Researcher Defies Microsoft's Report on the Root Cause of Hijacked Hotmail, Gmail, and Yahoo Passwords

Now is the time to change your password regardless if the recent hijacking of 30,000 web-based email accounts proves to be a massive phishing attack or one from a botnet or keylogging applications.

By now, if you have been following all of the recent news on 30,000 web-based email account login credentials being stolen and posted online, you are almost sick of hearing about it. It is still rather important that computer users know how this happened and how to keep themselves safe from future attacks. The only problem is, no one is 100% sure of what the root cause of the hijacking was.

Some security researchers are claiming that the recent hijacking of thousands of web-based email accounts was the result of a phishing attack while others believe it was a harvest performed by computers with keylogging or Trojan software that came from botnets. Both methods have proven to be successful in the past such as in the case where cyber-criminals used phishing scams to steal login credentials from Twitter users or when a botnet is able to inject malicious software onto a large number of computers with the intent to rip off personal data.

Microsoft and Google have explained that the hijacked accounts were obtained in a massive phishing attack while others, such as senior security researcher at ScanSafe, Mary Landesman, believes it was caused by botnets that infected computers with data stealing Trojans and keylogging software. Why does she refute Google and Microsoft’s account? Mainly because she believes phishing attacks are not a wildly successful scam. Landesman goes on to say, "Another indicator is the sheer number of compromised accounts," then she says in regards to the two public lists of compromised accounts, "Phishing is not generally a wildly successful scam, it doesn't have a big return. People are more savvy about phishing than we give them credit for."

Another aspect of the hijacking that must be taken into consideration when determining the root-cause, is that the larger list of 20,000 compromised email accounts, was made-up of accounts from Hotmail, Gmail, Comcast, Earthlink and Yahoo. This makes the attack very broad making it across multiple services.

In the logical sense, if it was a botnet attack that was able to compromise the account information, then it was very-well doable because of the fact that the majority of botnets have a core function for being able to harvest e-mail credentials. On the other hand, if it was a phishing attack that resulting in thousands of compromised email accounts, then it was also do-able considering over 50,000 accounts were compromised when phishers target a specific ISP with millions of users according to Dave Javans of the Anti-Phishing Working Group (APWG).

CNN has already reported that the recent email accounts hijacking were the result of the largest email phishing scheme in two years demonstrated in the video below.

Once again, regardless of what caused the latest web-based email account hijacking, you must take the necessary precautions by resetting your password. You may also follow our 5 easy steps to keep your Gmail, Hotmail, Yahoo and other online accounts away from hackers.