711 million email accounts susceptible to malignant spambot
31 Aug 2017 |
| One of the biggest spamming operations of its kind, involving 711.5 million email addresses, has been discovered by a malware researcher.
Apparently, these addresses and, in some cases, their associated passwords were being mined to spread a banking malware.
This spambot was discovered by a Paris-based security expert called Benkow and was first brought to attention by the ZDnet news site.
Here's more.
|
|
|
How can you check?
Spambot |
| Those, who are worried that their accounts might have been fallen prey, can check it via Have I Been Pwned service.
Troy Hunt, its operator, has confirmed that a "mind-boggling amount" of addresses have been collated by a malignant spambot.
This database contains two sets of data. One set is comprised of e-mails and the other holds login passwords and other details of users.
|
|
What can they do?
Emails |
| Where only emails have been collated, it's likely that the attackers would be sending spam to phish more data from users.
If they have the users' login passwords and other details, they can just covertly log in and use them for their campaign, making use of a spambot dubbed as Onliner.
Benkow said it was "difficult to know where [the] credentials had come from."
|
|
How did they get it?
Data |
| However, he did suggest that the attackers might have gathered this data from previous leaks, Facebook phishing and via illegal sales of user data.
The Onliner spambot hides tiny pixel-sized images in its spam emails, which extract information from the computers of the recipients.
The Spambot lists are being hosted by a Netherlands-based computer server, which has not been shutdown, yet.
|
|
|
Prevention is better than cure
Prevention |
| All that users can do, for now, is to check if their email addresses have been targeted. However, as of now, there's no way to be certain if their accounts have been hijacked or not.
Benkow said, "I recommend you to change your password, and be more vigilant with the emails that you receive; now you know that you're on malware deliverers' lists."
|
|
