A malware researcher going by the Twitter handle, Benkow moʞuƎq, has uncovered a huge stash of emails and passwords stored on an open server in The Netherlands. The stolen credentials were apparently harvested by a spambot known as, Onliner. This spambot has been used to deliver banking malware which has compromised over 100,000 accounts.
Troy Hunt, who runs the Have I Been Pwned (HIBP) website, has called this the “largest single set of data I’ve ever loaded into HIBP.” Over 711 million credentials are listed with only 27% being repeats from previous dumps. That’s probably the most sobering fact to extract from this data. His report gives more details of this dump.
Just assume that your email is on the list. Sadly, when I checked my own emails, I found they were listed. The good news is that I had changed my login credentials since the information was taken.
This is just a brief post to alert anyone who may be affected as soon as possible. I suggest visiting the Have I Been Pwned site to see if you are listed. If you are, you will be given a list of the breaches you were caught up in. If you have not changed your password since the time of that breach, do so at once.
For those interested in seeing the damage that the banking trojan associated with these emails can do, see this post.