More Than 700 Million Emails Exposed in a Spambot Vulnerability

Posted on the 02 October 2017 by Darkwebnews @darkwebnews

Over 700 million emails have been exposed to the public due to a misconfiguration attributed to a Spambot.

In the process, some email passwords were leaked. This is the latest in a series of recent crippling data breaches, only digging deeper into the fate of online security and safety.

In this case, the actual amount of leaked personal email addresses is likely to be less than the 700 million estimate, because of possible repeated, fake and malformed emails.

Often times, cybercriminals will deliver fake emails to unsuspecting victims.

Upon opening the message, the attackers can gain access to the device and conduct identity theft or other types of fraud. And after their mission is successful, the emails are dumped.

For this reason and others, it is no doubt that the number of emails exposed in the breach is running into the hundreds of millions. And so, one can note that not all of them are fully functional.

But for those that are functional, the users ought to take extreme measures to ensure that they change their passwords and further secure their email accounts by implementing security questions, two-factor authentication (2FA) and other similarly effective methods.

Troy Hunt, operator of the data breach notification website Have I Been Pwned? Was one of the first to discover the massive trove of leaked emails.

In a post explaining the breach, he indicated that the hack occurred since the spammers involved in the operation failed to secure their servers.

And in the process, visitors who accessed the server were able to download whatever information they needed based on what was available.

This was due to the lack of a login framework, which meant anyone could access the data without any credentials.

However, this is not the first time that a breach has occurred because of simple system misconfigurations.

Earlier this year, for example, Verizon was hit with a massive security breach that exposed the records of at least 14 million customers.

The breach was as a result of an error in the setup process. An Israeli tech firm tasked with controlling the remote storage server for Verizon failed to adhere to some key rules, and as a result, the breach transpired.

Since the sheer volume of daily online activities is growing at an exponential rate in this digital era, the world is expected to see more breaches of high-level caliber in the coming months and years.

Technically speaking, it is very difficult to determine the exact number of people who have accessed the breached email data.

Due to the sensitivity of such information, one can conclude that it is impossible to know the exact number of third parties who gained access to the server and downloaded the data.

What's more, it's also impossible to know how the information will be used by the third parties who have obtained the data.

Multiple reports indicate that data from previous breaches are at times used in future for one reason or the other.

In his post detailing the discovery of the leaks, Hunt reported that many emails in the spambot breach are directly connected to a hack of LinkedIn user credentials that occurred more than a year ago.

This supports the likelihood that the third party entities who have access to the information from the spambot breach will also use this data in the future.

If one's email happens to be among the many in the spambot leak, it is no easy task to ascertain where exactly the spammers got it from because reports indicate that some were as a result of mere guesswork.

Other reports suggest that the spambot server used in this case was also used to spread a Trojan dubbed "Ursnif" back in 2016.

The Trojan is said to have the capability of stealing banking information as well credit/debit card details which can be used for carding purposes.

Apart from that, the Trojan can also gather other personal data, such as passwords.

As anticipated, several dossiers were released, and Hunt even mentioned that the location of the spambot server is confirmed to be in the Netherlands.

As earlier mentioned, not all the emails exposed in the leak have login credential information, but this provides room for more spammers to use the leaked data to help with their various operations-no matter what they are.

As such, it is expected that some will apply the element of randomness and guesswork to try and access the emails to see if they can find something that will be useful to them.

Since the majority of individuals, businesses and organizations store their data on email accounts, then for sure, the individuals responsible for this breach are likely to benefit from the hack in one way or another.

Again, users should take precautions to ensure that they stay safe online by adhering to some basic tips. Not only will these tips help you stay safe, but they will also protect your identity from being stolen by an unknown entity with malicious intentions.

Disclaimer:

The articles and content found on Dark Web News are for general information purposes only and are not intended to solicit illegal activity or constitute legal advice. Using drugs is harmful to your health and can cause serious problems including death and imprisonment, and any treatment should not be undertaken without medical supervision.

You need to enable JavaScript to vote