'Onliner' Spambot Amassed Hundreds of Millions of Stolen Email Addresses
Massive spambot relying on stolen email addresses, credentials, and SMTP and port information to expand.
Security researchers have discovered a massive spambot called Onliner that contains a treasure trove of stolen users' email addresses, login and password information as well as port settings and SMTP credentials for some accounts, according to published reports.
Onliner is believed to have harvested 711 million records that likely came from a number of previous breaches and data dumps last year, according to Threatpost. However, a number of the email addresses go to nonexistent accounts, according to a BBC report.
The spambot can use the pure email addresses alone (without credentials) for phishing campaigns against the user, the BBC notes.
But attackers can also use stolen log-in credentials to take over email accounts and further their spambot efforts, according to the BBC. The stolen information about users' SMTP and port settings, meanwhile, can help attackers dupe anti-spam detection systems to allow the spam messages to go through.
Onliner Spambot, which has been in circulation since last year, is suspected of distributing the Ursnif banking Trojan and was discovered by a researcher known as Benkow.
Read more about Onliner here.
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024