A spambot based in the Netherlands has been found to have 711,000,000 email addresses – which are being used to send spam and spread some nasty banking malware.
As well as email addresses there are passwords on the open and accessible web server, according to Paris-based security researcher Benkow.
The spambot is called Onliner and it is part of a large-scale malware operation that will bypass spam filters – with the passwords and emails used to ‘scope out’ victims for malware attacks.
You can check if your email address is on the list by going to haveibeenpwned.com – an anti-hacker website which stores details of passwords which have been leaked.
Basically, if you see a password/email combination in there, stop using it immediately and change it on all sites where you use it, to be safe.
Also, if you see suspicious emails – often disguised as invoices – don’t open them, because it could be malicious software designed to steal your banking details.
Troy Hunt of HaveIBeenPwned wrote about it saying it is ‘the largest single set of data I’ve ever loaded into HIBP. Just for a sense of scale, that’s almost one address for every single man, woman and child in all of Europe.’
The site says: ‘The malicious software contained a server-based component located on an IP address in the Netherlands which exposed a large number of files containing personal information.
‘In total, there were 711 million unique email addresses, many of which were also accompanied by corresponding passwords. A full write-up on what data was found is in the blog post titled Inside the Massive 711 Million Record Onliner Spambot Dump.’
Troy explains that email addresses that are on the list are likely to be targeted by spam.
However, those who have had their passwords leaked as well are likely to be targeted for their SMTP server – ie to deliver spam.
Attempts are being made to get the authorities in the Netherlands to shut it down.