Home › Forums › Archives › Instant Messaging › Windows Live Messenger Support › MSN / WLM Archive › MSN Messenger exploit
- This topic has 5 replies, 4 voices, and was last updated 21 years, 2 months ago by bluerangerforever.
-
AuthorPosts
-
January 3, 2003 at 10:05 pm #13843DJHyperbyteMember
A few days ago some $(&(@*#$*&^@ flooded my MSN with “authorization requests” (e.g, the very annoying boxes you see when someone adds you).
I got over 1000 (and most likely even 5000 – didn’t count them, sorry guys) of those.
Results? Having to click cancel 5000 times? Of course not. MSN crashed on me. Whenever I sign in from an MSN messenger client it takes a long time, then it comes up with a bunch of windows.. and then decides to crash.
These requests are all from random, fake e-mail addresses.
sdlkfjsldkjf@sdlfkjsdf
bxlkjhvbzkjhdsf@nsdflkjhdfajdshf
Et cetera…If you are wondering why it takes a while for MSN to sign on, that’s because it has to send THIS list to my client:
Does anyone know how I can get rid of this huge list, and all the requests, so I can use my MSN account normally again?
If not, I’ll have to reset the account or get another one.
January 6, 2003 at 6:41 am #98848Jeff HesterKeymasterThat sucks! That list is stored by MSN on their servers. I’m not entirely sure why that alone would cause MSN to connect so slowly though.
Have you considered contacting [email protected] and asking if they can help pare down the bogus entries?
January 6, 2003 at 8:31 am #98850DJHyperbyteMemberQuote:quote:Originally posted by JeffThat sucks! That list is stored by MSN on their servers. I’m not entirely sure why that alone would cause MSN to connect so slowly though.
Have you considered contacting [email protected] and asking if they can help pare down the bogus entries?
It sucks indeed, but I know how it’s done now (and I can do it myself too now – payback time). It appears that all the accounts are indeed registered, just not confirmed. :/
January 12, 2003 at 4:22 pm #98851bluerangerforeverMemberI had 2 fake email addresses on my msn messenger list. 1 fake one came up like a month ago and the 2nd one came up this morning. I did put those 2 in the block list. Does MSN messenger have a bug or something when this happens?
January 12, 2003 at 4:36 pm #98849urxlncMemberQuote:quote:Originally posted by bluerangerforeverI had 2 fake email addresses on my msn messenger list. 1 fake one came up like a month ago and the 2nd one came up this morning. I did put those 2 in the block list. Does MSN messenger have a bug or something when this happens?
:eek:Bug:confused: What is a bug? A programming error that causes malfunction, if its a bug then, it should be creating its own .NET passport (which you say is fake) adding to your contact list and bothering you?
I guess it just a bot, designed and targeted to particular users, and how do you know that its fake? You just got two, maybe you have posted your emails somewhere and somone have added to their contact list.
March 3, 2003 at 6:30 pm #98847Jeff HesterKeymasterI just got hit yesterday by the same exploit DJHyperbyte reported. Over 900 add requests from obviously fabricated email addresses. I was away from the keyboard at the time of the attack, so they just backed up, consuming all available computer resources until my system was effectively locked up.
The frustrating thing is that these are not valid Passport accounts. They are all created using bogus email addresses which have the “email address not verified” text appended to them. It seems like a very simple, but effective solution against this exploit would be for MSN to allow us to ignore add requests from unverified email accounts. Otherwise, there really is no protection.
Any other ideas on how to prevent this kind of attack?
-
AuthorPosts
- You must be logged in to reply to this topic.