Trik Trojan Spam Botnet 43 Million email addresses leaked
News | 06/13/2018

43 Million Email Addresses leaked By Trik trojan Spam Botnet

About: Trik Trojan spam Botnet server was left misconfigured by its operators. Anyone having direct access to the IP could see its contents. 43 million emails addresses were leaked from the mailing list that the botnet operators were using for spreading the...  Read More  

| News | 43 Million Email Addresses leaked By Trik trojan Spam Botnet

43 Million Email Addresses leaked By Trik trojan Spam Botnet

The recipient list of over 43 million email addresses used by the Trik trojan Spam malware Trojan was leaked. The developers behind this malicious operation misconfigured its server and left it accessible. Anyone who could access this IP directly could view the Command and Control Server’s files.This threat was discovered when researchers were working on finding the hierarchal chain behind the Trik trojan. Trik trojan was using its spam email campaign to distribute the GandCrab 3 Ransomware.

The Trik Trojan email list was used by crooks to distribute their own virus infections. They would send spam email messages to users. Once the user opened the attachment in these spam mails, their PC would be infected by the malware.

Trik Trojan had rented out these lists for the GandCrab crew to provide them with ‘install space’ for their malware. The trik trojan has infected Systems around the world and assembled them into a large botnet. The botnet operators then use these systems to carry out their malspam campaigns.

The email addresses that were leaked reached a number of about 43 million. 98% email addresses in the leaked list are unique. There were around 2201 text document files named numerically from 1.txt to 2201.txt. each text document file contained around 20,000 email addresses.

Most of the emails addresses were from yahoo and AOL domains. The email addresses targeted are from old and outdated email service providers. The domains contained in the list are unique and numbered to about 4.6 million. They contained domains such as .gov, .org, .com and .co.** etc.

The vast majority of targeted email addresses came from Yahoo and AOL with 10.6 million and 8.3 million respectively. The list contained the least amount of Gmail addresses suggesting that either the list is incomplete or the targets were only older email services by the Trik Trojan Spam Botnet operators.

Researchers are working on finding out whether this list is new or have some previous recipients from older data dumps of mailing lists.

The Trik Trojan botnet operators have been active for 10 years. Propagating the GandCrab 3 Ransomware has again brought them into the limelight. It used to spread itself via worm through USB devices and through internet relay chat (IRC) like widows live messenger and skype.

Hits: 143

Leave a Reply

Your email address will not be published. Required fields are marked *

Did you find the article informative? Yes NO

Get Regular Updates Related to All the Threats

Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.

Virus Removal Guidelines
Plot No 319, Nandpuri- B Pratap Nagar
Jaipur
Rajasthan 302033
Phone: +91 9799661866