Massive spambot hoards over 711 million email address

A researcher uncovered a spamming operation that uses a list of some 711.5 million email addresses.

The emails have been used to help spread a banking malware, and the scam has been going on for quite some time before being noticed by a Parisian security expert called Benkow.

In some cases, the attacker(s) had gotten ahold of both the email address and the account’s password. With both details, the user’s login information can be added to the spambot known as Onliner.

On the other hand, if the attacker only has access to the email address, all they can hope to do is send waves of spam to the address in the hopes the owner coughs up more information.

But in rarer instances, it seems that the email information had been gathered using the accounts’ simple mail transfer protocol and port settings. That means the email providers’ security settings for detecting spam at all were jeopardized, letting messages into the inbox that might otherwise have been blocked.

One theory for how the spambot acquired so many emails is that they were taken from previous leaks and database hacks. For now, there’s little for users to do except check their emails to see if they’ve been compromised. Otherwise, it’s up on the providers to track down any leaks and shore up any defenses that might currently have holes in them.