Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Longest-Ever Spam Catalogue Unearthed having 711m Passwords, E-mail Ids


Cyber-security researchers recently stumbled upon what according to them, is an unprecedented long catalogue of passwords and electronic mail ids utilized for spewing spam and delivering malicious software to victims worldwide.


The catalogue has an unbeatable 711m passwords and e-mail addresses, among which many were exposed during known hacks like the one in 2012 which struck LinkedIn, and these were recently discovered on one Netherlands located "spambot" server.


Known as "Onliner," the spambot utilizes an open server in Netherlands for thrusting the Ursnif malicious program inside mailboxes globally. The infamous Ursnif has a great capacity for filching huge volumes of data by attacking browsers and software programs, wherein banks are especially endangered. Onliner is known to have stolen 711m SMPT credentials, including passwords, electronic mail servers and e-mail ids- with 80m of the total tested for legitimacy as also employed for targeting the rest 631m A/Cs, while making an effort towards eluding anti-spam software. Alphr.com posted this, August 30, 2017.


The malicious program Ursnif is capable of quickly reading login credentials, passwords and credit card details as any spammer would characteristically dispatch some malware-tainted file through an attachment that looks harmless, contaminating the computer soon as it's downloaded. Attackers campaigning with the Onliner spambot established one highly complex system for circumventing extremely advanced spam filters.


Since spam mailers keep on innovating methods for getting past filters, it is now becoming more of an end-user task for filtering the junk. Sadly, one mustn't even open the e-mails as the action alone can do much for making the end-user a victim.


According to Mr. Hunt, the spambot catalogue has gotten tracked to one PC-server based in Netherlands; however, that has still to be closed. Presently, impacted users can only check whether the attackers targeted their e-mail ids, but not whether they compromised their accounts. However, speaking to BBC, Benkow said affected end-users could adopt protective measures that were still there.


Whilst huge volumes of e-mail ids are on the list the password volume related to the said ids happens to be a far bigger problem. Benkow suggested impacted end-users to reset their passwords, while remain watchful opening e-mails.

» SPAMfighter News - 9/6/2017

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page