Pidgin seems to be hijacked
I encounter a problem. After logining to pidgin, many of my friends reply my im send some spam message or link. It looks like my msn account is hacked. So I change msn account password; however, it seems that msg is still sent out. I check with rkhunter and chkrootkit. Both report no rootkits found. In addition, checking auth log there is no specific message indicating machine is compromised. Some services e.g. apache, sshd had been removed long time ago before this event happened. Also, this event happens after another event I suspect it might have relation. My google chrome sometimes returns `Error 101 (net::ERR_CONNECTION_RESET): The connection was reset.', which did not happen previously.
Any other place that I can check if anything goes wrong? Or reinstallation is the only choice?
Environment: Debian wheezy/sid, Pidgin 2.10.0 (libpurple 2.10.0), google chrome 15.0.874.121
Thanks.
|