3 Days before my gmail account was compromised and was accessed from some where in china by some bloody spammer group who mailed a spam message about some macbook pro offer to all the contacts in my gmail account, following is the message sent to my contacts.
I have good news for you.Last week.
I have Order china 29 Products Apple MB766LLA 17 Macbook Pro Notebook
I completed bank transfer payments,I have received the product!
w e b:useueo.com
It’s amazing! The item is original, brand new and has high quality,
but it’s muc cheaper. I’m pleased to share this good news with you!
I believe you will find what you want there and have an good experience
on shopping from them
Here is my account activity usage details when I checked, after this happened [shown below]
This was the first time in my life, when my email account was comprised, hacked. I started investigating the cause for this, I scanned my whole computer for any malware, keylogger that might have been installed on my computer which could have transmitted my password to some hacker or spammer group, but there was nothing like this as there was no track of any software that could have done this.
After this, I came to this conclusion that there is only one way, some spammer could have got access of my gmail account which can be done by stealing the gmail login cookie of my account, although stealing cookie here does not mean that they knew my password, but with this cookie they can get access to the account for some time.
After thinking further, I got a clue about how this could have been done on my account, as I remember some one using my windows laptop last night for downloading some pirated software or movie, which has opened some pop up ads on which my friend clicked, and that time I was logged in my gmail account.
Another superficial reason which could be behind this is, the recent attack in china where some group got access to credentials of some gmail accounts on google servers, and my account was also one of them and then they used my account to send spam promotional message.
PS: To help people further, I was using google chrome browser 8.x version at the time this attack happened.