07 August 2011

Yahoo hacked - warning

Yesterday I uploaded a family history file to one of our groups on Yahoogroups, and today my wife wanted to have a look at it and her antivirus software chirped a warning.

I investigated and found it that the Yahoogroups site had been hacked, and all the filenames pointed to a malware site. A quick look at some other forums showed the same thing - the filenames had been hacked.

I've tried to report this to Yahoo! They don't make it easy. They tell you they only accept reports of technical vulnerabilities (which this is) from "the online security community" (whatever that may be). It's a bit like being mugged and wanting to report it to the police station and being told that you can only report it at the police station where you live, and then being told that you can only report it at the police station where you were mugged, and then being told, no, you must go to the police station where the mugger lives, and generally being given the run-around. Well my Yahoogroups files have been mugged, and so, I think, have a lot of other people's.

To check, hover your cursor over the link to the file you want to download from Yahoohroups. Look at the bottom left of your screen (in Firefox, I don't know about other browsers) and see the URL it shows you. If it says "yahoofs", back off. Wait for Yahoo! to fix it.

3 comments:

James Higham said...

I avoid Yahoo like the plague and your post here, Steve, seems to confirm that decision.

Steve Hayes said...

It seems that the Avast antivirus software was giving a false alarm, and the problem has now been fixed.

For more details see Net Shield False Positives on Yahoo Groups Files URLs.

It should be safe to download files from YahooGroups.

CherryPie said...

It is always best to err on the side of caution until more details are available.

LinkWithin

Related Posts with Thumbnails