'Onliner' Spambot Amassed Hundreds of Millions of Stolen Email Addresses
Massive spambot relying on stolen email addresses, credentials, and SMTP and port information to expand.
Security researchers have discovered a massive spambot called Onliner that contains a treasure trove of stolen users' email addresses, login and password information as well as port settings and SMTP credentials for some accounts, according to published reports.
Onliner is believed to have harvested 711 million records that likely came from a number of previous breaches and data dumps last year, according to Threatpost. However, a number of the email addresses go to nonexistent accounts, according to a BBC report.
The spambot can use the pure email addresses alone (without credentials) for phishing campaigns against the user, the BBC notes.
But attackers can also use stolen log-in credentials to take over email accounts and further their spambot efforts, according to the BBC. The stolen information about users' SMTP and port settings, meanwhile, can help attackers dupe anti-spam detection systems to allow the spam messages to go through.
Onliner Spambot, which has been in circulation since last year, is suspected of distributing the Ursnif banking Trojan and was discovered by a researcher known as Benkow.
Read more about Onliner here.
About the Author(s)
You May Also Like
Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024