![]() ![]() Onliner has the required details for about 80 million accounts which are then used to spam the remaining 630 million email addresses. "The more SMTP servers he can find, the more he can distribute the campaign," Benkow wrote about the spammers. Benkow was able to grab about 40GBs of the spamming data comprised of email addresses, passwords in clear text, and configuration files. To send spam, Benkow explains in a blog post that a large number of legitimate SMTP (Simple Mail Transfer Protocol) credentials are needed to trick servers into thinking the spam messages are legitimate emails. Onliner takes advantage of credentials harvested from other security breaches, including the LinkedIn hack from 2012, phishing campaigns, and other sources. The discovery was made when a security researcher known as Benkow uncovered an open web directory on a web server used by Onliner. The emails have been seen disguised as invoices from government bodies, hotel reservations, and DHL notifications. The trojan then steals passwords, credit card details, and other personal information by tricking a user into opening an attachment in the email which causes the malware to download, infecting the computer. Onliner is used to send the banking malware Ursnif to vulnerable Windows computers. A new spambot called Onliner has been discovered which can bypass spam filters and target 711 million email addresses, as noted by ZDNet. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |