“A huge spambot ensnaring 711 million email accounts has been uncovered,” Zack Whittaker reports for ZDNet. “A Paris-based security researcher, who goes by the pseudonymous handle Benkow, discovered an open and accessible web server hosted in the Netherlands, which stores dozens of text files containing a huge batch of email addresses, passwords, and email servers used to send spam. Those credentials are crucial for the spammer’s large-scale malware operation to bypass spam filters by sending email through legitimate email servers.”
“The spambot, dubbed ‘Onliner,”‘ is used to deliver the Ursnif banking malware into inboxes all over the world. To date, it’s resulted in more than 100,000 unique infections across the world, Benkow told ZDNet,” Whittaker reports. “Troy Hunt, who runs breach notification site Have I Been Pwned, said it was a ‘mind-boggling amount of data.’ Hunt, who analyzed the data and details his findings in a blog post, called it the ‘largest’ batch of data to enter the breach notification site in its history.”
“These emails appear innocuous enough, but they contain a hidden pixel-sized image. When the email is open, the pixel image sends back the IP address and user-agent information, used to identify the type of computer, operating system, and other device information,” Whittaker reports. “That helps the attacker know who to target with the Ursnif malware, by specifically targeting Windows computers, rather than sending malicious files to iPhone or Android users, which aren’t affected by the malware.”
Read more in the full article here.
“Just for a sense of scale, that’s almost one address for every single man, woman and child in all of Europe,” Troy Hunt blogs. “Email addresses, passwords and SMTP servers and ports spread across tens of gigabytes of files. It took HIBP 110 data breaches over a period of 2 and a half years to accumulate 711m addresses and here we go, in one fell swoop, with that many concentrated in a single location. It’s a mind-boggling amount of data.”
Read more in the full article here.
MacDailyNews Take: Macintosh unaffected. Yes, The Microsoft Tax is in full effect once again!
Regardless, this is yet another good reminder to employ strong, unique passwords for every service and use multi-step verification wherever possible.
Mac users can use Apple’s Keychain Access and iCloud Keychain to create and manage them. For those of us who are smartly all-Apple, it works like a dream.
The Pentagon and its big time defense contractors use Microsoft OSes because the contracts go to the lowest bidders. Any immediate cost savings are too often negated by their need to install, maintain, update, and fix the Microsoft-based breeches in the long term. Just think how many repair/fix jobs so-called “job creators” create above and beyond the essential ones needed which, by the way, GOP Sen. Mitch (Wasteful Spending) McConnel never mentions. He instead blames poor women raising children and the dispossessed.
So, once the wasteful-spending on Microsoft products ends, the federal gov. Could reduce the deficit significantly. But this will not happen as long as he and the rest of Congress get kickbacks from defense contractors for being allowed to ubiquitously deploy non-Apple OS products across all sectors of the US gov, not just in defense.
After the Apple stocks hits new highs I think think that the Macintosh unaffected is my next favorite headline. I guess that security through obscurity really works. That’s a tongue in cheek remark.
You know the /shjtt tag (satire, humor, joke, tall tale).
Windows is an open sewer. Been there. It stank. Didn’t go back.
All email clients on all platforms ARE susceptible to one aspect of this privacy invasion:
These emails appear innocuous enough, but they contain a hidden pixel-sized image. When the email is open, the pixel image sends back the IP address and user-agent information, used to identify the type of computer, operating system, and other device information
These bit-sized images are called Web Beacons. In this case they’re really Email Beacons. They’re images that are NOT included in the received email. They’re actually an HTML tag pointing to the image, which resides on the SpamRat’s server.
IF you allow your email client program do automatically download these images to your computer, you’ve been IDed by the SpamRat. They know you’re a living, breathing target of future Spam Bombing.
Here’s where to turn OFF the proper setting in macOS Apple Mail to STOP allowing Web Beacons to suck on your privacy:
There’s a similar setting in iOS Mail as well.