• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • About Darknet
  • Hacking Tools
  • Popular Posts
  • Darknet Archives
  • Contact Darknet
    • Advertise
    • Submit a Tool
Darknet – Hacking Tools, Hacker News & Cyber Security

Darknet - Hacking Tools, Hacker News & Cyber Security

Darknet is your best source for the latest hacking tools, hacker news, cyber security best practices, ethical hacking & pen-testing.

Hotmail Exploit Has Been Silently Stealing E-mail

May 24, 2011

Views: 15,783

We haven’t reported a whole lot about Hotmail over the years, probably because since Gmail took over – Hotmail has mostly taken a backseat.

The most recent report we had was about SSL and how Hotmail Always-On Encryption Breaks Microsoft’s Own Apps.

The latest news is there has been a nasty bug in Hotmail for a while that has been actively exploited allowing malicious senders to snoop on e-mail and even add forwarding rules to the victim account.

Microsoft has patched a bug in its Hotmail email service that attackers were exploiting to silently steal confidential correspondences and user contacts from unsuspecting victims.

The vulnerability was actively being exploited using emails that contained malicious scripts, Trend Micro researcher Karl Dominguez said Monday. Successful attacks required only that a Hotmail user open the malicious email or view it in a preview window. The commands embedded in the emails uploaded users’ correspondences and user contacts to servers under the control of attackers without requiring the victim to click on links or otherwise take any action.

The scripts also also had the capability of enabling email forwarding on the targeted Hotmail account, allowing attackers to view emails sent to the victim in the future.

Trend Micro researchers learned of the in-the-wild attacks after a colleague in Taiwan received one of the booby-trapped emails. The email purported to be a security warning concerning the victim’s Facebook account.

This attack has been going on in the wild for at least 2-3 weeks – that’s the confirmed time frame anyway. It may have been going on for much longer than that, no one really knows.

Microsoft isn’t telling us anything, nothing at all? I’d personally like to know how many users/accounts were effected? Have they notified these users? What exactly are they doing to mitigate the loss of personal data and so on.

I wonder if this will get legal like the whole Sony case that’s blowing up right now, I’d guess not as Hotmail users tend to a less Internet savvy kind of crowd. I mean seriously how many of you guys/gals use Hotmail as your primary account? I’d guess probably none.

Most of you probably have a Hotmail account but use it as a secondary/tertiary account for signing up to forums etc and spam.

Trend first disclosed the bug on May 13. Monday’s blog post said Microsoft has since plugged the hole, which resided in CSS, or cascading style sheet functionality, but didn’t say when.

“The attack takes advantage of a script or CSS filtering mechanism bug in Hotmail,” Dominguez wrote. “Microsoft has already taken action and updated Hotmail to fix the said bug.”

The vulnerable code helped inject a character into a Hotmail filtering mechanism that changed the way it behaved. The result was a platform that ran arbitrary commands in a user’s Hotmail login session.

It’s unclear how many Hotmail users may have been affected by the exploits and whether Microsoft has adequately warned users they may have been compromised. Microsoft spokesman Bryan Nairn wouldn’t say how many subscribers were targeted or when the patch was put in place

Microsoft claims they have fixed the bug but that’s really all they are saying, they aren’t saying when the knew about the problem or when it was patched – just that right now it is fixed.

You can read the May 13th blog post by Trend Micro here:

Targeted Attack Exposes Risk of Checking Personal Email at Work

And their later, more detailed post here:

Trend Micro Researchers Identify Vulnerability in Hotmail

Source: The Register

Share
Tweet106
Share44
Buffer
WhatsApp
Email
150 Shares

Filed Under: Exploits/Vulnerabilities, Privacy, Web Hacking Tagged With: hotmail, trend micro



Reader Interactions

Comments

  1. kurt wismer says

    May 24, 2011 at 7:01 pm

    on the question of who uses hotmail as their primary account, it’s worth noting that some organizations outsource their email to hotmail – and not just small companies but even major internet service providers.

    bell canada, one half of the isp duopoly in canada (under the brand name sympatico), have off-loaded their email service into the hands of hotmail. even though the addresses have a sympatico.ca domain, you log into the webmail interface through microsoft’s service.

    as such, there’s probably a lot more people using hotmail than anyone realizes (because because bell canada is probably not unique in this regard).

    • Darknet says

      May 25, 2011 at 7:50 am

      Very valid point you have there kurt. But then again how many people really use ISP allocated accounts? No doubt there is a lot of them, but are people really using them?

  2. Somebody says

    May 25, 2011 at 7:49 am

    What a motherfucking load of crap, just another reason not to use microfuck

    • Everyone Else says

      May 26, 2011 at 2:38 pm

      Wow. Very constructive feedback, Somebody. That was helpful.

  3. NNM says

    May 27, 2011 at 12:32 pm

    I still feel that hotmail is safer than gmail, yahoo, or any other free web based service.
    Maybe a false sense of security… But I still trust Microsoft. (And over the last year, I’ve lost ALL trust in google. They are evil..)
    I get almost no spam at all on most hotmail accounts, except those created for the purose of signing up to things I don’t trust.

