Researchers Uncover Spambot With More Than 700 Million Emails
Does it seem like your spam folder fills up almost as soon as you empty it? That’s true for many of us, but where is all that spam coming from these days? The answer is that surprisingly few people are involved in the sending of most of the spam on the web. With anti-spam efforts growing stronger every year, new methods have risen to the forefront, and spam is deeply entangled with many of the other malicious efforts ongoing around the Web. Spambots — malware that gathers together data such as legitimate emails and the servers they pass through — are the biggest tool in the spammer’s arsenal today.
Recently, a security researcher uncovered the largest spambot ever found, and it was all thanks to a mistake on the part of the bad guys. They left a crucial web server unsecured, and when the researcher in question began probing what was available, he uncovered massive amounts of stolen user information. In total, there were nearly 711 million email addresses in the spambot’s data banks, alongside tens of millions of passwords and email server credentials used for evading the spam filters.
What’s the purpose of the bot? Distributing banking malware, said those who took a deeper look at the data. Approximately 80 million accounts, collected together from previous large-scale exposures of user data like those at LinkedIn, serve as the conduits through which spam flows to the remaining millions of email addresses. By gathering data on those who open the emails, such as machine type, location, and IP address, the spammers choose who to target with malicious attachments. Once downloaded, these “droppers” place a Trojan horse that targets banking information on the user’s machine.
Needless to say, there is no comparison to make to any other spambot regarding size or scope; however, researchers who took a deeper look at the data did notice that many email addresses had been gathered, or “scraped,” from the open web. As a result, not every email is a valid address, and another 23% of the emails came from previous breaches. Nonetheless, this is as good a time as any to assess the strength of your email passwords and to remember that not every type of malware creates a visible problem.