The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis: yahoo email hack exploit

Former Yahoo Employee Admits Hacking into 6000 Accounts for Sexual Content

Former Yahoo Employee Admits Hacking into 6000 Accounts for Sexual Content

October 02, 2019Swati Khandelwal
An ex-Yahoo! employee has pleaded guilty to misusing his access at the company to hack into the accounts of nearly 6,000 Yahoo users in search of private and personal records, primarily sexually explicit images and videos. According to an press note released by the U.S. Justice Department, Reyes Daniel Ruiz , a 34-year-old resident of California and former Yahoo software engineer, admitted accessing Yahoo internal systems to compromise accounts belonging to younger women, including his personal friends and work colleagues. Once he had access to the users' Yahoo accounts, Ruiz then used information obtained from users' email messages and their account's login access to hacking into their iCloud, Gmail, Facebook, DropBox, and other online accounts in search of more private material. Besides this, Ruiz also made copies of private images and videos that he found in the personal accounts of Yahoo users without their permission and stored them on a private computer a
Yahoo Mail hijacking exploit available for $700

Yahoo Mail hijacking exploit available for $700

November 27, 2012Mohit Kumar
An Egyptian hacker " TheHell " is selling an exploit in $700 that allows individuals to hijack a Yahoo! email account. The method is shown off in a video that was posted on YouTube. A cross-site scripting (XSS) flaw on Yahoo! Mail creates a means to steal cookies and hijack accounts. In order to work, the victim must click on a malcious link. Upon doing so, the user's cookies will be stolen and he or she will be redirected back to the Yahoo! email home page. " I'm selling Yahoo stored xss that steal Yahoo emails cookies and works on ALL browsers ," "TheHell" explained. " And you don't need to bypass IE or Chrome xss filter as it do that itself because it's stored xss ." Yahoo! has been notified and is looking for the security hole, which it says can be fixed in a few hours once discovered. They says this XSS flaw falls into the category of a stored vulnerability, which inserts malicious code into a file, database, or back-end system. The mali
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.