- 711 Million Emails Exposed In “Largest” Spamming Campaign On The Internet
More than 711 million email accounts have been exposed as part of a major spamming and malware operation, security researchers are warning. As ZDNet reports, a researcher who goes by the handle Benkow recently discovered the credentials — including email addresses and associated passwords — on a spambot server hosted in the Netherlands. The spambot, called “Onliner,” has been in use since 2016 to spread a banking Trojan called Ursnif. The breach is about 80 million simple mail transfer protocol (SMTP) accounts, which “give the spammer a nice range of mail servers to send their messages from,” according to security researcher Troy Hunt. As ZDNet explains, those credentials allow the perpetrators to “send what appears to be a legitimate email,” bypassing spam filters.
Cyber Security Tips: Users are strongly recommended that check your email is pwned, reset your email password, enable two-way authentication, beware of a phishing attack, avoid click on any spam links and use a strong password.
- Massive Email Campaign Sends Locky Ransomware to Over 23 Million Users
Locky ransomware has previously targeted millions of users. Locky is ransomware malware released in 2016. It is delivered by email (that was allegedly an invoice requiring payment) with an attached Microsoft Word document that contains malicious macros. When the user opens the document, it appears to be full of garbage, and it includes the phrase “Enable macro if data encoding is incorrect,” a social engineering technique. Locky ransomware is back again, but this time spreading through email attachments. The campaign spotted by researchers at AppRiver sent out more than 23 million messages containing Locky ransomware in just 24 hours on 28 August across the United States. According to the researchers, the emails sent out in the attack were “extremely vague,” with subjects lines such as “please print,” “documents,” “images,” “photos,” “pictures,” and “scans” in an attempt to convince victims into infecting themselves with Locky ransomware. Once a victim tricked into clicking it, the VBS file starts a downloader that downloads the latest version of the Locky ransomware, called Lukitus (which means “locked” in Finnish), and encrypts all the files on the target computer, and appends [.]lukitus to the encrypted data. After encryption process ends, the malware displays a ransomware message on the victim’s screen.
Cyber Security Tips: To prevent from such ransomware’s users are strongly recommended that never click on unknown emails, beware of phishing, keep using reputed antivirus, keep system up-to date and regularly backup your data.
- Instagram Suffers Data Breach! Hacker Stole Contact Info of High-Profile Users
Instagram is a mobile, desktop, and Internet-based photo-sharing application and service that allows users to share pictures and videos either publicly or privately. The around 700 million-user-strong, Facebook-owned photo sharing service has currently notified all of its verified users that an unknown hacker has accessed some of their profile data, including email addresses and phone numbers, using a bug in Instagram. The flaw actually resides in Instagram’s application programming interface (API), which the service uses to communicate with other apps. Instagram declined to name the high-profile users targeted in the breach, but the news comes two days after some unknown hacker hijacked most followed Instagram account belonged to Selena Gomez and posted her ex-boyfriend Justin Bieber’s nude photographs. Instagram did not mention if the recent data breach was related to Selena’s hacked account. It is not cleared yet how many users ware infected.
Cyber Security Tips: Users are strongly recommended that reset your passwords as soon as possible if you already linked your account with Instagram you are recommended to reset Facebook password too, enable two-factor authentication, use a strong password.