A researcher which specializes in discovering malware has recently come across a shocking discovery. A huge spambot has apparently been going through about 711.5 million email address from all over the world. Its purpose is to obtain information and then use it to spread some kind of banking malware. It’s worth noting that in some cases, the operation didn’t only steal the addresses, but also their passwords. Users who want to know if the bot has targeted them can check this by using the Have I been Pwned website. The operator of this website admitted that the number of addresses that fell victim to this spambot is enormous.
Millions of addresses and passwords stolen
A security expert from Paris, France, is the one who has apparently discovered this spambot. After that, another website made public his discovery and warned people about the potential danger. It’s worth noting that we can split this number of 711 million attacks into two separate categories. In the first case, the spambot only managed to steal the email addresses. So, everything the attackers can do is to spam the owner until they reveal some more personal information. Usually, this trick doesn’t work because people have become increasingly aware of such actions. Then there’s the more serious case when the attackers also know the passwords to the respective email addresses. From here it’s easy for them to practically do everything they want with those addresses.
According to the French security experts who calls himself Benkow, it’s uncertain where these addresses came from I the first place. It’s highly possible that the attackers obtained them through various other leaks. It’s also important to note that it can be very difficult to stop those accounts. The attackers usually use them for spam. If there’s a large number of them, the mission becomes almost impossible.
A very serious situation
Benkow also revealed that those attackers were actually hiding extremely tiny images, almost pixel-sized, in the messages it sent to people. It seems like they were using those to collect info on the recipient and its computer. Experts are saying that they managed to track the spambot and it reportedly comes from a server in Netherlands. However, users should now do everything to protect their accounts, starting with a change of password.
Image source: pixabay