Could the Hotmail Servers be Infected?

Search First! Then browse: Categories | Full Archive | By Date | Newsletter

Home » EMail » EMail Providers » MSN Hotmail

I tried to help someone whose computer had been infected by the Nimda worm. After the computer was disinfected, and before my friend even used that computer again, she complained that all her contacts (in her Hotmail Contacts list) suddenly started getting virus attachment emails which appear to be sent from her Hotmail account -- even though she wasn't using the previously infected computer -- and wasn't sending them anything. She is sure the other computers she is using are well-protected and "clean". I had advised to her close the Hotmail account -- but, nevertheless, it's hard to believe the Hotmail servers are this vulnerable -- and if they are, how can she be sure she won't have this problem with another Hotmail account? There are additional issues -- but first, I want to be sure this is really the root of the problem at this point: an infected account on the Hotmail server.

•

Hotmail definitely has its problems, but this probably isn't one of them.

While someone's got a virus, it's not Hotmail. And it's probably not you.

But it might be someone you know.

•

First, realize that Hotmail isn't running mail software like you and I run. Hotmail, and other mail services, run custom software that is tuned for being mail servers - for collecting and delivering mail on behalf of customers. The "address book" that you see on screen is most likely stored on the Hotmail servers in a custom and undocumented format that would be near impossible to reverse engineer without direct access to the Hotmail datacenter. None of the current sets of viruses would have a clue as to what to do with it.

"... Microsoft related servers are some of the biggest targets for hackers on the planet."

That brings up another argument against Hotmail being hacked: for many, many reasons, I'm sure that Microsoft and Microsoft related servers are some of the biggest targets for hackers on the planet. You can bet that these are some of the best secured Windows servers in existence. From industrial strength firewalls to totally secured and locked down datacenters in undisclosed locations, Microsoft servers are well guarded.

Finally, if there were any kind of a security breach or problem, you know that Microsoft would be all over it as fast as is humanly possible - taking the service down if necessary to protect its customers.

So, no, I don't believe Hotmail has been hacked, or has any kind of infection.

So where's the mail coming from?

It's much more likely, and in fact very common, that another PC belonging to a regular computer user has been infected with a virus. In fact, I've seen some incredibly high estimates of the numbers of infected machines that are sending out spam and viruses. One of the things that these spam-sending zombies do is fake the "From:" line on the email that they send. It looks like it came from your Hotmail account, but in fact it came from somewhere else entirely. A quick look at the details of the mail header usually confirms this.

I've discussed this at length in an earlier article "Someone's sending from my email address! How do I stop them?!".

The bottom line is that there's actually little to be done other than, as you have already, make sure that your machines are protected and scanned regularly for spyware and viruses making sure that the scanners are up to date, using a firewall, and using common sense with a liberal dose of skepticism.

Related:

Ask Leo! - Someone's sending from my email address! How do I stop them?!
Ask Leo! - How do I keep my computer safe on the internet?

Article C2554 - February 13, 2006

Was this article helpful? «Yes» «No»

Recent Comments

16 Comments

I have recently been recieving delivery statis notifications that say it has attatchments, well I am not sending these and it has been sent to everyone in my contacts. It has attatchments for advertisements for various product, especially medications. I have run a scan and know I do not have a virus. How do I stop this from happening?

Posted by: joanna smith at February 8, 2010 10:32 AM

for the second time and email was sent to various email address of mine says undelivered. Also advertisement for Vagra and other drugs attached. This is the second time with in 1 month.... Help please.... and thanks...

Posted by: Al Foster at February 14, 2010 9:12 PM

For the second time in about 1 month I have receive the statement ... that unable to deliver .. old address and even some of persons I dont know... HELP PLEASE.....Thanks

Posted by: Al Foster at February 14, 2010 9:16 PM

I had the problem with the hotmail virus which send email to all in your contact list & then it deleted all my contacts! Thereafter I received very rarley e-mail. what the do is they change your junkmail settings, all your emails go straight into the junkmail because only e-mails from your contact list (which is now deleted by the virus!) go into your inbox. They also change the settings that alll your junkmail are deleted straight away!!! Therefor I got alsmos to e-mail!

Please spread the message to check your junkmail settings!

Posted by: salmon at February 20, 2010 2:49 AM

As of yesterday, I have lost the capability to
delete unwanted messages. I can still receive
and send messages, but when I send messages, it
takes at least 1 minute for the computer to
complete the transaction. When I attempt to delete
a message, a computed generated message comes
across the the screen and indicates this:

"There was a problem with windown live Hotmail
Service (a temporary network connectively issue
that has nothing to do with your computer).
Please try again.

In addition, a few weeks ago, I received an
e-mail message request, appearing to be from
Hotmail, asking for all my persnal data. I
refused the request. Therefore, could this be
the same person that initiated the personal
info request, that has the capability to now
cause the problem in which I cannot eliminate
unwanted messages?

Thank you.

Sincerely,

Dennis P. Habern, Msgt, USAF, Retired

Posted by: Dennis P. Habern at March 18, 2010 9:24 AM

See all 16 comments...

Post a comment on "Could the Hotmail Servers be Infected?":

Name: (Required) (Name will be included when your comment is published.) Email Address: (Required) (Email Address will not be published.) Remember Me? YesNo	By popular demand... my tip jar Buy Leo a Latte!
Comments: (you may use HTML tags for style)	Subscribe to the RSS Feed specifically for comments on this article.

Before commenting, please...

Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored.
Comment only on this article. Use the Google search box at the top of the page if you have a question about something else.
Don't include personal information in the comment. No email addresses. No phone numbers. No physical addresses.

Don't spam. Excessive links to unrelated sites within a comment or across multiple comments will cause all such comments to be removed.
Don't ask me to recover lost passwords or hacked accounts. I can't, and those comments will be deleted.
I can't respond to every comment. And I can't vouch for the accuracy of others who do.

Read Why didn't you answer my question? for hints on getting an answer.
By posting a comment you agree to the Terms of Service. Don't agree? Don't post.
Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored. Yes, I'm saying this twice; you'd be amazed.

Please wait. Your comment is being processed ...

Question? Ask Leo!

http://ask-leo.com/could_the_hotmail_servers_be_infected.html

Copyright © 2003-2010 Puget Sound Software, LLC and Leo A. Notenboom
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC
Terms, Conditions & Privacy
Product Reviews, Recommendations and Affiliate Links Disclosure