Home Latest Cyber Security News | Network Security Hacking Misconfigured Server Made Trik Spam Botnet Leak 43 Million Email Addresses
Latest Cyber Security News | Network Security HackingNews

Misconfigured Server Made Trik Spam Botnet Leak 43 Million Email Addresses

by Abeerah Hashim
written by Abeerah Hashim
Trik spam botnet

More than 43 million users were put in a vulnerable position as their email addresses were leaked whereby Trik spam botnet exposed 43 million email addresses. Security analyst from Vertek Corporation detected this malware campaign and found a misconfigured server responsible for this data leak.

Trik Spam Botnet Server Leaked More Than 43 Million Email Addresses

While investigating the massive malware campaign involved in the distribution of Trik Trojan, Vertek researchers discovered how a ‘leaky’ Russian server kept over 43 million email addresses exposed.

According to the researchers, the Trojan Trik, together with GandCrab 3 ransomware, would download malicious files from a misconfigured server that was located on a Russian IP address. The group running this campaign deliberately misconfigured the server. Consequently, anyone directly accessing that IP could access the data present on that server.

The data containing the leaked email addresses contains 43,555,741 unique email addresses from various popular domains including Yahoo, Rediffmail, AOL, and MSN. However, very few Gmail addresses were there.

“We pulled all of them to validate that they are unique and legitimate. Out of 44,020,000 potential addresses, 43,555,741 are unique,” says Vertek researcher. “The email addresses are from everywhere. Everything from .gov to .com, and domain of several private businesses.”

What Is Trik? How Does It Work?

Trik Trojan is a malware downloader, which turns infected systems into botnets. These botnet computers then serve as a source to spread spam campaigns by the botnet operators. These operators also sell these “install spaces” to other criminals facilitating them to further attack Trik victims. Vertek researchers were investigating a similar campaign where Trik and GandCrab groups had joined together.

Though the leaky server was present on a Russian IP, the origin of botnet operators is yet unclear.

Right after the news surfaced online about this data leak, the server went offline.

Let us know your thoughts in the comments section below.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

You may also like

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall...

Personal Data Exposed in Massive Global Hack: Understanding...

Guardz Welcomes SentinelOne as Strategic Partner and Investor...

Invision Community Vulnerabilities Risk E-Commerce Websites

Microsoft April Patch Tuesday Fixes Dozens of RCE...

Match Systems publishes report on the consequences of...

Cypago Announces New Automation Support for AI Security...

LayerSlider WordPress Plugin Vulnerability Affected Thousands Of Websites

OWASP Disclosed Data Breach Affecting Old Members

Center Identity Launches Patented Passwordless Authentication for Businesses