Analyst Learns Spambot Has Exposed 711 Million Email Addresses

By Jessica Ferrera, Christian Post Contributor

It has been recently learned that a spambot was responsible for a huge data breach exposing up to 711 million email addresses.

The initial report came from a malware analyst who goes by the name Benkow moʞuƎq on Twitter.

Benkow later on notified web security analyst Troy Hunt who is also famous for operating the website Have I Been Pwned about the recent data breach that compromised 711 million email accounts.

Get Our Latest News for FREE

Subscribe to get daily/weekly email with the top stories (plus special offers!) from The Christian Post. Be the first to know.

Hunt wrote his own blog post about the data breach and emphasized that this was by far the largest spam list he encountered.

Right now, this incident sits at the no. 1 spot of the top 10 list of breaches according to Have I Been Pwned.

In report by ZDNet, it was mentioned that Benkow was able to trace the data breach to "an open and accessible web server hosted in the Netherlands." It had stashed large amounts of data that include email addresses and even corresponding passwords.

Benkow also published his own blog to explain the recent data breach. In it, he explained that spambot has a more complicated job given the availability of more advanced security measures nowadays.

A spambot operates in a couple of different ways. Usually, it exploits vulnerable websites and applies a personal home page scripting language to send spam emails.

Meanwhile, Benkow identified another way to spread spam emails, which is through creating or buying a malware that will do the job of sending spam emails to thousands of addresses. Benkow described this as "more brutal" since the use of malware allows the attacker to spread the spam email to even more accounts only through the IP of one email user.

However, Benkow added that for this to be completely successful, the attacker will need a bunch of Simple Mail Transfer Protocol credentials. This disguises spam emails as real messages so they can get through servers and onto inboxes.

Meanwhile, people can now check if their email accounts were involved in the 711 million data breach by simply searching for it through Have I Been Pawned.

Was this article helpful?

Help keep The Christian Post free for everyone.

By making a recurring donation or a one-time donation of any amount, you're helping to keep CP's articles free and accessible for everyone.

$25/month$50/quarter$100/yearOne-time

We’re sorry to hear that.

Hope you’ll give us another try and check out some other articles. Return to homepage.