The “1.4 billion identity leak” that was hyped up before the weekend involved, no, not a database ransacking at Facebook, YouTube, or anything that important.
No, instead, an alleged US-based spam-slinging operation accidentally spilled its treasure chest of email addresses used to deluge netizens with special offers, marketing crap and the like.
On Friday, Twitter user Chris Vickery teased world plus dog that he was going public on Monday with news of a massive data breach of 1.37 billion records. And that turned out to be 1.37 billion email addresses amassed by River City Media (RCM) – an internet marketing biz apparently based in Jackson, Wyoming, that claims to emit up to a billion emails a day. All totally legit and solicited, of course.
Some of the records include real names, IP addresses, and physical addresses, it is claimed. Vickery said he “stumbled upon a suspicious, yet publicly exposed, collection of files,” and discovered they related to RCM. Among the millions and millions of contact details were chat logs and internal documents exposing the sprawling RCM empire, we’re told. It turns out the marketing biz has many tentacles and affiliates, mostly dressed up as web service providers and marketing operations.
“Someone had forgotten to put a password on this repository,” Vickery said. It is understood the data was a backup held in a poorly secured rsync-accessible system. It is also alleged that chat logs and internal files show RCM staff discussing Slowlaris-like tricks to overload mail servers and trick them into accepting mountains of messages.
It is understood RCM gathers its information from people applying for free gifts and online accounts, requesting credit checks, entering prize giveaways, and such things on the internet, or the information is bought from similar info-slurping outfits. Vickery said he managed to confirm that some of the data was real, although the addresses tended to be out of date.
RCM did not respond to a request for comment on Vickery’s findings. Meanwhile, anti-spam clearing house Spamhaus has blacklisted the organization’s entire infrastructure. ®
Source: The Register – Security @ March 6, 2017 at 08:18PM