Could the Hotmail Servers be Infected?

Helping people with computers... one answer at a time.

Ask Leo! » Email » Email Providers » Windows Live Hotmail

I tried to help someone whose computer had been infected by the Nimda worm. After the computer was disinfected, and before my friend even used that computer again, she complained that all her contacts (in her Hotmail Contacts list) suddenly started getting virus attachment emails which appear to be sent from her Hotmail account -- even though she wasn't using the previously infected computer -- and wasn't sending them anything. She is sure the other computers she is using are well-protected and "clean". I had advised to her close the Hotmail account -- but, nevertheless, it's hard to believe the Hotmail servers are this vulnerable -- and if they are, how can she be sure she won't have this problem with another Hotmail account? There are additional issues -- but first, I want to be sure this is really the root of the problem at this point: an infected account on the Hotmail server.

•

Hotmail definitely has its problems, but this probably isn't one of them.

While someone's got a virus, it's not Hotmail. And it's probably not you.

But it might be someone you know.

•

First, realize that Hotmail isn't running mail software like you and I run. Hotmail, and other mail services, run custom software that is tuned for being mail servers - for collecting and delivering mail on behalf of customers. The "address book" that you see on screen is most likely stored on the Hotmail servers in a custom and undocumented format that would be near impossible to reverse engineer without direct access to the Hotmail datacenter. None of the current sets of viruses would have a clue as to what to do with it.

"... Microsoft related servers are some of the biggest targets for hackers on the planet."

That brings up another argument against Hotmail being hacked: for many, many reasons, I'm sure that Microsoft and Microsoft related servers are some of the biggest targets for hackers on the planet. You can bet that these are some of the best secured Windows servers in existence. From industrial strength firewalls to totally secured and locked down datacenters in undisclosed locations, Microsoft servers are well guarded.

Finally, if there were any kind of a security breach or problem, you know that Microsoft would be all over it as fast as is humanly possible - taking the service down if necessary to protect its customers.

So, no, I don't believe Hotmail has been hacked, or has any kind of infection.

So where's the mail coming from?

•

It's much more likely, and in fact very common, that another PC belonging to a regular computer user has been infected with a virus. In fact, I've seen some incredibly high estimates of the numbers of infected machines that are sending out spam and viruses. One of the things that these spam-sending zombies do is fake the "From:" line on the email that they send. It looks like it came from your Hotmail account, but in fact it came from somewhere else entirely. A quick look at the details of the mail header usually confirms this.

I've discussed this at length in an earlier article "Someone's sending from my email address! How do I stop them?!".

The bottom line is that there's actually little to be done other than, as you have already, make sure that your machines are protected and scanned regularly for spyware and viruses making sure that the scanners are up to date, using a firewall, and using common sense with a liberal dose of skepticism.

Article C2554 - February 13, 2006

Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

You may also be interested in:

Ask Leo! - Someone's sending from my email address! How do I stop them?!
Ask Leo! - How do I keep my computer safe on the internet?

Recent Comments

21 Comments

The answer is obvious. She uploaded an infected file to her hotmail account while it still had a virus on it. Happened to me, too.

Posted by: Louche at May 18, 2010 9:24 AM

Leo you evidently do not know as much as you think. When you said it isn't the hotmail how do you explain my hotmail account sending out virus laden emails to all my contacts while the power was out to the house and the computer was off due to an ice storm. With no battery back up and the power completely off emails were sent from my hotmail account. So of "GREAT ONE" explain that.

No problem - someone has hacked into your account, and logged in from their working computer to send out that malware and spam. This is happening A LOT right now - yours is not the first report. The Hotmail servers themselves have not been hacked.

29-Nov-2010

Posted by: britney jones at November 28, 2010 4:05 PM

I'm having trouble reading my emails. I pick unread emails but it still doesn't let me read what the email says. Help me.

Posted by: linda kincaid at March 2, 2011 11:08 AM

Hotmail/Live Mail mainframe computers have been hacked since early April 2011. I reported this significant breach to Microsoft, including the identification of the hacker. Microsoft gave me a new Hotmail email address, much like the old one. Microsoft is working quickly to correct this major problem affecting all Hotmail/Live Mail accounts.

You sure it wasn't just an account that was hacked? Giving you a new Hotmail address is just opening up a new account. I'd have to see a lot more proof before believing that the Hotmail servers have been hacked.

05-May-2011

Posted by: Dana Karl Hall at May 5, 2011 6:11 PM

when i sign into my hotmail ,a page comes up telling me my hotmail account has been cancelled due to perhaps a hacker sending spam in my name.as of now i have no hotmail account and have no idea what to do about itplease help.by the way the spam is still being sent to all my contacts .

That's this article: What are my Lost Hotmail Account and Password Recovery Options?

10-May-2011

Posted by: Helen Butts at May 10, 2011 8:09 PM

See all 21 comments...

Post a comment on "Could the Hotmail Servers be Infected?":

Name: (Required - will be included when your comment is published.)

Email Address: (Required - will not be published.)

Remember Me? YesNo

Comments: (You may use HTML tags for style)

Before commenting, please...

READ THE ARTICLE. A comment that shows you didn't will be deleted and ignored.
Comment only on the article. Use the search box at the top of the page if you have a question about something else.
NO PERSONAL INFORMATION in the comment. No email addresses. No phone numbers. No physical addresses.

Anything that looks the least bit like spam will be deleted. Links to unrelated sites or links that appear to be primarily promotional will be deleted, or the comment will be deleted.
Don't ask me to recover lost passwords or hacked accounts. I can't. Those comments will be deleted.
I can't respond to every comment. And I can't vouch for the accuracy of others who do.

Read Why didn't you answer my question? for hints on getting an answer.
By posting a comment you agree to the Terms of Service. Don't agree? Don't post.
READ THE ARTICLE. A comment that shows you didn't will be deleted and ignored. Yes, I'm saying this twice; you'd be amazed.

Please wait. Your comment is being processed ...

Question? Ask Leo!
The Tip Jar: Buy Leo a Latte!

Categories | Full Archive
By Date | Business Card | About

Advertisements do not imply my endorsement of any product or service.

Copyright © 2003-2012 Puget Sound Software, LLC and Leo A. Notenboom
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC
Terms, Conditions & Privacy
Product Reviews, Recommendations and Affiliate Links Disclosure

http://ask-leo.com/could_the_hotmail_servers_be_infected.html