Yahoo’s Government Email Scanner Actually Found To Be Sophisticated Hacking Tool

"Yahoo" is a positive word, but in relation to the internet giant, it's starting to feel like it could describe some of the company's key management. Yahoo has been dealing with some troubling issues, but most of those issues were self-created, such as failing to disclose a security breach which took place years ago, and building a custom tool for the U.S. government - and the NSA in particular - to scan user emails.

Now, it's being reported that Yahoo's tool is in effect a sophisticated "hacking tool", although it's supposedly not that much different from Yahoo's preexisting tools used to seek out malware, child pornography, and spam. "Tool" might be the wrong word, though, as some experts are outright calling it a rootkit.

yahoo sign1 625px

Speaking with Motherboard, an ex-Yahoo employee said that if the custom tool the company created was in fact a simple modification of preexisting tools, then it wouldn't have become so noticeable by the company's security experts. When the company's internal testing team found it during one of their regular checkups, they jumped to an obvious conclusion: they were breached. They didn't realize at the time, however, that it was Yahoo's own doing.

As malicious as the tool is to users, it was apparently extremely buggy, turning it into an actual security risk. So whether it's called a tool or a rootkit, one thing's for sure: it's no good. Interestingly, this revelation has nothing to do with Verizon's seeking of a $1 billion discount on the purchase of Yahoo; that's tied directly to the mess created from the massive security breach a couple of years ago.

As the days go on, and more revelations come to the surface surrounding Yahoo, we can't help but wonder what kind of mess Verizon is getting itself into with its latest acquisition target.


Via:  Motherboard
Show comments blog comments powered by Disqus