A network of spambots has stored more than 700 million email addresses, verify yours

A security researcher has discovered one of the largest spam lists ever known. It contains a total of 711 million email accounts and was bundled by the spambot “Onliner”, which has been used before to spread malware around the world.

The list contains not only email addresses, but also passwords and server emails that spambot uses to send your spam campaigns. Of those 711 million, 80 million are SMTP credentials from different servers so the spambots network can use to send emails that look legitimate.

With those 80 million server email accounts, Onliner sends its spam campaign to the other 630 million emails it has amassed on its list. Those first emails serve to identify potential victims, they seem harmless but contain an image of a pixel that identifies the user’s operating system and other information once the user opens it.

If the attacker detects computers with Windows then knows exactly which can receive the Ursnif malware, and does not waste time or resources with other systems, besides that it does not make so much noise to be detected by the authorities quickly.

E-mails infected with malware arrive days later pretending to be receipts for parcels, hotels or insurance companies, but contain a malicious JavaScript file.

Troy Hunt from “Have I Been Pwned” has added this public database to his site so you can check if your data is part of Onliner’s spam list.

LEAVE A REPLY

Please enter your comment!
Please enter your name here