You must Register or Sign in to your Cyware account to perform this action
×Once you are logged in, you will be able to:
Customize your feeds by selecting categories you like
Comment on or Like an article
Receive the latest security stories, trends, and insights in your inbox
Build your profile and login across multiple devices
Bookmark a story and read it later
- Home
- Hacker News
- Breaches and Incidents
- Misconfigured database operated by hackers found exposing almost 5GB of stolen credentials

Misconfigured database operated by hackers found exposing almost 5GB of stolen credentials
Misconfigured database operated by hackers found exposing almost 5GB of stolen credentials- April 3, 2019
- |
- Breaches and Incidents
/https://cystory-images.s3.amazonaws.com/shutterstock_575025364.jpg)
- The massive email spam campaign has resulted in the compromise of five million unique email credentials.
- The campaign had occurred between March 8 and March 18, 2019.
Unprotected databases of organizations that expose sensitive data are not a new thing, but misconfigured databases of hackers leaking stolen data are! Recently, researchers have come across a massive email spam campaign that has resulted in the compromise of five million unique email credentials.
The bigger picture - Security researcher Bob Diachenko along with the help of Zack Whittaker from TechCrunch found that an unprotected database was leaking almost 5GB of 11,535,164 records. These records primarily contained compromised emails and plain-text passwords belonging to UK-based users. The researchers were able to gain access to the data as the spammers had forgotten to set the database with a password.
How was the campaign operated - The spammers behind this spam campaign had managed to steal the trove of data in a span of just 10 days - from March 8 to 18, 2019. The campaign had most of the targets in the UK. The spammers used two types of campaigns to steal the data which were called:
- Boost UK
- Feed UK
The credentials, thus stolen, were found to be hosted on a domain ‘intelimost[.]com, which is blacklisted by Spamhaus - an international nonprofit organization that tracks spam and related cyber threats.
What has been done - The researchers contact the host provider, Awknet following the discovery of the issue. It has asked the firm to pull the server offline. Within a few hours of making contact, the provider routed the network traffic of the affected server into a sinkhole.
A copy of the database is available on the breach notification site ‘Have I Been Pwned’.
Get such articles in your inbox
News
-
Previous News Kill the security bugs by updating your Android devices: Patch Tuesday - Week 1, April 2019
- April 3, 2019
- |
- Computer, Internet Security
-
Next News OceanLotus threat actor group leverages Steganography to deliver backdoors
- April 3, 2019
- |
- Threat Actors
Popular News
Related News
Categories
Get such articles in your inbox
News
-
Previous News Kill the security bugs by updating your Android devices: Patch Tuesday - Week 1, April 2019
- April 3, 2019
- |
- Computer, Internet Security
-
Next News OceanLotus threat actor group leverages Steganography to deliver backdoors
- April 3, 2019
- |
- Threat Actors
Popular News
Related News
Categories
