The Hacker News Logo
Subscribe to Newsletter

The Hacker News — Cyber Security and Hacking News Website: spamming

Over 711 Million Email Addresses Exposed From SpamBot Server

Over 711 Million Email Addresses Exposed From SpamBot Server

August 30, 2017Swati Khandelwal
A massive database of 630 million email addresses used by a spambot to send large amounts of spam to has been published online in what appears to be one of the biggest data dumps of its kind. A French security researcher, who uses online handle Benkow , has spotted the database on an "open and accessible" server containing a vast amount of email addresses, along with millions of SMTP credentials from around the world. The database is hosted on the spambot server in Netherlands and is stored without any access controls, making the data publicly available for anyone to access without requiring any password. According to a blog post published by Benkow, the spambot server, dubbed "Onliner Spambot," has been used to send out spams and spread a banking trojan called Ursnif to users since at least 2016. Ursnif Banking Trojan is capable of stealing banking information from target computers including credit card data, and other personal information like login
Suspected Kelihos Botnet Operator Arrested in Spain

Suspected Kelihos Botnet Operator Arrested in Spain

April 10, 2017Wang Wei
Update (Tuesday, April 11):  The arrest of a Russian man in Spain was apparently for his role in Kelihos botnet responsible for sending hundreds of millions of spam emails worldwide. A Russian computer hacker and alleged spam kingpin was arrested in Barcelona, Spain, on Friday reportedly over suspicion of being involved in hacking attacks linked to alleged interference in last year's United States presidential election process . 36-year-old Peter Yuryevich Levashov  from St. Petersburg was detained by police in Barcelona after US authorities issued an international arrest warrant for his arrest. While the Russian embassy in Madrid announced Levashov's arrest on Sunday, it did not confirm the reason for his arrest. This is the second arrest made by the Spanish authorities since the US 2016 election. In January, the police detained Stanislav Lisov , 32, on suspicion of creating and operating the NeverQuest Banking Trojan and possibly influencing the presidential elec
Database of 1.4 Billion Records leaked from World’s Biggest Spam Networks

Database of 1.4 Billion Records leaked from World’s Biggest Spam Networks

March 06, 2017Mohit Kumar
A database of 1.4 billion email addresses combined with real names, IP addresses, and often physical address has been exposed in what appears to be one the largest data breach of this year. What's worrisome? There are high chances that you, or at least someone you know, is affected by this latest data breach. Security researcher Chris Vickery of MacKeeper and Steve Ragan of CSOOnline discovered an unsecured and publicly exposed repository of network-available backup files linked to a notorious spamming organization called River City Media (RCM), led by notorious spammers Matt Ferrisi and Alvin Slocombe. Spammer’s Entire Operation Exposed The database contains sensitive information about the company's operations, including nearly 1.4 Billion user records, which was left completely exposed to anyone – even without any username or password. According to MacKeeper security researcher Vickery, RCM, which claims to be a legitimate marketing firm, is responsible for s
​Google, Yahoo, Facebook Collaborate to Blacklist Bad Bots

​Google, Yahoo, Facebook Collaborate to Blacklist Bad Bots

July 22, 2015Mohit Kumar
The major tech companies including Google, Facebook, and Yahoo! have joined their hands to launch a new program meant to block fake web traffic by blacklisting flagged IP addresses. Today, majority of data center traffic is non-human or illegitimate, so to fight against this issue the Trustworthy Accountability Group (TAG) has announced a program that will tap into Google's internal data-center blacklist to filter bots. The new pilot program will reject traffic from web robots or bots by making use of a blacklist, cutting a significant portion of web traffic from within data centers, said Google Ad Manager Vegard Johnsen. Google or any other big tech firm maintains a Blacklist that lists suspicious IP addresses of computer systems in data centers that may be trying to trick the human into clicking on advertisements. Google's DoubleClick blacklist alone blocked some 8.9% of data-center traffic back in May. Facebook and Yahoo to Contribute Apart from Goo
Mumblehard Malware Targets Linux and FreeBSD Servers

Mumblehard Malware Targets Linux and FreeBSD Servers

May 02, 2015Swati Khandelwal
Thousands of computers and web servers running Linux and FreeBSD operating systems have been infected over past five years with sophisticated malware that turn the machines into spambots. The new Linux malware, discovered by the security researchers from the antivirus provider Eset, has been dubbed " Mumblehard " because it is Muttering spam from your servers , says Eset 23-page long report (PDF) titled "Unboxing Linux/Mumblehard." Researchers have logged more than 8,500 unique IP addresses during the seven months period of research that were hit by Mumblehard Linux malware and found over 3,000 machines joined them in the past three weeks. Mumblehard features two basic components: Backdoor  Spamming daemon  Both written in the Perl programming language and "feature the same custom packer written in assembly language." The backdoor allows hackers to infiltrate into the system and control the command and control servers, and t
WhatsApp for Windows? Naaa.. Hackers are spamming Malware as WhatsApp Software

WhatsApp for Windows? Naaa.. Hackers are spamming Malware as WhatsApp Software

January 24, 2014Anonymous
Cyber criminals are taking advantage of the widespread popularity of the mobile messaging app ' WhatsApp '. A malware expert at the Kaspersky Lab revealed a large-scale spamming campaign, advertising a fake PC version of the WhatsApp , to spread a banking trojan. According to the report, unaware users have received an email written in Portuguese language , it also tries to deceive the recipient with a social engineering tactic in which cyber criminals composed the malicious email informing that victims already have 11 pending friend invitations.  If users click on the “ Baixar Agora ” (Download Now) link in the spam email, they will be redirected to a Hightail.com URL to download the Trojan. Hightail is a cloud storage service, the malicious component deployed on it then downloads the malware via a server in Brazil. The file stored on Hightail server looks like a 64-bit installation file bundled with 2.5 megabyte MP3 file. According to Virus Total engine, onl
Rodpicom Botnet spreading via Skype and MSN Messenger

Rodpicom Botnet spreading via Skype and MSN Messenger

February 10, 2013Mohit Kumar
Malwares are getting updated during the age of social networking. FortiGuard Labs researchers have discovered a new malware called ' Rodpicom Botnet ' that spreads via messaging applications such as Skype and MSN Messenger. Dubbed W32/Rodpicom.A - Rodpicom Botnet sends a message to the victim with a link to a malicious site that leads to downloadable content. When the user clicks the link, the attack downloads another strain of malware, known as Dorkbot . Once the target machine is infected, it checks to see if the victim is using any messaging applications such as Skype or MSN Messenger.  It is revealed that, the malware employs new stealth tactics, including an exception handling technique that generates its own error to dodge analysis and relies on an anti-emulator that attacks the heuristic-scanning capabilities in antivirus software and enables its code to jump around several hundred times. The malware is enough smart to checks the language of the installed operating
Exclusive Deals

Get Daily News Updates By Email

Join over 350,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.