Millions of emails and credentials exposed from Spambot

Over 700 million email addresses, as well as a number of passwords, have leaked online thanks to a misconfigured spambot, in one of the massive data breaches ever.

A spambot is a machine program created to help in the sending of spam. Spambots regularly create accounts and send spam messages with them.

According to Troy Hunt, a security expert who runs the Have I Been Pwned website:
“The one I’m writing about today is 711m records, which makes it the largest single set of data I’ve ever loaded into HIBP. Just for a sense of scale, that’s almost one address for every single man, woman and child in all of Europe.”

The data was leaked because the spammers failed to secure one of their servers (misconfiguration), letting any visitor download many gigabytes of information without needing any authentications. It is difficult to recognize how many others besides the spammer who compiled the database have downloaded their own copies.

According to Benkow, the spambot server which is called “Onliner Spambot” has been used to send out spams and spread a trojan called Ursnif to users since 2016.

“It’s difficult to know where those lists of credentials came from. I have obviously seen a lot of public leaks (like Linkedin, Baidu or with every passwords in clear text) but credentials can also came from phishing campaigns, credentials stealer malwares like Pony, or they can also be found in a shop.”

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Glove Stealer Emerges A New Malware Threat For Browsers

Halliburton Cyberattack Update: Losses Worth $35 Million Hit The Firm