[info]sylumgator in [info]07refugees

LJ spam bots?

anyine heard of this yet? About spam bots taking over LJs, deleting them and leaving a post that links to a malware site? This is the LJ I first heard about it on:

And a link to one of the members who has been keeping track/running info

I've not been following communities over there, so this is the first I have heard of it. Is squeaky safe?


It's been going on for a while now. There are posts on this comm with information.

In the sense that I think IJ is a blip on the Russian blogging scene compared to LJ, I think it's fairly safe for now. But there are of course no guarantees - the bot-makers may realize the LJ clones are an untapped market.
Thanks for linking that, I hadn't heard.
My understanding is that the LJ accounts that are particularly vulnerable are those that were created with older email addresses that their owner has since lost control of (and changed away from in their LJ records). Until recently, LJ had a standing process that your oldest/older email addresses of record could always be used to recover control of an account. This was because there were a number of isolated incidents of malicious hackers -- generally acting on a personal level -- figuring out a person's password, hacking their accounts, and changing the emails and passwords to sabotage them and/or wipe out their content.

BUT fast-forward to 10 years After LJ's Creation, and there are now a ton of people whose oldest email addresses have reverted back to being publicly available. Which means that someone else, signing up with your old email address, can go to Livejournal and ask for a list of accounts associated with their address to be emailed to them... and suddenly they can take the account(s) from you and be viewed as legitimate in doing so. This was the loophole that the owners of the spambots discovered, and began exploiting. They'd sign up for a bunch of random, available email accounts on services, particularly those that were popular several years ago with the LJ customer base, and then check to see if accounts were linked to any of them. If any were, they'd go about "recovering" them, and then the crap would hit.

LJ has actually introduced a feature, as a result, that allows you to delete older email addresses of record from your account info. There's a link to it in an earlier post here, from a few days ago. Of course, with that feature comes the risk that someone who figures out your password could hack in, change your email address, and then delete your previous email address, cutting you off from your avenue of taking your account back... but at this point, that's probably the smaller risk than that a spambot might sign up for your old, long-forgotten hotmail address and then use it against you.

Since IJ is a newer service, I would venture that most of its users aren't in quite the same danger. However, it's a very good idea to make sure you sign up for your service with an email account you're unlikely to lose control of... or that's unlikely to be made available again to others if you do lose it.

The option to remove the email addresses is a good one, but I feel that LJ is going about it a little too broadly, and ought to have some additional security features in place with it to ensure that it isn't used maliciously against legitimate users, but only as a way to safeguard ourselves against spammers and hackers. Still, there's nothing that's 100% safe, so in this case, at least they're trying. :)
Okay, that makes much more sense now. I recall seeing the post about deleting your old email addresses, but did not know it was a heads up about something else. I have my LJ friends page segregated into different lists, so was not hearing anything about this whole thing until just yesterday.
Thanks for the better info!
security experts or warn Cyber security certification that recent Stuxnet and Aurora attacks were just the tip of the iceberg and more high profile cyber attacks are on their way