Wife's Gmail account cracked

Printable View

25-11-2010, 09:40 AM
Phage

Wife's Gmail account cracked

We've changed passwords on all the accounts, and multiple different AV scans show nothing. Any ideas on anything I may have missed ?
Wipe and re-install ?
25-11-2010, 09:49 AM
kalniel

Re: Wife's Gmail account cracked

Quote:

Originally Posted by Phage

We've changed passwords on all the accounts, and multiple different AV scans show nothing. Any ideas on anything I may have missed ?
Wipe and re-install ?

Browser cache/cookies. Consider adding some form of click jacking/clear frame protection via script stoppers/anti-phishing tools to the browser. Which DNS provider? Consider moving to google or openDNS. Check wi-fi/router security.

Is the account accessed on any other machines/devices? Mobile devices are quite bad for security as they'll often store logged-in cookies.
25-11-2010, 09:58 AM
Phage

Re: Wife's Gmail account cracked

Using NoScript already on latest FF.
Router is on WPA2
DNs eh ? It's the standard for the ISP. I'll have a look when I get home.

EDIT: Yes - on her Android. Unlikely that's been cracked I would have thought. I know Andoid is full of holes, but without physical access, how would it get broken ?
25-11-2010, 11:46 AM
jimbouk

Re: Wife's Gmail account cracked

Has she got any apps which she logs into google services with? They could easily be using her login once they have it.
25-11-2010, 11:50 AM
kalniel

Re: Wife's Gmail account cracked

Quote:

Originally Posted by Phage

Using NoScript already on latest FF.
Router is on WPA2
DNs eh ? It's the standard for the ISP. I'll have a look when I get home.

EDIT: Yes - on her Android. Unlikely that's been cracked I would have thought. I know Andoid is full of holes, but without physical access, how would it get broken ?

Mobiles are often set up to auto connect to free wi-fi spots. Hacker only needs to use the same SSID as a free spot and your MID will connect to it, exchange packets, and if queried correctly, give up login cookies for things like facebook. No physical access required. I would have thought gmail is more secure than that, but could be wrong.

http://www.bbc.co.uk/blogs/thereport...king_wifi.html
25-11-2010, 12:04 PM
Phage

Re: Wife's Gmail account cracked

Yes - this is the firesheep 'man-in-the-middle' atack ?
As she works in a rural area I had turned off the WiFi to save battery time. Also all Gmail is cinfigured to be SSl from the start now.
25-11-2010, 12:05 PM
Phage

Re: Wife's Gmail account cracked

Quote:

Originally Posted by jimbouk

Has she got any apps which she logs into google services with? They could easily be using her login once they have it.

Just the usual - Gmail, Facebook etc.
25-11-2010, 02:13 PM
ArtAddiction

Re: Wife's Gmail account cracked

Weak password?

I'd also recommend change passwords to other accounts associated to Gmail, i.e. Hexus, Amazon, that may have the same password.

My brother had his gmail account hacked a long time ago, not sure how it happened, it just did, although he couldn't access it via web, he will still logged in via a email program & managed to rescue the account.
25-11-2010, 02:15 PM
Phage

Re: Wife's Gmail account cracked

Password was non-dictionary. Possibly too short at 6 characters though.
No sign of underhanded activities, but then all the other accounts have different passwords. Financial ones were very strong.