Spamming operation hijacks 711.5 million email addresses

A malware researcher has discovered a spamming operation that gathered a list of 711.5 million email addresses, used to spread banking malware.

A Paris-based security expert called Benkow, who brought this to the attention of the CZnet news site, found the Spambot discovery.

According to Benkow, the Spambot hides tiny pixel-sized images in sent out emails, collecting information about the computers targeted, and affecting different types of devices with malware attachments that consumers may perceive as business invoices.

He acknowledged that it was “difficult to know where the credentials had come from”, but suggested that it might be from a phishing campaign on Facebook.

The hackers gathered details of the accounts’ simple mail transfer protocol port and server settings, with the information collected used to fool email providers’ spam-detecting systems into letting blocked messages accessible, according to the BBC.

‘Be more vigilant with received emails’

Richard Cox, former chief information officer of the Spamhaus project, told the BBC: “While the list of email addresses is quite large, it is probably no larger than any seen previously.

“The lists of compromised accounts are more worrying.

“When compromised accounts are used for spam, they can only be stopped by their providers suspending the account – but when that many are involved, it will severely overload the security/abuse departments of those providers, making it a slow process and that is what keeps the spam flowing.”

Affected users are able to check if their email addresses have been targeted, but not if their accounts have been hijacked.

Benkow also noted users should change their passwords and be more vigilant with received emails.

Written by Leah Alger