Exposed: Massive spambot exposes 711 million email addresses
{{#rendered}} {{/rendered}}
More than 711 million email accounts have been exposed as part of a major spamming and malware operation, security researchers are warning.
As ZDNet reports, a researcher who goes by the handle Benkow recently discovered the credentials — including email addresses and associated passwords — on a spambot server hosted in the Netherlands. The spambot, called "Onliner," has been in use since 2016 to spread a banking Trojan called Ursnif, Benkow writes in a blog post.
Also included in the breach are about 80 million simple mail transfer protocol (SMTP) accounts, which "give the spammer a nice range of mail servers to send their messages from," according to security researcher Troy Hunt, who runs the breach notification site Have I Been Pwned, and has been working with Benkow to get the word out about the leak.
{{#rendered}} {{/rendered}}
As ZDNet explains, those credentials allow the perpetrators to "send what appears to be legitimate email," bypassing spam filters.
This article originally appeared on PCMag.com.