Years ago, I was browsing through the Tech rooms in yahoo when this random person IM'ed me, I ignored him as I usually do to people who I don't know. Then, possibly because I ignored him, he tried to send me a file, I clicked the "cancel" button, but for some strange reason, it began the download instead of stopping it. After it finished downloading, which only took maybe five seconds to do so, even on my slow internet connection, the download box disappeared and the guy sent another IM saying, "Thanks." About 5 minutes later, I was kicked from the Yahoo! server and when I tried to log back in, it said I was using the incorrect password. I tried again, and againt to no avail. Then I got the bright idea of just goig to the Yahoo! site and requesting a new password using my "secret question/answer", D.o.B. and such information. I put in all the information correctly, but it said I had not.
To help me end this story sooner... blah blah blah, blah blah blah blah, blah... Turned out there was a program on my computer that was sending this other person *ALL* of my passwords and usernames that I tried to use on Yahoo! Messenger, even ones I had just made to tell my friends to block my old ID as it was "hacked." This program was called something along the lines of "Magic8-ballX." Obviously there are programs out there like this, and my question is where can I go to get myself one of these as I'm damned curious about them, how can I prevent it from happening to me (my current solution is YaHeLite) and why exactly it was still downloaded and installed onto my computer even though I had clicked the "cancel" button.

Any and all information about this would be very helpful, thanks.

I'm pretty sure this program exploited a now-patched flaw in Yahoo! Messenger that would allow the attack to execute commands forcing you to download and run this program. I'm not sure if such a program would work now.

Years ago, I was browsing through the Tech rooms in yahoo when this random person IM'ed me, I ignored him as I usually do to people who I don't know. Then, possibly because I ignored him, he tried to send me a file, I clicked the "cancel" button, but for some strange reason, it began the download instead of stopping it. After it finished downloading, which only took maybe five seconds to do so, even on my slow internet connection, the download box disappeared and the guy sent another IM saying, "Thanks." About 5 minutes later, I was kicked from the Yahoo! server and when I tried to log back in, it said I was using the incorrect password. I tried again, and againt to no avail. Then I got the bright idea of just goig to the Yahoo! site and requesting a new password using my "secret question/answer", D.o.B. and such information. I put in all the information correctly, but it said I had not.
To help me end this story sooner... blah blah blah, blah blah blah blah, blah... Turned out there was a program on my computer that was sending this other person *ALL* of my passwords and usernames that I tried to use on Yahoo! Messenger, even ones I had just made to tell my friends to block my old ID as it was "hacked." This program was called something along the lines of "Magic8-ballX." Obviously there are programs out there like this, and my question is where can I go to get myself one of these as I'm damned curious about them, how can I prevent it from happening to me (my current solution is YaHeLite) and why exactly it was still downloaded and installed onto my computer even though I had clicked the "cancel" button.

Any and all information about this would be very helpful, thanks.
If you're talking about who I think you're talking about, He used a variety of names "Magic8ball" being the most common one.. He periodically did things similar to what you posted about, no motive..... He just did it to show others he could.. basically he was an idiotic show off. There's also a guy who did something similar.. he used the name "magic_8", MaGic_Eight", "Majic-8" those are the only names i've seen him by.. I think he was the same guy as the first one... but I thought I would post that just to see if that's who you're talking about.. If he tried that to me, I would have simply returned his favor...... about *00% worst.

Sorry for the confusion, but it wasn't the person whose ID was "magic-8" or whatever, the name of the program that was sending him my passwords/IDs was called that, I believe his name was "Mike" or something similar to, real or not, that how everyone addressed him.

I would take revenge on this person, but i lack the knowledge of such programs, how they work, how to create them, etc, that and I fear he *could* do worse than that, what I don't know, it's just the possibility.

If anyone knows more in-depth information about such programs that steal passwords of people on different computers, not like "cain" that sniffs LANs... could we speak in private? as not to get banned or something... I am curious about these things :):D

He's probably grown up and got a job now.