1.4 Billion Personal Records Leaked by Global Spam Network!
David Joao Vieira Carvalho
Naoris Protocol Founder CEO and Chief Scientist, Naoris Consulting? Chairman, SmartSpyAI CEO | Cyber advisor at Nation-state level | CyberSecurity, Quantum and Blockchain Thought Leader and Speaker
World’s Most significant Spamming Network leaks 1.4 Billion Personal Identifiable Information Records
So, exactly why is this worrisome?
1.4 Billion PII Records Leaked by Worlds Largest Spammig Network. There is a moderately high probability that you, or at least someone you know, will be affected by this latest information breach.
A database of 1.4 Billion email addresses combined with genuine names, IP addresses, and more often than not physical address has been exposed creating the deluge of what appears to be one the largest information breaches of this year.
It was recently discovered that an unsecured and very exposed repository of network-available backup files linked to a notorious spamming organization named River City Media (RCM), led by well known spammers Matt Ferrisi and Alvin Slocombe.
Spammer’s Entire Operations Exposed
The databases contains sensitive information about the illicit industry’s operations, including nearly 1.4 Billion personally identifiable user information pieces, which were left completely available to anyone - even to anyone without username and password access.
It appears that RCM, which claims to be a recognized marketing firm, is accountable for sending of around a Billion unsolicited/unwanted email messages per day.
Besides disclosing more than a billion emails... the addresses, real names, IP lookups and, in some cases, pictures, were also among the data being leaked. The leak exposed several documents that revealed the interior workings of RCM's spamming operations.
These sort of illicit spamming operations can be extremely profitable. One particular leaked text shows an individual day of activity regarding RCM that sent 20 Million emails to Google mail users and 15 Million to AOL users, as well as the total amount cashed in by the junk email company that day, around $36, 000 USD.
The Hacking Strategies Used by RCM
The business employed many illegal hacking and cracking techniques to target as many users as possible. One of the primary hacking strategies was the Slow-loris attacks, a method built to cripple a web server as opposed to subvert it to the hackers wishes immediately and fully, this was done by spreading out as many connections as possible in between their activities and normal activity on the mail servers, This is done by purposefully establishing a configuration in which your own machine will send reply packets extremely slowly, including in a fragmented manner, although all the while constantly requesting more connections back.
Details of RSM’s operations and techniques have been provided to Microsoft, Apple, Spamhaus, and others affected vendors and platform vendors for study.
Spamhaus will be blacklisting RCM’s entire infrastructure coming from its Register of Known Spam Operations (ROKSO) Database System that tracks professional unsolicited email operations and black-lists these using a three-strike rule based on multiple algorithms that indicate compromise or malicious behavior.