A spambot holding 711 million email accounts has been uncovered in the Netherlands. It has resulted in the public leak of those email addresses and passwords, according to media reports.
The “Onliner” spambot delivers destructive Ursnif banking malware. It has caused over 100,000 unique infections, ZDNet reports.
The discovery was made by Benkow, a Paris-based security researcher.
Consumers are being urged to change their email passwords.
Benkow uncovered an accessible web server located in the Netherlands. It stores email addresses, passwords and has email servers that are used to send spam, ZDNet states.
These allow the malware operation to bypass spam filters by sending email through legitimate email servers, ZDNet says.
Troy Hunt, a security expert who operates the Have I Been Pwned site, tweeted: “Processing the largest list of data ever seen in @haveibeenpwned courtesy of a nasty spambot. I'm in there, you probably are too.”
The Guardian adds that the email data has been leaked, thanks to the “misconfigured spambot.”
When the attackers have only an email address, they try to trick the victim into sharing more information, BBC notes.
But when they have the password, however, they can hijack the account to deliver the Onliner malware, BBC continues
According to BBC, Benkow said it was "difficult to know where [the] credentials had come from." However, he suggested that they “might have been gathered from previous leaks, a Facebook phishing campaign and illegal sales of hacking victims' details,” BBC reports.
The Guardianadds that “the number of real humans’ contact details contained in the dump is likely to be lower, however, due to the number of fake, malformed and repeated email addresses contained in the dataset, according to data breach experts.
It took Benkow months to penetrate the Ursnif malware, a “data-stealing trojan used to grab personal information such as login details, passwords, and credit card data,” ZDNet states.