Till now spambot has trapped 711 million email accounts.
Malware attacks on PCs and email accounts have become more common nowadays. Just a few month ago a malware named WannaCry attacked hundreds of PCs in more than 150 countries worldwide and now a new malware spambot has been discovered. It was first discovered by a security researcher, Benkow. He said that he has discovered millions of emails and credentials on a spambot server. Basically, the spambot has acquired million of email credentials in order to send spam through “legitimate” servers.
According to BBC,
“The database of 711 million user details can be divided in two. In cases where the attackers know only an email address, they can only target the owner with spam in the hope of tricking them into revealing more information. But in cases where they also have the user’s login password and other details, they can secretly hijack their accounts to aid their campaign via a spambot known as Onliner.”
The “Onliner” spambot malware is used to deliver the Ursnif banking malware into emails more specifically into inboxes to infect Windows computers. It could easily pass through spam filters and lands easily into your inbox because it is coming from a legitimate server. And once you open the attachment it will infect your computer and can easily steal your passwords, credit card information and bank log-ins etc.
While talking to a media outlet Benkow said, “it’s resulted in more than 100,000 unique infections across the world.” Furthermore, Tory Hunt, a guy who runs a website “Have I Been Pwned” said that it is the largest set of data which he has loaded into his database of compromised accounts.
Aside from the above mentioned new, tech giant Google has recently removed 500 apps with Spyware from the Play Store after a mobile security firm made this discovery.
Source: Engadget, Via: Zdnet