Jump to content

Why Yahoo Mail is now blacklisted by Congress


Batu69

Recommended Posts

The House of Representatives is not best pleased with the email provider.

 

Yahoo Mail has been blocked until further notice by Congress due to a surge in ransomware attacks levied against the House.

As reported by Gizmodo, an email was sent to House of Representatives staff members explaining the move, blaming a surge in cyberattacks against the House as the main reason.

Specifically, ransomware is at fault. Ransomware is a breed of malware which infects systems, encrypts files and attempts to extract a 'fee' out of victims in return for a key which decrypts their files and restores system functionality.

 

Ransomware has recently hit major hospitals, causing severe disruption to services and potentially placed patient care at risk. While a ransomware attack against the House is not a life-or-death situation, a successful attack is still a major concern as government bills, employee data and schedules could be thrown into chaos.

 

The email was sent in late April, and warned staff that as there has been an increase in ransomware-based attacks through third-party email providers including YahooMail, Gmail and others, Yahoo's email service has been blocked by the House's IT desk "until further notice."

 

The "high" importance email reads:

Quote

"The primary focus appears to be through YahooMail at this time. [...] We will be blocking access to YahooMail on the House Network until further notice. We are making every effort to put other mitigating protections in place so that we can restore full access as soon as possible."

 

Recent attacks against the US government organization have focused on using .js files disguised as .zip files, although it is not known which types of ransomware are being levied against the House.

According to one congressional staffer who spoke to the publication on condition of anonymity, at least one of these ransomware attacks has been successful; although the compromised PC in question was shut down and reformatted quickly to eradicate the malware.

A Yahoo spokesman said:

Quote

"We take the security of our users very seriously, and we're collaborating closely with House IT staff to ensure that they have the right solutions in place to best protect their accounts."

 

In April, the US and Canada issued a warning to businesses concerning the rise of ransomware and discouraging users from paying the fee -- as there is no guarantee files will be returned.

 

Article source

Link to comment
Share on other sites


  • Replies 10
  • Views 1.4k
  • Created
  • Last Reply
straycat19

Damn, I didn't know yahoo mail still existed.  Really?  No kidding?  I just thought those were spam emails and blocked the yahoo domain.:P

Link to comment
Share on other sites


I use yahoo mail.  It does get more spam than my Hotmail or gmail but the spam goes into the spam folder seemingly 100%.  And they seemed to have cut down on its amounts recently in serious way but still lots of spam.

Link to comment
Share on other sites


5 hours ago, straycat19 said:

Damn, I didn't know yahoo mail still existed.  Really?  No kidding?  I just thought those were spam emails and blocked the yahoo domain.:P

That shows you have no friends in real life , if you did chances are you would have a  friend who uses a yahoo addy  and  you would know who they was from there email addy..

 

Do You Yahoo? Despite Dismal Reputation, Many People Still Do

http://www.npr.org/2016/04/18/474725621/do-you-yahoo-despite-dismal-reputation-many-people-still-do

Link to comment
Share on other sites


12 hours ago, Batu69 said:

The email was sent in late April, and warned staff that as there has been an increase in ransomware-based attacks through third-party email providers including YahooMail, Gmail and others, Yahoo's email service has been blocked by the House's IT desk "until further notice."

 

 

If ransomeware is delivered by several webmail services, WHY they only blacklisted Yahoo?

By the way, I don't feel that there is more spam delivered by Yahoo then from other source. Actually, I believe most spam comes through SMTP servers, email's origin can't be identified by sender's address.

I have a yahoo email address since about 3 years for a restricted use and I never get real spam to it, not even on spam folder, compared to gmail, where actually I get an average of 3 - 4 spam messages daily, among them an incredibly large number of "Nigerian" scam mails

Link to comment
Share on other sites


37 minutes ago, CODYQX4 said:

Friends don't let friends use Yahoo.

You dont have control of friends in the real world they will punch you in the nose!  People say alot of things online they would never say to someones face but that dont mean  anyone  listens ,  The best i can do is suggest  they  use something else .   I know many control  freaks who lost there marbles once they figured out the were powerless over people, places and things . Only thing you have control over is yourself  whats you're solution to use ad infested Gmail so they can sell you're data ? I dont use Gmail , Yahoo , Microsoft since 2011  my email is not even in the USA . My friends use what they please, Why would i care that congress dont have better skills than to open emails from people  they dont know ?  maybe they will lose votes from bouncing emails  from potential voters  .    .. :P

 

It was not just Yahoo they blocked it says  they also blocked Google hosted apps

http://www.reuters.com/article/us-usa-cyber-congress-idUSKCN0Y22QH

Quote

The U.S. House of Representatives' information technology team has blocked the congressional chamber from accessing software applications hosted on a Google cloud service in an attempt to prevent possible hacking campaigns against lawmakers and their staff, according to two congressional sources.

 

The move came just days after Yahoo Mail was also blacklisted due to fears of ransomware infiltration.

 

The two restrictions, which have hampered some internal communications in the lower chamber of Congress, have both been implemented within the past two weeks and are still in place. The episodes are not believed to be related, the sources said.

 

Devices connected to the House’s Internet via Wi-Fi or Ethernet cables have been barred from accessing the apps hosted by Google’s developer platform after the FBI notified Congress of a potential security vulnerability, the sources said.

 

“We began blocking appspot.com on May 3 in response to indicators that appspot.com was potentially still hosting a remote access trojan named BLT that has been there since June 2015,” one of the sources, a House staffer with direct knowledge of the situation, told Reuters.

 

Google declined to comment. The FBI has so far not responded to a request for a comment.

 

The FBI sent an advisory to private industry in June 2015 about a number of remote access tools capable of stealing personally identifiable information, including a trojan file named BLT found on Google appspot domains.

 

Ted Henderson, a former House employee, said two Google-hosted apps he created specifically for use by congressional staffers to discuss politics and share alerts on votes are now effectively banned on their work network.

 

The disabling of appspot.com occurred after the House Information Security Office sent an advisory email to lawmakers and staffers on April 30 warning of increased phishing attacks on the House network from third party, web-based mail applications including Yahoo Mail and Gmail.

 

“The attacks are focused on putting ‘ransomware’ on users’ computers,” the email, seen by Reuters, states. It added that the primary focus of the attackers appeared to be Yahoo Mail, which was being blocked on the network “until further notice.”

 

Two individuals fell victim to ransomware by clicking on infected Word document email attachments, sources familiar with the hacking said. The infected files were able to be recovered without paying any ransom, the sources said.

 

Ransomware attacks, which involve accessing a computer or network’s files and encrypting them until a ransom is paid by the victim, have grown more severe and common in recent years.

 

Yahoo is working closely with the House to resolve the matter, a company spokesperson said.

 


 

 

Link to comment
Share on other sites


2 hours ago, CODYQX4 said:

Yahoo! is far more ad infested than Google. Last time I saw someone use it there were Flash banners there.

i wouldn't know i dont even use ether one to compare them in years  why would you keep flash turned  on to check emails ? You need to teach you're friends about how they catch malware !  The best one in the USA is Zoho Mail even there free version is adfree . But i dont normally see ads anywhere   But  you could get ransomware though any email from clicking on attachments from people you dont know.

Link to comment
Share on other sites


Yahoo works fine with POP3 and SMTP.(and Thunderbird). Text only, no spam in over a year.

I used to get a lot of spam when I used the messenger service (it transmits your email address without encryption which wireless sniffers pick up) but when Yahoo messed up their messenger service, I dropped it, and now only use the mail.

You can't get any malware if you view messages as text and do not click on attachments.

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...