A French security research with pseudonymous handle Benkow spotted an open database containing a vast amount of email addresses along with millions of SMTP credentials from around the world. He found this database on a spambot server, dubbed “Onliner Spambot.”
Information leaked are crucial for the spammers to perform large scale malware operation. One can use the email addressed and SMTP credentials to bypass spam filters through legitimate email servers.
Onliner Spambot is used to send out spams and spread trojan. This database is hosted on the server located in Netherlands. This data is publicly available for anyone to access without requiring any password.
The researcher also explained that the list contains a huge list of valid SMTP credentials. There are 80 million SMTP credentials and 630 million accounts via different email service providers. This is how they can use leaked database to send spam emails.
It is difficult to know how this list was curated but it contains emails leaked in previous data breaches.The list contains email address scrapped from different other data breaches, such as LinkedIn, MySpace and Dropbox. He was also able to identify a list of 2 million email addresses to be originated from a Facebook phishing campaign.
You can check if your email address is in the list by using the website haveibeenpwned.com. This website stores the details of passwords that have been leaked in past. If your email/password combination is there, you must change your password now.
To be safe, never open or respond to any emails from unknown senders. Never clicks on links or download attachments from unknown senders. If you are using any of the email address leaked in past leaks, change your password now.
