here**
Content-Type: text/plain; charset=ISO-8859-1

http://phpmotion.com/cache/index.php

Just logged into gmail to find this:

What is going on? I use a safe password and am safe with all my accounts?

Thanks.

Cheetah Designs · 15 Nov 2010 at 10:52

Some of the email addresses were of people I know/were in my address book, that's why I am a bit worried.

I will check out the ip thing later.

Thanks for the replies so far.

Cheetah Designs · 15 Nov 2010 at 13:17

Checked the details part as suggested and found this:

Browser Russia (89.221.200.198) 14 Nov (16 hours ago)

That means someone actually cracked my password and logged in from Russia doesn't it? Is there anyway to find out how? Brute force attack?

Steameh said:
Have you got an Android phone by any chance?

No. Blackberry.

Cheetah Designs · 15 Nov 2010 at 13:26

iviv said:
More likely you use the password on multiple sites, and they got the password like that. Or possibly a flash ad exploit got a keylogger onto your system.

I have different passwords for different things. The particular password is something I only ever use for things I want secured...obviously I have changed it everywhere.

...the keylogger thing sounds interesting though....how would I check/ensure I am protected against such a thing.....generally if I think I am going to visit a dodgy site I will load up a different browser to look.

Cheetah Designs · 15 Nov 2010 at 21:15

Right ok....learning some lessons here.

Came across this: http://lifehacker.com/software/geek...re-your-saved-passwords-in-firefox-154099.php

How secure is that? Is it the same as using KeePass? Secure for things that need top security like paypal and banking and the likes? Is it possible to share the database at all?

Cheetah Designs · 15 Nov 2010 at 21:25

tntcoder said:
It's very secure, but it's also annoying because of the number of times you will be prompted for the master password.

Use KeePass instead for better usability.

What do you mean...it says every time you start firefox?....or is it more times than that in reality?

Cheetah Designs · 15 Nov 2010 at 21:46

tntcoder said:
When I tested it it prompted me far more times than really required, but that does offer you slightly stronger security as it isn't maintained in memory when not needed.

You won't go wrong security wise with either Firefox + master password or KeePass though, but keepass offers you much more features for the job.

I can't seem to get KeePass to integrate with Firefox though...do you know of a tutorial for this?

Thanks for your responses.

EDIT: Also, is it bad practise to keep things logged in?....I remember once reading about cookie stealers.

Cheetah Designs · 15 Nov 2010 at 22:20

tntcoder said:
It's not exactly good practice but this isn't an ideal world if it's just you that uses you're pc then don't worry about it. Cookies will normally only be valid from your IP, so unless someone on your LAN is questionable then cookie theft shouldn't be a problem. Uni networks, public wifi etc are of course a different story though.

Forgive my ignorance, but aren't IPs easily to spoof?

Cheetah Designs · 15 Nov 2010 at 22:31

tntcoder said:
Nope, conversely IP spoofing can only be done for very specific things (UDP), typical internet communications (TCP) not being one of them.

Ah right...OK, what about Cooking Stealing.....after a bit of googling it appears that it can only steal cookies from the site that you are currently on and most sites only allow you to use cookies with certain IPs...

...is that correct?

Cheetah Designs · 16 Nov 2010 at 13:13

Right ok....given all the information in this thread I have come up with a new plan.

- 1 strong different password for internet banking (that I can remember).
- 1 strong different password master password for firefox (that I can remember).
- Different passwords for all other services which are as strong as the service allows but I dont have to remember these and are stored in firefox password manager.
- Sync my firefox profile among all computers using Firefox Sync
- Only keep sessions logged in if I am on my home computer, else logout.

Can anyone see any flaws with my plan?....I assume syncing the passwords and everything will be encrypted and safe with Firefox Sync as it encrypts using key technology and only I know the key?