GMA News Online

Microsoft rushes fix after hackers compromise Hotmail accounts

April 28, 2012 10:11am
Microsoft rushed to fix a major vulnerability in its Hotmail email service that had allowed hackers to reset account passwords and lock out the account's real owners.

News of the critical bug spread among hackers, such that they offered to break into Hotmail accounts for as little as $20, computer security firm Sophos said.

"It appears that the vulnerability existed in Hotmail's password reset feature. Hackers were able to use a Firefox add-on called Tamper Data to bypass the normal protections put in place to protect Hotmail accounts," Sophos said in a blog post.

Also, it cited reports that Moroccan hackers were actively exploiting the situation and planned to reset the passwords of 13 million Hotmail users.

Worse, several videos in Arabic were posted on YouTube showing how the flaw could be exploited.

Sophos theorized the hackers aimed to steal Hotmail users' identities and access other online accounts of the victims.

"What isn't known is just how many of Hotmail's 350 million users might have been impacted by the serious security vulnerability – Microsoft certainly isn't saying," it said. — LBG, GMA News
Go to comments

We welcome healthy discussions and friendly debate! Please click Flag to alert us of a comment that may be abusive or threatening. Read our full comment policy here.
Comments Powered by Disqus