Monday, January 29, 2018

Over 711 Million Email Addresses Exposed From SpamBot Server



A massive database of 630 million email addresses used by a spambot to send large amounts of spam to has been published online in what appears to be one of the biggest data dumps of its kind.

A French security researcher, who uses online handle Benkow, has spotted the database on an "open and accessible" server containing a vast amount of email addresses, along with millions of SMTP credentials from around the world.

The database is hosted on the spambot server in Netherlands and is stored without any access controls, making the data publicly available for anyone to access without requiring any password.

According to a blog post published by Benkow, the spambot server, dubbed "Onliner Spambot," has been used to send out spams and spread a banking trojan called Ursnif to users since at least 2016.

Ursnif Banking Trojan is capable of stealing banking information from target computers including credit card data, and other personal information like login details and passwords from browsers and software.
spam-emails
"Indeed, to send spam, the attacker needs a huge list of SMTP credentials. To do so, there are only two options: create it or buy it," Benkow said. "And it's the same as for the IPs: the more SMTP servers he can find, the more he can distribute the campaign."

As the researcher explained, he found "a huge list of valid SMTP credentials"—around 80 millions—which is then used to send out spam emails to the remaining 630 million accounts via internet provider's mail servers, making them look legitimate that bypass anti-spam measures.

The list also contains many email addresses that appear to have been scraped and collected from other data breaches, such as LinkedInMySpace and Dropbox.

The researcher was able to identify a list of nearly 2 million email addresses to be originated from a Facebook phishing campaign.

The exposed database has been verified by Troy Hunt, added the leaked email addresses to his breach notification site.




























At the time of writing, it is unclear who is behind the Onliner Spambot.

Users can check for their email addresses on the site and those affected are obviously advised to change their passwords (and keep a longer and stronger one this time) for your email accounts and enable two-factor authentication if you haven't yet.

Also, do the same for other online accounts if you are using same passwords on multiple sites.

2 comments:

  1. Do you need to increase your credit score?
    Do you intend to upgrade your school grade?
    Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
    Do you need any information concerning any database.
    Do you need to retrieve deleted files?
    Do you need to clear your criminal records or DMV?
    Do you want to remove any site or link from any blog?
    you should contact this hacker, he is reliable and good at the hack jobs..
    contact : cybergoldenhacker at gmail dot com

    ReplyDelete
  2. Special thanks to (hackingsetting50@gmail.com) for exposing my cheating husband. Right with me i got a lot of evidences and proofs that shows that my husband is a fuck boy and as well a cheater ranging from his text messages, call logs, whats-app messages, deleted messages and many more, All thanks to

    (hackingsetting50@gmail.com), if not for him i will never know what has been going on for a long time.

    Contact him now and thank me later.

    ReplyDelete

Are you looking for most trusted hosting website?

What is Web Hosting? Web hosting is a service that allows organizations and individuals to post a website or web page onto the Internet. A...