{"id":13278,"date":"2017-09-30T14:32:22","date_gmt":"2017-09-30T14:32:22","guid":{"rendered":"https:\/\/digital-sentinel.com\/?p=13278"},"modified":"2020-02-01T11:39:52","modified_gmt":"2020-02-01T11:39:52","slug":"giant-spambot-scooped-711-million-email-addresses","status":"publish","type":"post","link":"https:\/\/digital-sentinel.com\/breach\/giant-spambot-scooped-711-million-email-addresses\/","title":{"rendered":"Giant spambot scooped up 711 million email addresses"},"content":{"rendered":"

A malware researcher has discovered a spamming operation that has been drawing on a list of 711.5 million email addresses.<\/p>\n

The scale of the scheme appears to make it the biggest find of its kind.<\/p>\n

The addresses – and in some cases associated passwords – have apparently been gathered to help spread banking malware.<\/p>\n

Members of the public can check if their accounts have been affected via\u00a0the Have I Been Pwned service<\/a>.<\/p>\n

Its operator, Troy Hunt, acknowledged that some of the listed addresses corresponded to non-existent accounts.<\/p>\n

But he\u00a0added that the number<\/a>\u00a0that had been collated still totalled a “mind-boggling amount”.<\/p>\n

Hidden images<\/h2>\n

The Spambot discovery was\u00a0first flagged by a Paris-based<\/a>\u00a0security expert who calls himself Benkow.<\/p>\n

It was then brought to wider attention by the\u00a0ZDnet news site<\/a>.<\/p>\n

 <\/p>\n

The database of 711 million user details can be divided in two.<\/p>\n

In cases where the attackers know only an email address, they can only target the owner with spam in the hope of tricking them into revealing more information.<\/p>\n

But in cases where they also have the user’s login password and other details, they can secretly hijack their accounts to aid their campaign via a spambot known as Onliner.<\/p>\n