Security Incidents mailing list archives

RE: Possible AIM Hack?

From: "Jeff Britton, Monitored Security" <jeff.britton () monitoredsecurity com>
Date: Wed, 15 Mar 2006 13:38:23 -0000

completely different passwords.  I'm logging into the same account using 2 very different passwords as we speak.

-----Original Message-----
From: Benjamin Tomhave [mailto:falcon () secureconsulting net]
Sent: Tuesday, March 14, 2006 4:53 PM
To: Jeff Britton, Monitored Security
Cc: incidents () securityfocus com
Subject: RE: Possible AIM Hack?

AIM normalizes passwords - were your new passwords variants of old
passwords using non-alphanumerics or changes in capitalization?

On Tue, March 14, 2006 1:02 pm, Jeff Britton, Monitored Security said:

Has anyone else even noticed that (at least in the older versions) you can
use previous passwords to login?  As of right now, I can log into my AIM
account with 3 different passwords...was wondering if anyone else noticed
this too?

-----Original Message-----
From: CISO [mailto:ciso () elitemail org]
Sent: Tuesday, March 14, 2006 11:34 AM
To: belka () att net; incidents () securityfocus com
Subject: Re: Possible AIM Hack?

The new edition of AIM has this issue because the product is still
technically in BETA.

The older edition of AIM typically doesn't have this problem.

Remember that AIM is a free service so there are no real SLAs to end
users unless you are using the enterprise edition of AIM.

The inability to log on (authenticate) or create new accounts is because
that piece is controlled from the same mechanism (servers).

James

On 14 Mar 2006 15:57:03 -0000, belka () att net said:

Here is the gist of what happened:

March 8th, while using AIM, it logs me off.  When I try to log back in,
it tells me my password is incorrect.  When I try to rest the password,
I
receive no password rest message.  It is as if the hack changes the
account e-mail at the same time to prevent password rest.  Lastly, I
went
to create a new AIM account -- but without success.  The error message
tells me that the service is temporarily unavailable.  I tried from
several computers, and from different places, to no avail.  As of 09:11
CST (-6GMT) AIM will still not allow new accounts to be set up.

I haven't seen any news from any source about an AIM hack, but I have
heard anecdotally from my college aged kids that several of their
friends
were also affected around the same time period and most have not been
able to establish new AIM accounts.

Is any one else seeing any kind of similar activity/results surrounding
AIM?  Or am I just a victim of a series of unfortunate events?

Thanks

Current thread:

RE: Possible AIM Hack?, (continued)
- RE: Possible AIM Hack? Michael Wright (Mar 14)
- Re: Possible AIM Hack? Travis Haymore (Mar 14)
  - Re: Possible AIM Hack? Steven (Mar 14)
    - Re: Possible AIM Hack? Valdis . Kletnieks (Mar 15)
    - Re: Possible AIM Hack? Steven (Mar 16)
    - Re: Possible AIM Hack? Valdis . Kletnieks (Mar 16)
    - Re: Possible AIM Hack? Steven (Mar 16)
- Re: Possible AIM Hack? CISO (Mar 14)
- RE: Possible AIM Hack? Jeff Britton, Monitored Security (Mar 14)
  - Message not available
    - RE: Possible AIM Hack? Benjamin Tomhave (Mar 14)
- RE: Possible AIM Hack? Jeff Britton, Monitored Security (Mar 15)
- Re: Possible AIM Hack? belka (Mar 16)
  - Re: Possible AIM Hack? Dustin Childers (Mar 16)
  - RE: Possible AIM Hack? Phillip R Cooper II (Mar 16)
    - RE: Possible AIM Hack? ACMurray (Mar 16)
    - Re: Possible AIM Hack? Valdis . Kletnieks (Mar 17)
    - RE: Possible AIM Hack? Jeff Bryner (Mar 17)