Internet Security

We found a massive spam operation — and sunk its server

For ten days in March, millions were caught in the same massive spam campaign. Each email looked like it came from someone the recipient knew: the spammer took stolen email addresses and passwords, quietly logged into their email account, scraped their recently sent emails and pushed out personalized emails to the recipient of that sent…

Published 5 years ago in
We found a massive spam operation — and sunk its server


For ten daysin March, millions were caught in the same massive spam campaign.

Each email looked like it came from someone the recipient knew: the spammer took stolen email addresses and passwords, quietly logged into their email account, scraped their recently sent emails and pushed out personalized emails to the recipient of that sent email with a link to a fake site pushing a weight loss pill or a bitcoin scam.

The emails were so convincing more than 100,000 people clicked through.

We know this because a security researcher found the server leaking the entire operation. The spammer had forgotten to set a password.

Security researcher Bob Diachenko found the leaking data and with help from TechCrunch analyzed the server. At the time of the discovery, the spammer’s rig was no longer running. It had done its job, and the spammer had likely moved onto another server — likely in an effort to avoid getting blacklisted by anti-spam providers. But the server was primed to start spamming again.

Given there were more than three million unique exposed credentials sitting on this spammer’s server — hosted onintelimost.com, we wanted to secure the data as soon as possible. With no contact information for the spammer — surprise, surprise — we asked the hosting provider, Awknet, to pull the server offline. Within a few hours of making contact, the provider nullrouted the server, forcing all its network traffic into a sinkhole.

TechCrunch provided a copy of the database to Troy Hunt. Anyone can now check breach notification site Have I Been Pwned to see if their email was misused.

But the dormant server — while it was still active — offered a rare opportunity to understand how a spam operation works.

The one thing we didn’t have was the spam email itself. We reached out to dozens of people to ask about the email they received. Two replied — but only one still had a copy of the email.

The email sent by the spammer. (Image: supplied)

“The same mail appeared on three occasions,” said one of the recipients in an email to TechCrunch. “The subject was related to an email I had sent previously

Read More

Be the first to write a comment.

Leave a Reply

Internet Security

Massive Crypto Breach Unveiled: Latest Insights Emerge

In what appears to be the most significant crypto breach of the year, fresh revelations have emerged shedding light on the extensive infiltration into the digital realm. PeckShield, a reputable blockchain security firm, has disclosed a substantial breach impacting FixedFloat, a prominent platform facilitating cryptocurrency and fiat exchanges…

Published 4 days ago in
Massive Crypto Breach Unveiled: Latest Insights Emerge

In what appears to be the most significant crypto breach of the year, fresh revelations have emerged shedding light on the extensive infiltration into the digital realm. PeckShield, a reputable blockchain security firm, has disclosed a substantial breach impacting FixedFloat, a prominent platform facilitating cryptocurrency and fiat exchanges…
Read More

Continue Reading
Internet Security

Protests in Delhi a security challenge

Sit-ins and protests in and around the national capital are emerging as a big security challenge for the establishment. According to Delhi Police’s 2022 report, cops handled 6,277 law and order situations relating to protests, demonstrations, meetings and processions, with latest curbs being enforced due to the ongoing farmers’ protest around Delhi-NCR.A former Delhi police

Published 1 week ago in
Protests in Delhi a security challenge

Sit-ins and protests in and around the national capital are emerging as a big security challenge for the establishment. According to Delhi Police’s 2022 report, cops handled 6,277 law and order situations relating to protests, demonstrations, meetings and processions, with latest curbs being enforced due to the ongoing farmers’ protest around Delhi-NCR.A former Delhi police commissioner told ET: “Crowd management has become complex these days mainly due to social media…
Read More

Continue Reading
Internet Security

3 Protocols Expanding Bitcoin Network Into NFT, DeFi, and Tooling

Binance’s report identifies three protocols, bitSmiley, Liquidium, and Portal, that could expand Bitcoin’s reach into DeFi, NFTs and tooling sectors, potentially enhancing scalability and security. The post 3 Protocols Expanding Bitcoin Network Into NFT, DeFi, and Tooling appeared first on BeInCrypto…

Published 2 weeks ago in
3 Protocols Expanding Bitcoin Network Into NFT, DeFi, and Tooling

Binance’s report identifies three protocols, bitSmiley, Liquidium, and Portal, that could expand Bitcoin’s reach into DeFi, NFTs and tooling sectors, potentially enhancing scalability and security.
The post 3 Protocols Expanding Bitcoin Network Into NFT, DeFi, and Tooling appeared first on BeInCrypto…
Read More

Continue Reading
Internet Security

Congress seeks clarification from Yellen on crypto oversight plans, criticizes Howey Test

Share this article URL Copied Members of the US Congress have posed a list of questions in a recent letter to Treasury Secretary Janet Yellen in response to her call for enhanced oversight of crypto. Notably, they highlighted the limitations of the Howey Test in protecting consumers in the crypto market. The letter, signed by

Published 3 weeks ago in
Congress seeks clarification from Yellen on crypto oversight plans, criticizes Howey Test

Share this article

Members of the US Congress have posed a list of questions in a recent letter to Treasury Secretary Janet Yellen in response to her call for enhanced oversight of crypto. Notably, they highlighted the limitations of the Howey Test in protecting consumers in the crypto market.

The letter, signed by House Financial Services Committee Chair Patrick McHenry, House Agriculture Committee Chair Glenn Thompson, Rep. French Hill, and Rep. Dusty Johnson, seeks Yellen’s detailed explanation of how the regulatory framework should be shaped concerning digital assets, following her call earlier today.