    And I don’t believe this can be compared to Sony. Not at all. You don’t give your credit card info to hotmail. No personal information either. And it’s free. And I’m pretty sure the situation is described in the terms of use, even though I don’t remember any of it.

    • brad says

      May 27, 2011 at 4:50 pm

      1) Why exactly have you a reason to think hotmail is more secure than gmail/yahoo?

      2) So you only get spam on the accounts you use for things that could get you spammed……. and then make a connection between this and the difference between gmail and hotmail how?

      3) Are you kidding? No personal info in email?

      4) Are you kidding? Remember it? How did you ever manage to read it?

  4. brad says

    May 27, 2011 at 3:42 pm

    Hmm…

    CSS you say? I think I know exactly what the hack is then! It’s one which pretty much every website which allows style attributes is vulnerable to right now. The irony is, it is really only IE that can be hit by it.

Primary Sidebar

Search Darknet

  • Email
  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Advertise on Darknet

Latest Posts

Falco - Real-Time Threat Detection for Linux and Containers

Falco – Real-Time Threat Detection for Linux and Containers

Views: 301

Security visibility inside containers, Kubernetes, and cloud workloads remains among the hardest … ...More about Falco – Real-Time Threat Detection for Linux and Containers

Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Views: 594

As threat surfaces grow and attack sophistication increases, many security teams face the same … ...More about Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance

Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked)

Views: 556

With more businesses running Linux in production—whether in bare metal, VMs, or containers—the need … ...More about Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked)

SUDO_KILLER - Auditing Sudo Configurations for Privilege Escalation Paths

SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths

Views: 594

sudo is a powerful utility in Unix-like systems that allows permitted users to execute commands with … ...More about SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths

Bantam - Advanced PHP Backdoor Management Tool For Post Exploitation

Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

Views: 451

Bantam is a lightweight post-exploitation utility written in C# that includes advanced payload … ...More about Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

AI-Powered Cybercrime in 2025 - The Dark Web’s New Arms Race

AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Views: 677

In 2025, the dark web isn't just a marketplace for illicit goods—it's a development lab. … ...More about AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Topics

  • Advertorial (28)
  • Apple (46)
  • Countermeasures (228)
  • Cryptography (82)
  • Database Hacking (89)
  • Events/Cons (7)
  • Exploits/Vulnerabilities (431)
  • Forensics (65)
  • GenAI (3)
  • Hacker Culture (8)
  • Hacking News (229)
  • Hacking Tools (684)
  • Hardware Hacking (82)
  • Legal Issues (179)
  • Linux Hacking (74)
  • Malware (238)
  • Networking Hacking Tools (352)
  • Password Cracking Tools (104)
  • Phishing (41)
  • Privacy (219)
  • Secure Coding (118)
  • Security Software (235)
  • Site News (51)
    • Authors (6)
  • Social Engineering (37)
  • Spammers & Scammers (76)
  • Stupid E-mails (6)
  • Telecomms Hacking (6)
  • UNIX Hacking (6)
  • Virology (6)
  • Web Hacking (384)
  • Windows Hacking (169)
  • Wireless Hacking (45)

Security Blogs

  • Dancho Danchev
  • F-Secure Weblog
  • Google Online Security
  • Graham Cluley
  • Internet Storm Center
  • Krebs on Security
  • Schneier on Security
  • TaoSecurity
  • Troy Hunt

Security Links

  • Exploits Database
  • Linux Security
  • Register – Security
  • SANS
  • Sec Lists
  • US CERT

Footer

Most Viewed Posts

  • Brutus Password Cracker – Download brutus-aet2.zip AET2 (2,297,602)
  • Darknet – Hacking Tools, Hacker News & Cyber Security (2,173,103)
  • Top 15 Security Utilities & Download Hacking Tools (2,096,638)
  • 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) (1,199,691)
  • Password List Download Best Word List – Most Common Passwords (933,521)
  • wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download (776,170)
  • Hack Tools/Exploits (673,298)
  • Wep0ff – Wireless WEP Key Cracker Tool (530,183)

Search

Recent Posts

  • Falco – Real-Time Threat Detection for Linux and Containers May 19, 2025
  • Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance May 16, 2025
  • Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked) May 14, 2025
  • SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths May 12, 2025
  • Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation May 9, 2025
  • AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race May 7, 2025

Tags

apple botnets computer-security darknet Database Hacking ddos dos exploits fuzzing google hacking-networks hacking-websites hacking-windows hacking tool Information-Security information gathering Legal Issues malware microsoft network-security Network Hacking Password Cracking pen-testing penetration-testing Phishing Privacy Python scammers Security Security Software spam spammers sql-injection trojan trojans virus viruses vulnerabilities web-application-security web-security windows windows-security Windows Hacking worms XSS

Copyright © 1999–2025 Darknet All Rights Reserved · Privacy Policy