Products
Personal Monitor
Record PC users's actions, grab screenshots and passwords
Keylogger
Keystrokes recording software. Keylogger free trial
Hoverwatch
Cell phone and computer spy
Employee Monitor
Access and control the time spent by your workers
Terminal Monitor
Track employee activities on Terminal Server
Free Keylogger
Free keyboard logger keeps track of all typed text

Yahoo users’ personal data leaked

12 April 2013

yahooAccording to the experts of BitDefender, a developer of anti-virus tools, the hacking of a large number of mailboxes of Yahoo users was the result of a missed update of the WordPress CMS that was installed on the servers of the mail service.

The WordPress vulnerability that was used by the hackers had been known before and was only fixed in spring 2012. However, the CMS simply wasn’t updated on the developer.yahoo.com portal. After WordPress was hacked, the intruders managed to gain access to the cookie files of user sessions for the entire yahoo.com domain.

They used the obtained files and special JavaScript constructs on fake sites to get session-based access to a large number of mailboxes of Yahoo users.

User passwords were not compromised, but the hackers could read and send emails on behalf of Yahoo users. They could, for instance, gain access to users’ social accounts associated with the hacked mailbox.

At the moment, the consequences of the compromise threat have been dealt with. WordPress has been updated.