I typed a longish reply to this the other day, but because I was on the ipad and tried to add a link - it lost the whole post... grrr.
.. i think it went something along the lines of....
I read somewhere that very soon after
7LM reported on here, that Yahoo admitted that they had been compromised again. As usual they didnt say too much other than change and use strong passwords.
From what I recall they admitted 'an attack on their servers' via a blackberry or iphone (one of the two, cant recall which now).
This immediately struck me as being a bit odd, because a mobile device is certainly not what you would use to brute force passwords! IMHO it would be more likely used to change some server settings or re-configuring some info on their servers. To me this implies that they have some sort of backdoor into yahoo.
What Yahoo dont seem to recognise (or wont acknowledge) is that the password doesnt really seem to be the issue for many of the accounts being hacked... nor does changing password seem to resolve it... iirc we discussed this in the other thread how this could occur. The hackers certainly are using some sort of XSS attack based on session cookies exploiting a flaw in the Yahoo library code base.
These attacks have been going on for months, each time yahoo making tiny patches, which the hackers then seem to get around.
Its a typical horse/stable/bolted approach where yahoo are only closing each stable door after each horse has bolted... rather than thinking ahead and bolting each and every door before the horse gets loose.
This is getting a bit silly now and yahoo dont seem to be learning. If it was me... I would hire the guy who discovered the exploit in the first place... and pay him to sit there and try find all the open doors... or is that too simple?