Congress has requested clarification on the Securities and Exchange Commission’s (SEC) role. Notably, they have raised concerns about the effectiveness of the Howey Test, which is used to determine the classification of a transaction as an investment contract and, thus, a security. Congress is questioning whether the Howey Test is sufficient for providing adequate consumer protection.

The legislators have argued that the SEC’s retrospective application of the test does little to protect investors, stating:

“Chair Gensler has declared that “the vast majority of crypto tokens likely meet the investment contract test.” However, the final investment contract analysis is backwards looking, made by a court after the transaction in question has been completed. How does this reactive legal authority provide adequate protection for customers, in the absence of comprehensive legislation?”

Congress has also highlighted that the current regulatory framework does not cover a significant portion of the crypto-asset ecosystem, including Bitcoin and Ether. They have asked the Financial Stability Oversight Council (FSOC) whether these cryptocurrencies are considered securities. Led by Yellen, the FSOC brings together key financial regulators to monitor potential risks and safeguard the financial system.

Furthermore, Congressmen have expressed concern about regulatory gaps in spot markets for digital assets that are not considered securities. They are questioning if the Commodity Futures Trading Commission should expand its jurisdiction to include these spot markets, given its existing authority over certain aspects of non-security digital asset transactions. Congress expects to receive answers from Yellen by February 20.

Yellen has been actively advocating for stricter regulations after FTX’s collapse. In a testimony before the House Financial Services Committee on Tuesday, she warned of the risks associated with crypto platforms and stablecoins, urging Congress to enact stricter regulations for the crypto industry.

Share this article


The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

Crypto Briefing may augment articles with AI-generated content created by Crypto Briefing’s own proprietary AI platform. We use AI as a tool to deliver fast, valuable and actionable information without losing the insight – and oversight – of experienced crypto natives. All AI augmented content is carefully reviewed, including for factural accuracy, by our editors and writers, and always draws from multiple primary and secondary sources when available to create our stories and articles.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.

Trending News

Meme coin pre-sale raises over $40 million on Solana in less than 24 hours

Ecosystem

Mar. 28, 2024

BlackRock’s tokenized fund registers over $240 million in inflows within a week

Markets

Mar. 28, 2024

Restaking protocol Prisma Finance hit with $12 million exploit

Ecosystem

Mar. 28, 2024

EigenLayer on Bitcoin, StakeLayer Announced The Pre-Sale Distribution



8 hours ago

VGX Foundation, Gala Games, and Genopets Partner to Bring VGX Token Rewards to Genopets Players



16 hours ago

Share this article

Members of the US Congress have posed a list of questions in a recent letter to Treasury Secretary Janet Yellen in response to her call for enhanced oversight of crypto. Notably, they highlighted the limitations of the Howey Test in protecting consumers in the crypto market.

The letter, signed by House Financial Services Committee Chair Patrick McHenry, House Agriculture Committee Chair Glenn Thompson, Rep. French Hill, and Rep. Dusty Johnson, seeks Yellen’s detailed explanation of how the regulatory framework should be shaped concerning digital assets, following her call earlier today.

Congress has requested clarification on the Securities and Exchange Commission’s (SEC) role. Notably, they have raised concerns about the effectiveness of the Howey Test, which is used to determine the classification of a transaction as an investment contract and, thus, a security. Congress is questioning whether the Howey Test is sufficient for providing adequate consumer protection.

The legislators have argued that the SEC’s retrospective application of the test does little to protect investors, stating:

“Chair Gensler has declared that “the vast majority of crypto tokens likely meet the investment contract test.” However, the final investment contract analysis is backwards looking, made by a court after the transaction in question has been completed. How does this reactive legal authority provide adequate protection for customers, in the absence of comprehensive legislation?”

Congress has also highlighted that the current regulatory framework does not cover a significant portion of the crypto-asset ecosystem, including Bitcoin and Ether. They have asked the Financial Stability Oversight Council (FSOC) whether these cryptocurrencies are considered securities. Led by Yellen, the FSOC brings together key financial regulators to monitor potential risks and safeguard the financial system.

Furthermore, Congressmen have expressed concern about regulatory gaps in spot markets for digital assets that are not considered securities. They are questioning if the Commodity Futures Trading Commission should expand its jurisdiction to include these spot markets, given its existing authority over certain aspects of non-security digital asset transactions. Congress expects to receive answers from Yellen by February 20.

Yellen has been actively advocating for stricter regulations after FTX’s collapse. In a testimony before the House Financial Services Committee on Tuesday, she warned of the risks associated with crypto platforms and stablecoins, urging Congress to enact stricter regulations for the crypto industry.

Share this article


The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

Crypto Briefing may augment articles with AI-generated content created by Crypto Briefing’s own proprietary AI platform. We use AI as a tool to deliver fast, valuable and actionable information without losing the insight – and oversight – of experienced crypto natives. All AI augmented content is carefully reviewed, including for factural accuracy, by our editors and writers, and always draws from multiple primary and secondary sources when available to create our stories and articles.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.

Trending News

Meme coin pre-sale raises over $40 million on Solana in less than 24 hours

Ecosystem

Mar. 28, 2024

BlackRock’s tokenized fund registers over $240 million in inflows within a week

Markets

Mar. 28, 2024

Restaking protocol Prisma Finance hit with $12 million exploit

Ecosystem

Mar. 28, 2024

EigenLayer on Bitcoin, StakeLayer Announced The Pre-Sale Distribution



8 hours ago

VGX Foundation, Gala Games, and Genopets Partner to Bring VGX Token Rewards to Genopets Players



16 hours ago

Read More

Continue Reading