rashbre central: in which one of my accounts became faux Chino-Russian and sent some election noise

Friday, 27 October 2017

in which one of my accounts became faux Chino-Russian and sent some election noise


Like almost everyone, I have a few dormant accounts sprinkled around the internet. The kind of things that get set up for a one-off purpose, left switched on but never quite get deleted and then are forgotten.

That's what happened to an old Skype account of mine, which someone managed to hack. I first noticed it when I started getting SMS messages in Russian related to a reset. Curious, I thought. I'd better take a look.

Sure enough, the old account had been illegally repurposed. A new userid had been added, similar to mine but with one letter different. The name had been changed to something faux-Chinese and the language had been reset to Russian.

I looked back through the history and realised they'd been looking for accounts with automatic top-up, rather than my otherwise locked-down account.

The account had been one of those pwned accounts in a well-publicised hack created when Microsoft merged Skype and Microsoft accounts but somehow left the Skype accounts as an alternative form of logon. The two-factor Microsoft account verification therefore didn't work for the Skype-based login.

This isn't new information, but illustrates the perils of (my?) lax housekeeping of an old account. It is possible that the renamed userid/email account was used to send out some spam mails before it was locked down by Microsoft. I'm wondering if messages were sent last year for the US elections or perhaps later for the British ones? Also just how many others were affected in a similar way and may still not even realise it has happened?

Fortunately, the recent half-hearted hacker attempt to re-instate the account does show me that the two-factor authentication is now working. And even more interesting is that I now have the hacker's complete profile.

No comments: