Evernote account hacked
Mar. 6th, 2019 01:26 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
dreamsharkI have an Evernote account that I never found any use for except saving snapshots of online transactions in case I ever need to recover a forgotten confirmation code or invoice number (I never have). Every now and then I get an email from the Evernote team expressing concern that my account has been hacked. I login and see no sign of shady business. I finally realized that these notices were coming to an older version of my email address. Turns out I had a 10-year-old Evernote account under that email that I had completely forgotten about. I used the password recovery option to login and... yikes! That account certainly had been hacked! The Recent Access tab was full of entries like this, all from the same Android phone. Not sure how this one bad actor managed to login from so many different countries (VPN?) or why he/she bothered to keep doing it over and over after discovering that my account contained absolutely no useful data or credentials.
Evernote for Android
Android-samsung-GT-P7510
02/19/2019
222.252.148.137
(An Giang, Vietnam)
Evernote for Android
Android-samsung-GT-P7510
02/19/2019
213.55.73.205
(Sumale, Ethiopia)
Evernote for Android
Android-samsung-GT-P7510
... [and so on. 21 logins, all on the same date]
The Evernote blog entry on this phenomenon says this: The Evernote service and our apps are still secure; however, we discovered an unauthorized person testing a list of usernames and passwords that they stole from a site not associated with Evernote. If this person had the correct password for your account, they connected an iPhone app to it; and then used that app to search for cryptocurrency credentials.
... [and so on. 21 logins, all on the same date]
The Evernote blog entry on this phenomenon says this: The Evernote service and our apps are still secure; however, we discovered an unauthorized person testing a list of usernames and passwords that they stole from a site not associated with Evernote. If this person had the correct password for your account, they connected an iPhone app to it; and then used that app to search for cryptocurrency credentials.
So that's what that looks like. It didn't do me any harm, or the hackers any good. This was an account that I forgot I had ever created containing nothing at all except one test "note" from 2008. But since this is probably related to one of those humungous DarkWeb password dumps, I wish I remembered what the original password was on this account. I doubt it's one I am still using anywhere, but it would be nice to know which of my old passwords is out there traversing the Interverse, just in case.
no subject
Date: 2019-03-09 06:20 pm (UTC)