Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Yesterday my gmail account password was cracked and account used to send spams to the addresses in the contacts. The account was not my primary and did not have too many contacts. In all around 15 spams were sent to different accounts of gmail and other providers in the contacts. I searched for on the web and found some of the guys in Canada with same issues. They were not has fortunate as me and their accounts were used to send more than 500 spams. But google still says the passwords are safe but I have changed the password anyhow.
How true is it and is there any way of knowing from where was the account last used? Any way of getting the account details so that I can find from where in the geographical area was it used to send spams?
And has anyone else on LQ or acquaintance had the same issue?
124.13.180.168 was the IP address from which my account was accessed and a mobile device was used to access the account. It belongs in Malaysia. It does not have a valid domain name associated with it so I am assuming it to be a dynamic IP. But it does not even resolve to the ISP or the owner of the address.
The IP is registered with TELEKOM MALAYSIA BERHAD. An abuse mail can be put to them. Got the email address where I can register an abuse. Is it worth? I have the details at what time mails were sent and to whom.
What do you people suggest? Should I put down a mail to them?
Since Google has stated that the problem wasn't on their end, I'm wondering what the common denominator between all the users whose accounts were compromised is. Do you only access Gmail with GNU/Linux? Do you use a mobile phone to access it? Was the password strong? Are you sure you never used that password anywhere else on the WWW?
Yes most probably with Linux. Though google has not confirmed anything but there are rounds of speculations that there might be password thefts. And because I am not the only one to suffer the attacks, this could be something else as well. I have changed the password as well and it was not that weak password. I do not use mobile phones for accessing the mails. Usually home laptop or desktop. Even the laptops do not leave the home.
Trying not to be a d*ck about this one, but.... Honestly tell us, was your password strong or weak? If it is was strong, what about your security questions? Were they easy questions? Were the security answers based on personal information? This is where people mess up a lot... You don't know how easy it is to look someone up online, learn a few things about them, and hack away at their email and facebook just because they are not cautious whatsoever with personal security. Sorry about that, but that is mainly what I deal with whenever I have clients/customers/friends come to me about hacked accounts. Almost every single person I deal with either had a weak password, and/or the security questions and answers they used were so damn simple....
And by the way, I would honestly send that email... just not with the account you use that was hacked. I would definitely create a new account to report abuse to a foreign country.
I do not know what weak or strong you mean. It could be a relative and change with users perspective. The passwords I usually use have combination of Upper case, lower case, numbers and special characters. And it was not too short in length as well. More than 8 characters long. And I keep this where possible.
I have again changed the passwords and security question as well. And the passwords and the answers are not my birthdays, telephone nos, or other such things as well. But I understand that however security measures I or anyone take, you can not be foolproof secured on the internet. So whatever it may be. Damage was not that big. Only a few spams sent. Nothing much changed. I sent email to everyone who received the mail that it password was cracked and account was used to send spams. And that was it. And I dont even want to think about that guy whose account was hacked into and used to send more than 500 spams.
well thats good that you use stronger passwords then. it was probably an exploit or some shit most likely. and thats good that it wasnt too serious though. i have seen much worse, trust me....
Yes,Chaitanya you are right using a password with a combination of numbers,characters and other signs are really very much helpful. It is also very necessary to change the password after at least 15 days as it is said that one can easily detect the password in 15 days. It must not be shared with anyone weather it is friends or family. Using their name as our password is also very dangerous. I had seen many people who use very strong passwords but they are not able to remember them so they make excel sheet or write it at the back side of the keyboard which is not at all worth. To use different password for different account is very necessary.
Thats very important. And I remember it very well not to share my passwords with anyone not even family members. And because I use net facility for banking and paying all the bills with cards, I take care that I do change the passwords as well. And most of the times most of the passwords are different from others.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.