43 Million Email Addresses leaked By Trik trojan Spam Botnet
The recipient list of over 43 million email addresses used by the Trik trojan Spam malware Trojan was leaked. The developers behind this malicious operation misconfigured its server and left it accessible. Anyone who could access this IP directly could view the Command and Control Server’s files.This threat was discovered when researchers were working on finding the hierarchal chain behind the Trik trojan. Trik trojan was using its spam email campaign to distribute the GandCrab 3 Ransomware.
The Trik Trojan email list was used by crooks to distribute their own virus infections. They would send spam email messages to users. Once the user opened the attachment in these spam mails, their PC would be infected by the malware.
Trik Trojan had rented out these lists for the GandCrab crew to provide them with ‘install space’ for their malware. The trik trojan has infected Systems around the world and assembled them into a large botnet. The botnet operators then use these systems to carry out their malspam campaigns.
The email addresses that were leaked reached a number of about 43 million. 98% email addresses in the leaked list are unique. There were around 2201 text document files named numerically from 1.txt to 2201.txt. each text document file contained around 20,000 email addresses.
Most of the emails addresses were from yahoo and AOL domains. The email addresses targeted are from old and outdated email service providers. The domains contained in the list are unique and numbered to about 4.6 million. They contained domains such as .gov, .org, .com and .co.** etc.
The vast majority of targeted email addresses came from Yahoo and AOL with 10.6 million and 8.3 million respectively. The list contained the least amount of Gmail addresses suggesting that either the list is incomplete or the targets were only older email services by the Trik Trojan Spam Botnet operators.
Researchers are working on finding out whether this list is new or have some previous recipients from older data dumps of mailing lists.
The Trik Trojan botnet operators have been active for 10 years. Propagating the GandCrab 3 Ransomware has again brought them into the limelight. It used to spread itself via worm through USB devices and through internet relay chat (IRC) like widows live messenger and skype.
Subscribe to our newsletter today to receive updates on the Latest News and Threats.
The researchers at Virus Removal Guidelines are dedicated to track down the latest vulnerabilities which may infringe your system security. Our team of expert performs a detailed research about every malware infection before educating our users about the same.
Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.