Spam bot found to contain millions of email accounts1 min read

Spam bots are a major cyber crime enabler for criminals. It allows criminals to spread malware and phishing emails, which are both considerable issues facing the cyber space today.

Massive Spambot Holds 711 Million Email Addresses. Here is a very brief explanation to understand why it has that many spam email addresses.

Email suppliers are locked in a cat and mouse battle trying to get rid of spam emails and email accounts. Progress if any is slow as the criminals are constantly adapting. One technique criminals use is using a few email accounts to send out loads of emails. These are easy to spot and are normally shut down promptly. Cyber criminals also use real peoples stolen email accounts which can be harder to spot. However, AI can identify sudden changes in activity, so it can be spotted and also shut down. To become harder to spot criminals have been utilising huge amounts of email accounts to spread spam emails. Each email address only sending a few emails so not to arouse suspicion.

The recently discovered spam bot so-called ‘Onliner’ was discovered by researcher ‘Benkow’ who claimed it to have been in use since at least 2016, spreading a banking trojan called Ursnif.

It was found to contain around 50GB of emails, credentials and SMTP configuration files, his blog post explains.

The millions of email addresses in question will unlikely be stolen human accounts and a lot will likely be bot generated ones.