Skip to main content

A Paris-Based Researcher Spotted 711 million Email Accounts Lying In Plain Text Files On A Server Hosted In Netherlands


The researcher mentioned his findings in a blog post. The said server was used by a spambot known as ‘Onliner’. And the text files, amounting to 40+ GBs, also contain other details like passwords and details of the email servers used to send the spam.

It has been known that this massive “biggest of its kind” spamming campaign is a launch pad to spread a banking malware called Ursnif. As of now, more than 100,000 different infections have occurred, ZDNet reports.
It’s hard to point out the exact source from where the email accounts and data was collected. But, previous breaches like that of Linkedin did make a considerable contribution.
The unsorted list discovered by Benkow, analyzed by Troy Hunt, contained 80 million emails which were then used to send spams to another 630 million. The hackers used the SMTP servers and ports linked to these email accounts to spread the spam in a way that looks legitimate. In fact, the user credentials were verified against the SMTP servers; the one which didn’t authenticate were not used.
Online data dump 1
Image: List of data dump files.
Hunt operates the site Have I Been Pwned?. You can visit the same to know if your email is included in the breach. Hunt said that this is the “largest single set of data I’ve ever loaded into HIBP.”
“Just for a sense of scale, that’s almost one address for every single man, woman, and child in all of Europe.”
Also, a considerable number of entries from the email data was already present in HIBP’s existing database. In his blog post, Hunt says that the findings can be filtered into two categories:
  • Email addresses used to deliver the spams to.
  • Email addresses and passwords for which the hackers abused their SMTP server to deliver the spam.
There was one “uncomfortable truth” waiting for Hunt, his own email address was present in the list. Thankfully, I have not been pwned.
The irregular construct of the data, mainly sourced from the web, makes the 711 million figure “technically inaccurate” and he said the actual number of humans involved might be somewhat less.
Visit Have I Been Pwned to check your email. Read Hunt’s blog post for more details using this link.

Comments

Follow Us

WHAT'S HOT

Fappening 2.0 Continues: Private Photos Leak Affects Miley Cyrus, Rosario Dawson, Suki Waterhouse

ust when we thought that Fappening 2.0 leaks were over, the 4th wave just arrived. This alleged leak of private pictures has affected Miley Cyrus, Rosario Dawson, and Suki Waterhouse. Reported by myth-busting publication Gossip Cop, the pictures were first posted on notorious website Celeb Jihad.

84-year-old woman dies after being stung more than 500 times by swarm of bees (photos)

An 84-year-old woman from Brazil died after she was stung by a whole beehive She was out collecting firewood when she disturbed the bees who stung her until rescuers arrived The old woman died from the beestings on her way to the hospital 84-year-old Divina Ambrósio de Jesus from Brazil recently died after she got stung by a swarm of bees. The beestings covered the old woman's body including her face The old lady was out collecting firewood when she accidentally disturbed a beehive. The bees repeatedly sting the old lady for 30 minutes.

MC Galaxy – DIO (Refix) | prod. KrizBeatz

“With the recently released  “MMM” Album  still causing a furore online and on the streets, MCG Empire Boss –  MC GALAXY  comes through with the  refix  to  DIO  (which means come), the 3rd track of the critically acclaimed sophomore body of work.

Man beats up boyfriend of woman who spat on him on a train (Video)

A woman spat on a man on the train, but instead of the man hitting the girl he beat up her boyfriend. What do you think of his action? Watch video below.. ..