Its operator, Troy Hunt, acknowledged that some of the listed addresses corresponded to non-existent accounts.<\/p>\n
But he\u00a0added that the number<\/a>\u00a0that had been collated still totalled a “mind-boggling amount”.<\/p>\n The Spambot discovery was\u00a0first flagged by a Paris-based<\/a>\u00a0security expert who calls himself Benkow.<\/p>\n It was then brought to wider attention by the\u00a0ZDnet news site<\/a>.<\/p>\n The database of 711 million user details can be divided in two.<\/p>\n In cases where the attackers know only an email address, they can only target the owner with spam in the hope of tricking them into revealing more information.<\/p>\n But in cases where they also have the user’s login password and other details, they can secretly hijack their accounts to aid their campaign via a spambot known as Onliner.<\/p>\n Benkow acknowledged that it was “difficult to know where [the] credentials had come from”, but suggested that they might have been gathered from previous leaks, a Facebook phishing campaign and illegal sales of hacking victims’ details.<\/p>\n In some cases, the perpetrators had gathered details of the accounts’ simple mail transfer protocol (SMTP) server and port settings.<\/p>\n This information could be used to fool email providers’ spam-detecting systems into letting messages through that might otherwise have been blocked.<\/p>\n “While the list of mailable addresses is quite large, it is probably no larger than any seen previously,” Richard Cox, former chief information officer of the Spamhaus project, told the BBC.<\/p>\n “The lists of compromised accounts are more worrying.<\/p>\n “When compromised accounts are used for spam, they can only be stopped by their providers suspending the account – but when that many are involved, it will severely overload the security\/abuse departments of those providers, making it a slow process and that is what keeps the spam flowing.”<\/p>\n Benkow added that the Onliner spambot had been hiding tiny pixel-sized images in the emails it had sent out, which were used to harvest information about recipients’ computers.<\/p>\n This meant that the right kinds of malware attachments required to infect different types of devices could be included when follow-up messages masquerading as business invoices were delivered.<\/p>\n Mr Hunt said that the Spambot lists had been tracked to a Netherlands-based computer server, but it had yet to be shut down.<\/p>\n For now, affected users are able to check only if their email addresses have been targeted, but not if their accounts have been hijacked.<\/p>\n But Benkow told the BBC there were still protective steps affected users could take.<\/p>\n “I recommend you to change your password, and be more vigilant with the emails that you receive, now you know that you’re on malware deliverers’ lists,” he said.<\/p>\n Source: bbc.co.uk<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"![\"Spam\"](\"https:\/\/ichef.bbci.co.uk\/news\/624\/cpsprodpb\/168FA\/production\/_97601429_c2c5a4c9-ef31-4d3f-8a6d-a776b029a45d.jpg\")