Oh, boy, how one thing always leads to another, especially with AOL.
Tonight a reader asked how to access the AOL Classic home page (the answer is you can’t, because AOL Classic is gone).
Once that was sorted out (I told her to use http://netscape.aol.com instead – it’s ugly, but it’s basically the same thing), I tied up a few other loose ends on this blog, then – you know how I always get bored – so I usually go trawling through search engines to see what trouble I can find, since trouble doesn’t bore me? OK.
So tonight I’ve won the “un-bored” jackpot. Using the search terms (with quotes, exactly as you see it) [“aol” “back to classic” “developer network”] – which were two links at the bottom of the AOL Classic home page] I got this as the third result: http://www.primcapital.com/default_003.html.
Clicking the Prim Capital link takes you to an identical copy of the AOL Classic home page. Every link you click on that page brings you to another hijacked AOL page on Prim Capital’s servers. Curious as to whether AOL owns Prim Capital or not, I looked it up and, nope, apparently not!
But that’s where my gumshoeing stops. I have got to get to bed!
Have fun, AOL – I wash my hands of this little phishing attack or whatever it is you have going on with the Prim Capital people (but if I owned AOL, whoever runs Prim Capital wouldn’t be able to say their names without speech synthesizers by tomorrow morning – just sayin’).
Oh, and if you’re a reader who uses AOL? PLEASE DO NOT VISIT THE PRIM CAPITAL SITE. IT IS NOT AOL! YOU MAY GET PHISHED OR GET YOUR IDENTITY STOLEN! HERE BE DRAGONS! ETC.
That’s right, hackers, this is a no-strings-attached free gift from AOL to you, their nifty hackers – hack into as many free AOL accounts as you want and some of them will be yours to keep, free-of-charge, FOREVER. This is a once-in-a-lifetime opportunity – get’m NOW before other hackers lift all the free AOL accounts for you!
The only catch? Continue reading…
Since I wrote this post it’s risen to the #1 slots for the keyword searches mentioned below, so to save you time, if you’re here for the phone number to report a hacked AOL or AIM account, it’s 1-800-307-7969.
Tonight I typed “report hacked aol email” into Google and got, among other irrelevant things: “how to hack an AOL account“. Brilliant! Just to ensure my fury shot from moderate to severe, I typed “contact aol hacked” next, and got the same damn results…curses on Google. May fire rain down from heaven on their precious servers.
Watch out, AOL users. If you see this in your inbox – like I did tonight – then you’ve got Phish. Symptoms of Phish are as follows:
- You have an irrepressible urge to click on real-looking links to AOL
- You think this phisher’s email is so convincing
- You can’t understand why the fine folks at AOL, a multi-billion dollar company, misspell words, mangle grammar and forget to punctuate
Do you want to make a lot of money quick? Set up a phishing site (most of them can be made overnight with easy-to-use, affordable tools) then just send AOLers email asking them to “visit AOL” to update their accounts. That’s all. You’ll probably be rich in a week.
That’s right, I’m suggesting you steal. AOL won’t stop you just because I’m pointing out how easy it is to do. AOL ignores most phishing on their email servers even when Marcus of Singing Fish complains about it (as I mentioned in AOL Now the Largest Free Proxy Site in the World), even when other bloggers bring it up, even when Big Media is all over it in droves. Wanna steal from them? Go for it. I’ll even show you how it’s done.
Sunbelt, the people who make CounterSpy and other software security products, reported on their blog yesterday that at least 450 free AOL sites are infected with the Trojan-Downloader.Zlob.Media-Codec, more commonly known as the zlob-fake-codec.
How this works is you click a search engine result that takes you to an infected AOL account (user.aol.com is shown in the screen shot of an infected result page on Sunbelt’s blog), then you’re prompted to download an ActiveX component to view the web page. If you click Continue to download it, your computer is infected with up to two hundred trojans and unsafe ActiveX components.
From Zone-H, an IT news and information site: Zone-H and AOL’s Puerto Rican version of AOL.com was hacked and seriously defaced today in three separate DDoS attacks.
I’ll post more details as they become available.
Update: Helpful thread about “cwings” is here. Apparently he’s been hacking big websites for quite some time. Another website he defaced is discussed here, with screen caps.
Another update: Found information on Wrigley.com about the hacker from a guy who says he was framed by him for another attack. This is the hacker’s WhoIs page.
The Mike Nieves case is taking strange twists and turns. Just to refresh your memory, Nieves is the 17 year old accused of recently hacking AOL. He’s charged with computer tampering, computer trespass, and criminal possession of computer material.
Mike admits he hacked into Merlin (AOL’s CSR management system) to get his suspended account back and told investigators he uploaded screen shots of his work to Photo Bucket, but a story on Wired News throws Mike’s “confession” into doubt. Now another person on the AOL hacking scene, “Smokey,” claims he is the one responsible, not Nieves — now that Nieves has taken the fall for it and been charged with four felonies, one misdemeanor, and must post $40,000 bail to see the light of day again before trial.
From the Wired article:
I’m learning this a little late, but according to a complaint filed by AOL in NY City, AOL was repeatedly hacked by 17 year old Mike Nieves between December 24, 2006 and April 7, 2007. According to AOL, he has:
…committed offenses like computer tampering, computer trespass, and criminal possession of computer material. Among his alleged exploits:
- Accessing systems containing customer billing records, addresses, and credit card information
- Infecting machines at an AOL customer support call center in New Delhi, India, with a program to funnel information back to his PC
- Logging in without permission into 49 AIM instant message accounts of AOL customer support employees
- Attempting to break into an AOL customer support system containing sensitive customer information
- Engaging in a phishing attack against AOL staffers through which he gained access to more than 60 accounts from AOL employees and subcontractors
(quote courtesy of InfoWorld)
As a former paying customer of AOL (and a current member for research purposes, with a false name/address) my information might have been stolen, too, though I have no idea how many years back the stolen records extend to. I guarantee, though, if there’s a class-action coming out of this, I’m joining it.
How safe can you feel using AOL now? Between this, the subscriber search records released online, and the fact that AOL’s site is being used by phishers, no one should feel safe using AOL at all.